Since upgrading to Liferay Sync 1.2 I can no longer use it with OpenAM. In Liferay Sync 1.1 I was able to work around OpenAM by publicly allowing access to /api/secure/webdav/* and /api/secure/jsonws/* and then Sync would hit them directly. With 1.2 it looks like it does a check for OpenAM now and then tries to send the request through OpenAM's login page. I'm noticing a couple of things that maybe preventing it from working properly.
1.) www.example.com is my Liferay server and sso.example.com is OpenAM. When someone browses to www.example.com they are automatically redirected to sso.example.com for authentication. When sync uses www.example.com it tries to do the redirect and then does nothing. The sso.log displays: 06 Mar 2014 08:10:26,837 DEBUG [SSOAutoLogin:81] SSO login attempt resulted in status code:
If I put the full OpenAM url (https://sso.example.com/openam/UI/Login?goto=https://www.example.com) then it appears to attempt a sign-on to OpenAM. Which is when I see the second issue.
2.) Sync attempts to sign on to OpenAM but ends up displaying the error message: 06 Mar 2014 08:11:19,372 TRACE [SSOAutoLogin:228] SSO authentication failed to find login form
OpenAM uses the name form name "Login" for its html form so my guess is its not looking for "Login"
I'm attaching my sso.log to show what I'm seeing.