Default Project CR-8238

Fix for OPENAM-6883 - SystemConfigurationUtil maintains a list of server URLs that assume lowercase...

Closed on 23 Sep 15

  • Author & Moderator
  • Reviewers
    • Reviewer completed
    • Reviewer completed
    • Reviewer completed
    • Reviewer completed

CR-8238 5

Keyboard shortcuts  
Summarize the review outcomes (optional)


Warning: no files are visible, they have all been filtered.
Participant Role Time Spent Comments Latest Comment
Author & Moderator 1h 1 Completely agree but from what I have seen of the server ...
Reviewer - Complete 16m 1 it feels a bit odd that idToServerTable has the original ...
Reviewer - Complete 13m 1 So as far as I can see there's 3 calls using getServerFro...
Reviewer - Complete 1m 1 lgtm
Reviewer - Complete 16m 1 LGTM
Total   1h 45m 5  


SystemConfigurationUtil maintains a list if server IDs to server URLs and is used when Federation calls need to be made to the original server.

The URLs being stored assume that the deployment context is always lowercase so a lookup of a server ID always returns a lowercase version of the URL. If the deployment context is not all lower case, the request fails with a 404.

For example, a set of servers made up of:


These are stored in the list as and so a request meant for 2 that hits 1 is sent to which fails with a 404.

Example problem case can be seen in IDPArtifactResolution.onMessage()

    String remoteServiceURL = SystemConfigurationUtilgetServerFromID(targetServerID);
    remoteArtURL = remoteServiceURL + SAML2Utils.removeDeployUri(request.getRequestURI());
    SOAPConnection con = SAML2Utils.scf.createConnection();
    SOAPMessage resMsg =, remoteArtURL);

So a request that should go to ends up going to

The fix ensures that the server URL is kept in its original case and is returned as the result of a server ID lookup, which is then used in real cross-talk Federation calls.


Issues Raised From Comments

Key Summary State Assignee

General Comments

18 Sep 15

Ken Stubbings says:


21 Sep 15

David Luna says:


22 Sep 15

jonthomas says:

So as far as I can see there's 3 calls using getServerFromID(), probably most involved is SAMLUtils.getServerURL() method- but it all looks ok with this change.

/openam-federation/.../common/ Changed  
Open in IDE #permalink
/openam-federation/.../common/ Changed   2
Open in IDE #permalink

Review updated: Reload | Ignore | Collapse

You cannot reload the review while writing a comment.

Create Issue

Assign To Me

Log time against