Fernando A. Barbeiro Campos

Home Members Fernando A. Barbeiro Campos

Learn more about our upcoming Identity Summits

show less show more
Profile picture of Fernando A. Barbeiro Campos

@fernandoabcampos

active 5 years, 5 months ago
Points balance: 311 ♪
Rank: Fernando A. Barbeiro Campos
  • Activity
  • Profile
  • Groups 0
  • Forums
  • Personal
  • Mentions
  • Favorites
  • Groups
  • Profile picture of Fernando A. Barbeiro Campos

    Fernando A. Barbeiro Campos replied to the topic Prevent consent page OpenAM 13 in the forum Access Management 5 years, 10 months ago

    Hi @guy_malachi

    I’m not 100% sure, but as far as I know, OpenAM doesn’t have an out-of-box fashion way where it is possible just to flag an option to skip Consent Page in version 13.
    In version 13.5 I’m sure that they have and it works well.

    There is a work-around procedure that will describe anyway (it can have anothers, this one worked for…[Read more]

  • Profile picture of Fernando A. Barbeiro Campos

    Fernando A. Barbeiro Campos replied to the topic /tokenInfo Endpoint retrieving isMemberOf group information with Tivoli in the forum Access Management 5 years, 10 months ago

    Good suggestion @andrew-potter, I completely agree with you. I’ll try as soon as possible.

    Thanks again :D

    Regards,

  • Profile picture of Fernando A. Barbeiro Campos

    Fernando A. Barbeiro Campos replied to the topic /tokenInfo Endpoint retrieving isMemberOf group information with Tivoli in the forum Access Management 5 years, 10 months ago

    At the end of the day, the attribute that I need to add to my LDAP User Attributes, as well as to my scope was “ibm-allgroups”.

    Thanks for the collaborations Andrew.

  • Profile picture of Fernando A. Barbeiro Campos

    Fernando A. Barbeiro Campos replied to the topic /tokenInfo Endpoint retrieving isMemberOf group information with Tivoli in the forum Access Management 5 years, 10 months ago

    Great, thanks @andrew-potter

    I’m gonna try and I’ll share the result.

    Regards

  • Profile picture of Fernando A. Barbeiro Campos

    Fernando A. Barbeiro Campos replied to the topic /tokenInfo Endpoint retrieving isMemberOf group information with Tivoli in the forum Access Management 5 years, 10 months ago

    Just in order to provide further details:

    This is a CURL with OpenDJ as DataStore
    $ curl http://openam.example.com:8080/openam/oauth2/tokeninfo?access_token=XXXXYYYY

    {"scope":"isMemberOf"],"realm":"/employee","isMemberOf":"cn=ROLE_EMPLOYEE,ou=groups,ou=employee,dc=example,dc=com","token_type":"Bearer","expires_in":22,"client_id":"poc",…[Read more]

  • Profile picture of Fernando A. Barbeiro Campos

    Fernando A. Barbeiro Campos replied to the topic /tokenInfo Endpoint retrieving isMemberOf group information with Tivoli in the forum Access Management 5 years, 10 months ago

    Just in order to provide further details:

    This is a CURL with OpenDJ as DataStore
    $ curl http://openam.example.com:8080/openam/oauth2/tokeninfo?access_token=XXXXYYYY

    {"scope":"isMemberOf"],"realm":"/employee","isMemberOf":"cn=ROLE_EMPLOYEE,ou=groups,ou=employee,dc=example,dc=com","token_type":"Bearer","expires_in":22,"client_id":"poc",…[Read more]

  • Profile picture of Fernando A. Barbeiro Campos

    Fernando A. Barbeiro Campos started the topic /tokenInfo Endpoint retrieving isMemberOf group information with Tivoli in the forum Access Management 5 years, 10 months ago

    Hi guys,

    Simple question:
    I had configured an OpenDJ as my DataStore and once I assigned a user to a group, I could retrieve it through the /openam/oauth2/tokeninfo?access_token=XXXXX endpoint (yes I’m dealing with OAuth2 providers and the value of groups returns since I had “isMemberOf” among my scopes and once I had defined under my datastore,…[Read more]

