Gregory Wright

Home Members Gregory Wright

Learn more about our upcoming Identity Summits

show less show more
Profile picture of Gregory Wright

@greg-wrightredrockgs-com

active 5 years, 8 months ago
Points balance: 191 ♪
Rank: Gregory Wright
  • Activity
  • Profile
  • Groups 0
  • Forums
  • Personal
  • Mentions
  • Favorites
  • Groups
  • Profile picture of Gregory Wright

    Gregory Wright replied to the topic Why CREST? in the forum General Discussion 5 years, 9 months ago

    I went back an re-read the section on safe methods, and it seems like the change of session state would be permitted, if that is not the purpose of the call (e.g., the purpose of the query method from the client perspective is not to change session state, but to query the current status of the session).

    This definition of safe methods does…

    [Read more]

  • Profile picture of Gregory Wright

    Gregory Wright started the topic Resource Type UUID in OpenAM 13 in the forum Access Management 5 years, 9 months ago

    I am curious about the rationale behind exposing the resource type UUID in the REST API for OpenAM, and requiring its use in the resource type, policy set and policy REST APIs. This seems a bit “unfriendly” from a configuration maintainer perspective in that now instead of being able to simply POST a series of CM’ed JSON files to load up an…[Read more]

  • Profile picture of Gregory Wright

    Gregory Wright replied to the topic Want to build OpenAM with custom IdRepo in the forum Access Management 5 years, 10 months ago

    Two other links that might be helpful as examples / explanation of overlays that are not specific to OpenAM:

    Walkthrough of overlaying the contents of an existing WAR

    Example project showing how to customize CAS modules using Maven overlays

    Hope this helps both of us!

  • Profile picture of Gregory Wright

    Gregory Wright replied to the topic Want to build OpenAM with custom IdRepo in the forum Access Management 5 years, 10 months ago

    I’d been looking into this myself, and if I am reading things correctly, the best / recommended approach to customizing a distribution of OpenAM is to leverage the overlay feature of the Maven WAR plugin. My understanding of this is that you create a Maven project that will be used to overlay the OpenAM WAR contents with the files you want…[Read more]

  • Profile picture of Gregory Wright

    Gregory Wright replied to the topic Want to build OpenAM with custom IdRepo in the forum Access Management 5 years, 10 months ago

    I’d been looking into this myself, and if I am reading things correctly, the best / recommended approach to customizing a distribution of OpenAM is to leverage the overlay feature of the Maven WAR plugin. My understanding of this is that you:

    Create a Maven project that will be used to overlay the OpenAM WAR contents with the files you want…[Read more]

  • Profile picture of Gregory Wright

    Gregory Wright replied to the topic Want to build OpenAM with custom IdRepo in the forum Access Management 5 years, 10 months ago

    I’d been looking into this myself, and if I am reading things correctly, the best / recommended approach to customizing a distribution of OpenAM is to leverage the overlay feature of the Maven WAR plugin. My understanding of this is that you:

    Create a Maven project that will be used to overlay the OpenAM WAR contents with the files you want…[Read more]

  • Profile picture of Gregory Wright

    Gregory Wright replied to the topic Accessing external data sources via server-side script in the forum Access Management 5 years, 11 months ago

    @jamiebowen would it be possible to get someone to look at this? Circling back around to this finally, and would love to have an answer.

  • Profile picture of Gregory Wright

    Gregory Wright started the topic Accessing external data sources via server-side script in the forum Access Management 6 years, 1 month ago

    I have a few questions with regards to the server-side scripting capability for policy conditions added in OpenAM 13:

    * Does the HTTP client interface support HTTPS with mutual PKI authentication, for accessing web services that require a client PKI certificate?

    * If so, how does OpenAM choose the client certificate to be used?

    * Is there a way…[Read more]

  • Profile picture of Gregory Wright

    Gregory Wright replied to the topic Windows Socket Create Error Under Git Bash in the forum Directory Services 6 years, 2 months ago

    I can only assume that sometime prior to upgrading the versions of Git and Java, things worked more by accident than design (e.g., the Windows Java environment got picked up by the version Bash provided by the prior version of Git). Once I defined the OPENDJ_JAVA_HOME environment variable for my Windows user as described in the installation…[Read more]

  • Profile picture of Gregory Wright

    Gregory Wright started the topic Windows Socket Create Error Under Git Bash in the forum Directory Services 6 years, 3 months ago

    I have not had a fruitful day of tracking down an answer to this via Google, so I am turning to you all to see if someone else has run into this issue or something similar. Any help would be greatly appreciated.

    I am running into the following error when trying to run the LDAP utility commands and the control-panel application for OpenDJ (2.7 and…[Read more]

  • Profile picture of Gregory Wright

    Gregory Wright replied to the topic Why CREST? in the forum General Discussion 6 years, 3 months ago

    Thank you very much for the additional insight James. It was not apparent from the documentation that query operations for tokens or sessions might have the side effect of expiring / invalidating the token or session. Is this also a side effect of other CREST API calls, or is it only triggered by the token / session queries?

