Hello everybody,
We are setting up our first OIDC Relying Party, and everything seemed quite easy to kickstart, until we ran into an encoding issue.
If the JWT generated by the OIDC Identity Provider contains any claims with non ascii characters, they seem to not be correctly encoded by the runtime before returning back to values to webseal via http headers.
The consequence is that the authentification fails with
DPWWA2077E Could not authenticate user. An EAI server returned invalid authentication data.Here is a pdweb.debug of the runtime response to webseal:
The junction to the runtime (/mga) is correctly set to "UTF-8 URI Encoded" for HTTP Header Encoding, but it clearly isn't enough.
Am I missing something somewhere to force the runtime to correctly encode the claim values before sending them back to webseal ?
Thanks for any tip
------------------------------
André Leruitte
------------------------------