  • Profile picture of Fernando A. Barbeiro Campos

    Fernando A. Barbeiro Campos replied to the topic Openam Login page customization in the forum Access Management 5 years, 10 months ago

    By the way, just to help:

    https://backstage.forgerock.com/#!/docs/openam/13.5/dev-guide

    Look for 2.1.1.4. Authentication and Logout

  • Profile picture of Fernando A. Barbeiro Campos

    Fernando A. Barbeiro Campos replied to the topic Openam Login page customization in the forum Access Management 5 years, 10 months ago

    Hi Sathish,

    I don’t know whether it’s your scenario or not, but if you’re willing to implement an authentication based on username / password, maybe a Zero Page Login could be suitable for you.

    Essentially, according the doc, all that you have to do is implement a mechanism that do a post for a defined endpoint openam/json/authenticate:

    $ curl…[Read more]

  • Profile picture of Fernando A. Barbeiro Campos

    Fernando A. Barbeiro Campos replied to the topic Converting STS Token: OpenAM -> SAML2 in the forum Access Management 5 years, 11 months ago

    Hi Peter, very useful clue. I could generate my SAML assertion. Thank you so much.

    A useful link is that one (https://idmdude.com/2014/02/09/how-to-configure-openam-signing-keys/) and after I have comprehended completely the certificate question, I was able to generate the SAML.

    By the way, there is a small mistake in my JSON above… intead…[Read more]

  • Profile picture of Fernando A. Barbeiro Campos

    Fernando A. Barbeiro Campos replied to the topic Converting STS Token: OpenAM -> SAML2 in the forum Access Management 5 years, 11 months ago

    Hi Peter, very useful clue. I could generate my SAML assertion. Thank you so much.

    A useful link is that one (https://idmdude.com/2014/02/09/how-to-configure-openam-signing-keys/) and after I have comprehended completely the certificate question, I was able to generate the SAML.

    By the way, there is a small mistake in my JSON above… intead…[Read more]

  • Profile picture of Fernando A. Barbeiro Campos

    Fernando A. Barbeiro Campos replied to the topic Trial / Getting Started crashes, can't login in the forum Access Management 5 years, 11 months ago

    Hi @brado77,

    Given that you’re evaluating the platform, one suggestion (then you decide whether is suitable or not for you) is to use a Docker Container to create an image and run a container with OpenAM. At least for my team, this approach helped when we’re at this same phase.

    Here are some clues about…[Read more]

  • Profile picture of Fernando A. Barbeiro Campos

    Fernando A. Barbeiro Campos replied to the topic Tomcat gives 404 for /openam in the forum Access Management 5 years, 11 months ago

    Hi @peterolsen

    I don’t know whether your problem is exactly similar as one I have some months ago, but I had to expose OpenAM on 80 port. To do so, I edited server.xml from my OpenAM installation – tomcat/conf/server.xml
    <Connector port="80" protocol="HTTP/1.1"
    connectionTimeout="20000"
    redirectPort="8444" />

    Anyway, my…[Read more]

  • Profile picture of Fernando A. Barbeiro Campos

    Fernando A. Barbeiro Campos started the topic Converting STS Token: OpenAM -> SAML2 in the forum Access Management 5 years, 11 months ago

    Hi guys, I need to convert an OpenAM token into a SAML2 and the appropriate subject confirmation for my case is HOLDER_OF_KEY. Given that, I read the documentation and it’s well defined there that:

    When generating an assertion with a holder-of-key subject confirmation method, the proof_token_state property is required. The value for this property…

    [Read more]

  • Profile picture of Fernando A. Barbeiro Campos

    Fernando A. Barbeiro Campos started the topic Converting STS Token: OpenAM -> SAML2 in the forum Access Management 5 years, 11 months ago

    Hi guys, I need to convert an OpenAM token into a SAML2 and the appropriate subject confirmation for my case is HOLDER_OF_KEY. Given that, I read the documentation and it’s well defined there that:

    When generating an assertion with a holder-of-key subject confirmation method, the proof_token_state property is required. The value for this property…

    [Read more]

  • Profile picture of Fernando A. Barbeiro Campos

    Fernando A. Barbeiro Campos replied to the topic AMUncaughtException while configuring Rest STS in the forum Access Management 5 years, 11 months ago

    Hi there,

    sorry about delaying the answer, but at the end of the day I was having trouble because I was using OpenAM running into a container.

