OpenAM policy creation issue: could not add/authenticate Groups other than of master realm

Question

While creating OpenAM policy i couldn't find Group from same user store (can see groups in master realm).

Realm: / (Top Level Realm) > testRealm

Group in masterRealm: masterGroup

Group in testRealm: testGroup

Users in testGroup: admin

Create Policy(in testRealm) -> Define Subject Conditions ->

Type: Users&Groups Group Subjects: doesn't shows "testGroup" in auto completion text box (but shows masterGroup). Also i can see user "admin" in "User Subjects"

Why i am not able to see "testGroup"?

I created policy using "/policies" API with group name "testGroup". Users in testGroup: admin

when executes policy evaluation API it returns empty attributes.

when i tried with user name "admin" in "User Subjects" box, policy evaluation API gives values.

Whats the issue with Groups in sub Realm in Policy?

Its a bug. Issue resolved in OpenAM 13.0.0. – Firos S Feb 18 '16 at 04:12 — Firos S, Feb 18 '16 at 04:12

score 0 · Answer 1 · answered Feb 17 '16 at 14:06

0

issue already reported in JIRA.

https://bugster.forgerock.org/jira/browse/OPENAM-5386

answered Feb 17 '16 at 14:06

Jamsheer

3,673
3
29
57

OpenAM policy creation issue: could not add/authenticate Groups other than of master realm

Why i am not able to see "testGroup"?

1 Answers1