October 27, 2017 at 12:21 pm #19354ahodzicParticipant
We use OpenAM 11.0.3 Community Edition) where numerous web agents are setup for various environments, and all agent/sURLs work ideally in “SSO Only Mode”.
However, we have different groups of users which we’d like to limit from accessing agents (URLs) for every environment.
I’ve setup, policies which should do this, but once I disable “SSO Only Mode” for the web agent I setup policy for I’ll encounter “403 Forbidden” and agent debug log will report one interesting warning:
2017-10-27 10:13:53.282 +0000 WARNING [0x7f5e1a7fb700:31601] validate_policy(): decision: deny, reason: no action decisions found
Which means that policies I set up for that URL are completely ignored and aren’t even validated.
Under policies resource name I’ll set
delete/get/head/options/patch/post/putwhich should allow anything. But from what I understand, this policy never even gets verified by “validate_policy()”.
Could somebody please shed some light on how I could enforce this set policy, or so it even gets validated.
Thanks!October 27, 2017 at 2:45 pm #19359ahodzicParticipant
Problem solved, please ignore/close this thread.October 1, 2019 at 8:31 pm #26604Rick521Participant
Also i’m using 13.5 version currently.
You must be logged in to reply to this topic.