    I was able to solve it by defining into my docker-compose file an entry:

    extra_hosts:
    – “openam.example.com:192.168.99.100”

    Where 192.168.99.100 obviously represents my Docker local…[Read more]

  • Profile picture of Fernando A. Barbeiro Campos

    Fernando A. Barbeiro Campos replied to the topic AMUncaughtException while configuring Rest STS in the forum Access Management 6 years ago

    Does anyone have already seen this error?

    Thanks,

  • Profile picture of Fernando A. Barbeiro Campos

    Fernando A. Barbeiro Campos replied to the topic AMUncaughtException while configuring Rest STS in the forum Access Management 6 years ago

    Hello @peter-major
    I believe that I found the log you had mentioned. It seems that the problem is relationed with an UnknownHostException: openam.example.com, it is a clue, but, being honest, I’m not sure what exactly is wrong…

    amConsole:07/22/2016 09:11:32:111 AM UTC: Thread: TransactionId
    ERROR:…[Read more]

  • Profile picture of Fernando A. Barbeiro Campos

    Fernando A. Barbeiro Campos replied to the topic AMUncaughtException while configuring Rest STS in the forum Access Management 6 years ago

    Hi @peter-major
    Sorry for the poor description from my part.
    My current version is: OpenAM 13.0.0 Build 5d4589530d (2016-January-14 21:15)

    I’m running my OpenAM instance on Docker and the logs that I’m seeing are:
    /openam/log/activity.csv
    /openam/log/config.csv
    /openam/log/access.csv

    Is there any other place where I can find an useful log?

  • Profile picture of Fernando A. Barbeiro Campos

    Fernando A. Barbeiro Campos started the topic AMUncaughtException while configuring Rest STS in the forum Access Management 6 years ago

    Hello everyone,

    I’m not getting success while configuring a Rest STS with OpenAM. Basically, the flow is demonstrated into the image above.

    Problem happening

    The result that I’m getting is a AMUncaughtException, which one I couldn’t see anything to have a clue in logs and anywhere else.

    Does this configuration require previous step?
    Am I doing something wrong?

    Thanks,

  • Load More
Profile Photo [email protected] Profile Photo abducar1

Search the forums

Leaderboard

The leaderboard is based on our rockin' informal points system, read about it here.

Recent blog posts

  • Using an Authentication Tree Stage to Build a Custom UI with the ForgeRock JavaScript SDK February 26, 2020
  • Identity Workflow with AM using Zeebe and Cloud Functions February 19, 2020
  • IDM: Zero Downtime Upgrade Strategy Using a Blue/Green Deployment January 23, 2020
  • DS: Zero Downtime Upgrade Strategy Using a Blue/Green Deployment January 22, 2020
  • AM and IG: Zero Downtime Upgrade Strategy Using a Blue/Green Deployment January 22, 2020
Visit our blog

Recent Topics

  • Handle exception in Node Patch Object
  • SP Initiated SSO – Unable to do sso or federation
  • Realm level access
  • How can I generate 32 bytes Random salt in js script
  • Bypass Login Page in Chain

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

  • Blog
  • Documentation
    • OpenAM / Access Management
    • OpenDJ / Directory Services
    • OpenIDM / Identity Management
    • OpenIG / Identity Gateway
    • OpenICF / Open Connector Framework
    • Intro to Identity
  • Forums
    • General Discussion
    • ForgeRock Products
      • OpenAM
      • OpenIDM
      • OpenDJ
      • OpenIG
      • OpenUMA
    • DevOps
    • Internet of Things
    • Documentation
    • Groups
  • Twitter
  • Facebook
  • Linkedin
  • Youtube

Log in with your credentials

Lost your password?

Forgot your details?

I remember my details