Skip to end of metadata
Go to start of metadata

Change so that CDSSO becomes the default.


This would be the hottest topic at the moment... unfortunately everything else is pretty hot too.

AMAGENTS-241 - Getting issue details... STATUS

(also these two which are basically the same thing...)

AME-6507 - Getting issue details... STATUS OPENAM-3888 - Getting issue details... STATUS

Replicate the Web Agents redirect behaviour in the Java Agents.


Another two hot topics, which when taken together actually prevent the writing of Unit Tests:

AMAGENTS-243 - Getting issue details... STATUS AMAGENTS-265 - Getting issue details... STATUS


Further PLL-endpoint removal is required:

AMAGENTS-274 - Getting issue details... STATUS



OPENAM-8228 - Getting issue details... STATUS

Redirect to a separate website on logout, J2EE PA would concatenate <logout URL> + <logout entry URI>


OPENAM-4022 - Getting issue details... STATUS

Infinite redirect loop between Agent and OpenAM.  I have seen this happen many times.  Could have a cookie containing a counter which is passed back and forth and break out when the counter gets past a certain limit.

It doesn't fix the core problem though (lack of cookie from OpenAM).


Possibly add in a configurable endpoint to give an agent status. Would have to figure out what to put on the status page - probably as much as possible.  This was to be the subject of a hackday, but hasn't happened yet.


And then...

  • Cloud
  • Check on Agent Logout (agent calls logout endpoint and invalidates cache entries) and OIDC
  • How the agent handles (or doesn't handle) advice(s)
  • Remote auditing especially in client.PolicyEvaluator logAccessMessage
  • Remote logging
  • Strip the SDK Cache out of the AgentCache
  • Alex security scan reports
  • The Crypto that the agent uses is out of date (SHA-1)
  • Failover and autonomous servers
  • Continuous security
  • PolicyDecisionDelegator getResponseDecisions must use the OpenAM REST endpoint to get the profile attributes
  • Cache SSOValidationResult objects and fill them with wonderful things like the profile attributes and session properties
  • Guice Provider cleanup
  • No labels