I have used openAM for enabling SSO(Single Sign On) and for authentication for several components (web app, J2EE app). When creating and configuring a policy in OpenAM Admin Console, It is needed to add http://app1.kpp.com:4413/myApp*?* and http://app1.kpp.com:4413/myApp/* in Available resource pattern field.
I have understood the 2nd pattern. it means all resource pattern which have a suffix of "http://app1.kpp.com:4413/myApp"
but what does it mean by *?* in first resource pattern: http://app1.kpp.com:4413/myApp*?*
Thanx for any help.
URLs with request parameters (the 1st parameter is appended with '?') are not matched by the '*' pattern, hence you explicitly need the 2nd rule to match those requests.
However this is 'authorization' and not 'authentication' or 'SSO'.
If you only need 'authentication' and 'SSO' you can use 'SSO only mode' for agents and there is no need for any URL policy.