development icon indicating copy to clipboard operation
development copied to clipboard

Published 20 hours ago verified publisher icon servicecatalog

Non-existing tenantID in URL prevents access with existing tenantID

Open StavrevaS opened this issue 8 years ago • 3 comments

[How to reproduce]

  1. Platform operator registers a tenant (e.g tenantID="ad43fe78"); The administration portal URL for this tenant will be http://:/oscm-portal/?tenantID=ad43fe78;
  2. The user tries to acess the URL, but types a wrong tenantID e.g http://:/oscm-portal/?tenantID=ad43fe79. Tenant with id ad43fe79 does not exist on the platform.

[Expected] Error message for non-existing tenant. When the user corrects the tenantID, he should be able to login in the tenant-specific IDP.

[Observed] Error message for non-existing tenant, even after the user corrects the tenantID. Onyl after deleting the browser cookies, the user is able to login to the tenant-specific IDP.

Probably the wrong tenantID is saved in the session, and not updated with the correct one.

StavrevaS avatar Oct 21 '16 10:10 StavrevaS