Fernando A. Barbeiro Campos

Hi @guy_malachi

I’m not 100% sure, but as far as I know, OpenAM doesn’t have an out-of-box fashion way where it is possible just to flag an option to skip Consent Page in version 13.
In version 13.5 I’m sure that they have and it works well.

There is a work-around procedure that will describe anyway (it can have anothers, this one worked for…[Read more]

Good suggestion @andrew-potter, I completely agree with you. I’ll try as soon as possible.

Thanks again :D

Regards,

At the end of the day, the attribute that I need to add to my LDAP User Attributes, as well as to my scope was “ibm-allgroups”.

Thanks for the collaborations Andrew.

Great, thanks @andrew-potter

I’m gonna try and I’ll share the result.

Regards

Just in order to provide further details:

This is a CURL with OpenDJ as DataStore
$ curl http://openam.example.com:8080/openam/oauth2/tokeninfo?access_token=XXXXYYYY

{"scope":"isMemberOf"],"realm":"/employee","isMemberOf":"cn=ROLE_EMPLOYEE,ou=groups,ou=employee,dc=example,dc=com","token_type":"Bearer","expires_in":22,"client_id":"poc",…[Read more]

Just in order to provide further details:

This is a CURL with OpenDJ as DataStore
$ curl http://openam.example.com:8080/openam/oauth2/tokeninfo?access_token=XXXXYYYY

{"scope":"isMemberOf"],"realm":"/employee","isMemberOf":"cn=ROLE_EMPLOYEE,ou=groups,ou=employee,dc=example,dc=com","token_type":"Bearer","expires_in":22,"client_id":"poc",…[Read more]

By the way, just to help:

https://backstage.forgerock.com/#!/docs/openam/13.5/dev-guide

Look for 2.1.1.4. Authentication and Logout

Hi Sathish,

I don’t know whether it’s your scenario or not, but if you’re willing to implement an authentication based on username / password, maybe a Zero Page Login could be suitable for you.

Essentially, according the doc, all that you have to do is implement a mechanism that do a post for a defined endpoint openam/json/authenticate:

$ curl…[Read more]

Hi Peter, very useful clue. I could generate my SAML assertion. Thank you so much.

A useful link is that one (https://idmdude.com/2014/02/09/how-to-configure-openam-signing-keys/) and after I have comprehended completely the certificate question, I was able to generate the SAML.

By the way, there is a small mistake in my JSON above… intead…[Read more]

Hi Peter, very useful clue. I could generate my SAML assertion. Thank you so much.

A useful link is that one (https://idmdude.com/2014/02/09/how-to-configure-openam-signing-keys/) and after I have comprehended completely the certificate question, I was able to generate the SAML.

By the way, there is a small mistake in my JSON above… intead…[Read more]

Hi @brado77,

Given that you’re evaluating the platform, one suggestion (then you decide whether is suitable or not for you) is to use a Docker Container to create an image and run a container with OpenAM. At least for my team, this approach helped when we’re at this same phase.

Here are some clues about…[Read more]

Hi @peterolsen

I don’t know whether your problem is exactly similar as one I have some months ago, but I had to expose OpenAM on 80 port. To do so, I edited server.xml from my OpenAM installation – tomcat/conf/server.xml
<Connector port="80" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8444" />

Anyway, my…[Read more]

Hi there,

sorry about delaying the answer, but at the end of the day I was having trouble because I was using OpenAM running into a container.

I was able to solve it by defining into my docker-compose file an entry:

extra_hosts:
– “openam.example.com:192.168.99.100”

Where 192.168.99.100 obviously represents my Docker local…[Read more]

Does anyone have already seen this error?

Thanks,

Hello @peter-major
I believe that I found the log you had mentioned. It seems that the problem is relationed with an UnknownHostException: openam.example.com, it is a clue, but, being honest, I’m not sure what exactly is wrong…

amConsole:07/22/2016 09:11:32:111 AM UTC: Thread: TransactionId
ERROR:…[Read more]

Hi @peter-major
Sorry for the poor description from my part.
My current version is: OpenAM 13.0.0 Build 5d4589530d (2016-January-14 21:15)

I’m running my OpenAM instance on Docker and the logs that I’m seeing are:
/openam/log/activity.csv
/openam/log/config.csv
/openam/log/access.csv

Is there any other place where I can find an useful log?