Default Project CR-35

OPENAM-56: unable to get or set properties on a restricted token

Under Review for 24 months (due 24 months ago)

  •  
  •  
  •  
  •  
  • Author & Moderator
  • Reviewers
 

CR-35

  • Expand all
  • Collapse all
Summarize the review outcomes (optional)
Preview wiki syntax help
 
#permalink

Details

Warning: no files are visible, they have all been filtered.
Participant Role Time Spent Comments Latest Comment
steve
Author & Moderator 5m    
GuruAllan
Reviewer - 0% complete      
jonathan
Reviewer - 0% complete      
Total   5m 0  
#permalink

Objectives

If restricted tokens are in use then a restricted token can be used as part of a policy evaluation. If the policy evaluation calls into a policy component such as a Condition that tries to set a property on said token then it's Exception time.

There needs to be a way on the OpenAM server (and only the OpenAM server for security reasons) to allow code to de-reference a restricted token to a master token and then allow the property to be get/set.

Fix is low risk as it does not directly effect existing functionality

#permalink

General Comments

There are no general comments on this review.
/trunk/opensso/.../service/GetHttpSession.java Changed
Open in IDE
#permalink
/trunk/opensso/.../service/SessionService.java Changed
Open in IDE
#permalink
/trunk/opensso/.../dpro/session/Session.java Changed
Open in IDE
#permalink
/trunk/opensso/.../dpro/SSOTokenImpl.java Changed
Open in IDE
#permalink
/trunk/opensso/.../iplanet/sso/SSOToken.java Changed
Open in IDE
#permalink

Review updated: Reload | Ignore | Collapse

You cannot reload the review while writing a comment.

 

Create Issue

X
Assign To Me
 

Log time against