Wrong port on redirect setting up Openam

Tagged: , ,

This topic contains 3 replies, has 3 voices, and was last updated by Profile photo of david.bate david.bate 3 months, 2 weeks ago.

  • Author
    Posts
  • #15646
    Profile photo of HeeroYui HeeroYui 
    Participant

    Hello

    I am setting up OpenAM according to This OpenAM 13 Guide but am having an issue whereby when I navigate to Apache server on http://www.test.com:8001 it resolves to http://openam.test.com:8000/openam/UI/Login?goto=http%3A%2F%2Fwww.forgetest.com%3A8001%2F

    I have gone through the apache policy agent, OpenAM setup and httpd.conf and ensured it all references 8001 but still that redirect appears. Where else could that port be reference at that stage in my configuration? Am running on CentOS 7.2 (Core) through bash.

    All help appreciated

    many thanks

    james

    #15647
    Profile photo of Scott Heger Scott Heger 
    Participant

    That redirect is coming from the “OpenAM Login URL” setting in your policy agent. What is going on is that when you try to access your http://www.test.com:8001 website the policy agent is stepping in and when it finds you are not authenticated it redirects you to its configured “OpenAM Login URL” along with a goto parameter that OpenAM uses to redirect the user to upon successful authentication. If you need to change that “OpenAM Login URL”, log into your OpenAM console, navigate to your policy agent profile and go to the OpenAM Services tab. That setting is at the top of that page.

    Out of curiosity, what is the issue with this redirect? Were you expecting something different?

    #15648
    Profile photo of HeeroYui HeeroYui 
    Participant

    Hi Scott

    Thank you for replying. I was expecting 8080 sorry, which is the port my tomcat is on, apache is on 8001 so I am unsure where the 8000 is coming from? I have double checked my policy agent and the ports appear correct.

    many thanks

    James

    #15663
    Profile photo of david.bate david.bate 
    Participant

    Hi James,
    Can you check your agents OpenSSOAgentBootstrap.properties file? Check the com.iplanet.am.naming.url for what port is specified there.

    If that looks correct, I would then check my Agents central profile in OpenAM, to see if something was mistyped there?

    OpenAM –> Realm (or Access Control) –> Name of Realm –> Agents – Web –> Name of Agentprofile

    Thanks,
    David

Viewing 4 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic.

©2017 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?