cristianoburgo

Home Members cristianoburgo

Learn more about our upcoming Identity Summits

show less show more
Profile picture of cristianoburgo

@cristianoburgo

active 2 years, 11 months ago
Points balance: 202 ♪
Rank: Indie Mixtape
  • Activity
  • Profile
  • Groups 0
  • Forums
  • Personal
  • Mentions
  • Favorites
  • Groups
  • Profile picture of cristianoburgo

    cristianoburgo replied to the topic opendj 5 sync password to opendim 4: javax.crypto.BadPaddingException in the forum Identity Management 3 years, 6 months ago

    Enabling the debug on openidm side, i see the request correctly executed:

    Request: { “method”: “action”, “resourcePath”: “policy/managed/user/f9fb2d63-e494-4ab3-906f-ffc592bc3e3b”, “action”: “validateProperty”, “additionalParameters”: { “external”: “true” }, “fields”: , “content”: { “passwordldap”: { “$crypto”: { “type”: “x-simple-encryption”,…[Read more]

  • Profile picture of cristianoburgo

    cristianoburgo started the topic opendj 5 sync password to opendim 4: javax.crypto.BadPaddingException in the forum Identity Management 3 years, 6 months ago

    I’m trying to configure the password synchronization from opendj 5 to openidm 4.
    I’m using a attribute on openidm called passwordldap .

    If I change the password on opendj this error is shown on openidm log:

    AM org.forgerock.openidm.servlet.internal.ServletConnectionFactory$4 handleException
    AVVERTENZA: Resource exception: 500 Internal Server…[Read more]

  • Profile picture of cristianoburgo

    cristianoburgo replied to the topic opendj 5 sync password to opendim 4: java.security.InvalidKeyException: Illegal in the forum Identity Management 3 years, 6 months ago

    just solved the issue updating the Java Cryptography Extension (JCE) to the Unlimited Strength Jurisdiction Policy Files according to my JDK and this error disappear.

  • Profile picture of cristianoburgo

    cristianoburgo started the topic opendj 5 sync password to opendim 4: java.security.InvalidKeyException: Illegal in the forum Identity Management 3 years, 6 months ago

    i’m just configured the password sync between opendj 5 and openidm 4.
    When I changed the password on the opendj side, this is successfully propagated to the openidm side but this error is shown:

    lug 24, 2017 4:02:29 PM org.forgerock.openidm.servlet.internal.ServletConnectionFactory$4 handleException
    WARNING: Resource exception: 500 Internal…
    [Read more]

  • Profile picture of cristianoburgo

    cristianoburgo replied to the topic opendj 5 sync password: an error occurred while trying to load the trust store in the forum Directory Services 3 years, 6 months ago

    just solved the issue, was the trust manager. I created a new one using the dsconfig and the entry is successfully created.

  • Profile picture of cristianoburgo

    cristianoburgo started the topic opendj 5 sync password: an error occurred while trying to load the trust store in the forum Directory Services 3 years, 6 months ago

    i’m following the guide to configure the password sync for opendj 5 to openidm 4.
    this is my configuration:

    dn: cn=OpenIDM Notification Handler,cn=Account Status Notification Handlers,cn=config
    objectClass: top
    objectClass: ds-cfg-account-status-notification-handler
    objectClass: ds-cfg-openidm-account-status-notification-handler
    cn: OpenIDM…
    [Read more]

  • Profile picture of cristianoburgo

    cristianoburgo started the topic Agent J2ee is not working on Tomcat 8 in the forum Access Management 3 years, 7 months ago

    I installed the agent tomcat_v6_agent_3.5.1 on a tomcat server 8.0.44 . The JVM is 1.7.0_141 .
    On the same Tomccat i have also IG 5 installed on the root.

    After a correct Agent installation, i boot up the tomcat server and this error is shown repeatedly:

    Caused by: java.lang.RuntimeException: Failed to load configuration:…[Read more]

  • Profile picture of cristianoburgo

    cristianoburgo replied to the topic Policy http header response not set in the forum Access Management 3 years, 7 months ago

    What i experimented is that, it must be a mapping between the HTTP attributes defined into the policy and the ones defined on the webagent. So an attribute must be in both places to be shown as i want.

    I don’t know if this is the desired behavior.

  • Profile picture of cristianoburgo

    cristianoburgo started the topic Policy http header response not set in the forum Access Management 3 years, 7 months ago

    I have a jsp page that print all the HTTP HEADER VARIABLE, this jsp page is on a wildfly application server and it is protected by a webagent on an apache server. The apache server act as a reverse proxy and the application is configured in a virtual host.

    This is the Jsp code:

    <table>
    <%
    Enumeration enumeration =…
    [Read more]

  • Profile picture of cristianoburgo

    cristianoburgo replied to the topic PASSWORD CONDITIONAL UPDATE in the forum Identity Management 3 years, 7 months ago

    Just solved using a “flag” field to store if the password is changed on openidm.
    Then use this field during a conditional update:
    object.adpwdchg == ‘1’;

    After the update this field is then restored to ‘0’ so during the next update the password is not changed again.

  • Profile picture of cristianoburgo

    cristianoburgo started the topic PASSWORD CONDITIONAL UPDATE in the forum Identity Management 3 years, 8 months ago

    I need to update the password from openidm to AD only if this is changed on OPENIDM.
    In fact if the password is set into a mapping this is changed on AD even if it is not changed.
    This has a weird behaviour because the password changed on AD change also automatically the AD attribute pwdLastset and so the user cannot change its password because…[Read more]

  • Profile picture of cristianoburgo

    cristianoburgo started the topic Stop openidm linux service fails on centos 7 in the forum Identity Management 3 years, 8 months ago

    i have created the startup scritp for openidm on a CENTOS 7 machine.
    The service is started correctly as openidm user but when i try to stop it with /etc/init.d/openidm stop
    the service don’t stop. I can stop the service only issuing the command : pkill java .
    The pid file is created correctly.

