IBM Security Verify

 View Only
  • 1.  Problem with OAuth access control.

    Posted Fri May 17, 2019 10:03 AM
    Hi,

    I have an issue which i have made a PMR for but maybe some have a clue on how to solve it.

    I have an access policy that works fine in secure domain, but the same policy fails (403) in an other domain.
    I get this in the message log from the webseal.

    "DPWBA0308W The header key name is missing for the app_context_data key: AZN_EAS_POP_LOCATION_ATTRIBUTE "

    I have tried googling both AZN_EAS_POP_LOCATION_ATTRIBUTE and DPWBA0308W but cannot find any useful information regarding them.

    ------------------------------
    Regards Mikael
    ------------------------------


  • 2.  RE: Problem with OAuth access control.

    Posted Mon July 15, 2019 03:28 PM

    Hi Mikael, 

    How are you using OAuth on WebSEAL? Are you using oauth-auth configured in the [oauth] stanza, or the legacy oauth-eas

    Thank you



    ------------------------------
    Leo Farrell
    ------------------------------



  • 3.  RE: Problem with OAuth access control.

    Posted Fri July 19, 2019 02:35 AM
    ​Hi @Leo Farrell

    We use oauth-auth and the issue after some investigation was that special-eas = trigger_rba_eas was not set.​​​

    ------------------------------
    Regards Mikael
    ------------------------------