    This is my file:

    #!/bin/sh

    # chkconfig: 345 95…[Read more]

  • Profile picture of cristianoburgo

    cristianoburgo replied to the topic DEVOPS architecture do not support OpenAM Web Policy Agent in the forum DevOps 3 years, 8 months ago

    Yes, thanks a lot.

    What i’m trying to do is to build an environment using OPENAM, OPENDJ and HTTPD with docker containers and managing the service scaling and clustering with swarm.

    What do you think, this can be good for a production architecture or using container for OPENAM is something related to “experiment” yet ?

  • Profile picture of cristianoburgo

    cristianoburgo started the topic DEVOPS architecture do not support OpenAM Web Policy Agent in the forum DevOps 3 years, 8 months ago

    I’m just reading the devops guide for the Forgerock platform.
    One limitiation is worring me: The DevOps Examples do not support OpenAM Web Policy Agent.

    This means that if i configure an http server as a reverse proxy front-end, cannot this run into a docker container with a web policy agent ?

    Is this valid also for other components like J2ee…[Read more]

  • Profile picture of cristianoburgo

    cristianoburgo replied to the topic CHANGE PASSWORD USING REST API in the forum Identity Management 3 years, 8 months ago

    Just understanding how the gui do and that is the solution. You must insert the cookie and the re-auth password on the patch call:

    urlPassword = 'https://localhost:8443/openidm/managed/user/' + userId
    headersPatch = {'Content-Type': 'application/json','Cookie': cookie,'X-OpenIDM-Reauth-Password': 'Qwerty.1234',…
    [Read more]

  • Profile picture of cristianoburgo

    cristianoburgo started the topic CHANGE PASSWORD USING REST API in the forum Identity Management 3 years, 8 months ago

    i’m trying to do a password change using the REST API.
    This is the code snippet in python:

    #CHANGE USER PASSWORD

    import requests
    import json

    #READING THE OBJECTID
    url = 'https://localhost:8443/openidm/info/login'
    headers = {'X-OpenIDM-Username': 'test1','X-OpenIDM-Password': 'Welcome3!'}
    resp =…
    [Read more]

  • Profile picture of cristianoburgo

    cristianoburgo started the topic Executing workflow with random error executing gettasksview.js in the forum Identity Management 3 years, 8 months ago

    Executing a workflow, sometimes generate an internal server error on UI on assigning or approving a task.
    Reading the log server.out, it is written:

    Resource exception: 500 Internal Server Error: “TypeError: Cannot read property “processDefinitionId” from null (/home/openidm/openidm/bin/defaults/script/workflow/gettasksview.js#145) in…[Read more]

  • Profile picture of cristianoburgo

    cristianoburgo replied to the topic Open IDM Admin console customization based on role memberships in the forum Identity Management 3 years, 9 months ago

    Is managed/role/d59dcf20-c5a5-4574-ae96-06640908c955 assigned to the user as an “authzRole”? YES

    What do you see in the browser’s network trace for the request to /openidm/info/login, when submitting the user’s credentials?

    Request Headers

    Accept:application/json, text/javascript, */*; q=0.01
    Accept-Encoding:gzip, deflate, sdch, br
    Acce…
    [Read more]

  • Profile picture of cristianoburgo

    cristianoburgo's profile was updated 3 years, 9 months ago

  • Profile picture of cristianoburgo

    cristianoburgo replied to the topic Splitting ui-admin role of OpenIDM in ui-configuration in the forum Identity Management 3 years, 9 months ago

    we are trying to do the same here: https://forum.forgerock.com/topic/open-idm-admin-console-customization-based-on-role-memberships/

  • Load More
Profile Photo qqi Profile Photo sebastien.faivre

Search the forums

Leaderboard

The leaderboard is based on our rockin' informal points system, read about it here.

Recent blog posts

  • Using an Authentication Tree Stage to Build a Custom UI with the ForgeRock JavaScript SDK February 26, 2020
  • Identity Workflow with AM using Zeebe and Cloud Functions February 19, 2020
  • IDM: Zero Downtime Upgrade Strategy Using a Blue/Green Deployment January 23, 2020
  • DS: Zero Downtime Upgrade Strategy Using a Blue/Green Deployment January 22, 2020
  • AM and IG: Zero Downtime Upgrade Strategy Using a Blue/Green Deployment January 22, 2020
Visit our blog

Recent Topics

  • Trusted JWT Issuer Agents config not included in amster export
  • JIT user migration – MigrationSSOFilter is missing ForgeRock HTTP client library
  • Workflow Debugging
  • Modifying SAML Response
  • Context on managed object attribute with onStore script

©2021 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

  • Blog
  • Documentation
    • OpenAM / Access Management
    • OpenDJ / Directory Services
    • OpenIDM / Identity Management
    • OpenIG / Identity Gateway
    • OpenICF / Open Connector Framework
    • Intro to Identity
  • Forums
    • General Discussion
    • ForgeRock Products
      • OpenAM
      • OpenIDM
      • OpenDJ
      • OpenIG
      • OpenUMA
    • DevOps
    • Internet of Things
    • Documentation
    • Groups
  • Twitter
  • Facebook
  • Linkedin
  • Youtube

Log in with your credentials

Lost your password?

Forgot your details?

I remember my details