  • Profile picture of Gregory Wright

    Gregory Wright started the topic Why CREST? in the forum General Discussion 6 years, 7 months ago

    I am just curious as to the rationale behind how the ForgeRock Common REST (CREST) API was derived, and why it does not conform to the more traditional REST use of HTTP verbs. An existing forum or blog post, wiki article or documentation link would be fine (I see in the OpenAM Developers manual that this is a conscious divergence, but I’d like to…[Read more]

  • Profile picture of Gregory Wright

    Gregory Wright replied to the topic OpenAM: Authentication requirements for authorization decisions in the forum Access Management 7 years, 1 month ago

    Rogerio,

    Thank you very much, that seems to confirm for me that we’ll need to pass through the authentication token of the requesting user.

    Kind regards,
    Greg

  • Profile picture of Gregory Wright

    Gregory Wright replied to the topic OpenAM: Authentication requirements for authorization decisions in the forum Access Management 7 years, 1 month ago

    I know there are JEE agents, which from what I can tell handle the authentication and authorization for access to the URL of a web service or application. It is implemented as a filter, which in my experience equates to deciding access at a somewhat coarse / medium level of granularity for access to a specific web resource. But a significant part…[Read more]

  • Profile picture of Gregory Wright

    Gregory Wright started the topic OpenAM: Authentication requirements for authorization decisions in the forum Access Management 7 years, 1 month ago

    We are evaluating OpenAM as an entitlements provider for not only protecting web applications and services, but also supporting authorization for access to data being exposed by web services. At its simplest:

    User --> Web App --> Web Service --> Database

    Where the User submits a query through the Web App, and the Web Service needs to decide if…[Read more]

  • Profile picture of Gregory Wright

    Gregory Wright replied to the topic Removing objectsClasses and attributeTypes from ldap using ObjectID only in the forum Directory Services 7 years, 3 months ago

    Thank you Ludo – at least we have a definitive answer.

  • Profile picture of Gregory Wright

    Gregory Wright's profile was updated 7 years, 3 months ago

  • Profile picture of Gregory Wright

    Gregory Wright replied to the topic Removing objectsClasses and attributeTypes from ldap using ObjectID only in the forum Directory Services 7 years, 3 months ago

    Using the following LDIF:

    dn: cn=schema
    changetype: modify
    delete: objectClasses
    objectClasses: ( 1.1.2.2.2 NAME 'myObjectClass' )

    And the following command:

    ldapmodify -p 389 -D "CN=Directory Manager" -f ./remove-object-class.ldif -w mypassword

    Gets the following result:

    Processing MODIFY request for cn=schema
    MODIFY operation…
    [Read more]

  • Profile picture of Gregory Wright

    Gregory Wright replied to the topic Removing objectsClasses and attributeTypes from ldap using ObjectID only in the forum Directory Services 7 years, 3 months ago

    Using the following LDIF:
    `
    dn: cn=schema
    changetype: modify
    delete: objectClasses
    objectClasses: ( 1.1.2.2.2 NAME ‘myObjectClass’ )
    `
    And the following command:
    `
    ldapmodify -p 389 -D “CN=Directory Manager” -f ./remove-object-class.ldif -w mypassword
    `
    Gets the following result:
    `
    Processing MODIFY request for cn=schema
    MODIFY operation…[Read more]

  • Profile picture of Gregory Wright

    Gregory Wright replied to the topic Using embedded OpenDJ for unit / integration testing in the forum Directory Services 7 years, 5 months ago

    Thank you Ludo, the MemoryBackend seems to do the trick, at least for testing our direct interactions with LDAP. The next step will be to see if we can wire it into Spring Security for integration tests.

  • Load More
Profile Photo [email protected] Profile Photo nakashima

Search the forums

Leaderboard

The leaderboard is based on our rockin' informal points system, read about it here.

Recent blog posts

  • Using an Authentication Tree Stage to Build a Custom UI with the ForgeRock JavaScript SDK February 26, 2020
  • Identity Workflow with AM using Zeebe and Cloud Functions February 19, 2020
  • IDM: Zero Downtime Upgrade Strategy Using a Blue/Green Deployment January 23, 2020
  • DS: Zero Downtime Upgrade Strategy Using a Blue/Green Deployment January 22, 2020
  • AM and IG: Zero Downtime Upgrade Strategy Using a Blue/Green Deployment January 22, 2020
Visit our blog

Recent Topics

  • Handle exception in Node Patch Object
  • SP Initiated SSO – Unable to do sso or federation
  • Realm level access
  • How can I generate 32 bytes Random salt in js script
  • Bypass Login Page in Chain

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

  • Blog
  • Documentation
    • OpenAM / Access Management
    • OpenDJ / Directory Services
    • OpenIDM / Identity Management
    • OpenIG / Identity Gateway
    • OpenICF / Open Connector Framework
    • Intro to Identity
  • Forums
    • General Discussion
    • ForgeRock Products
      • OpenAM
      • OpenIDM
      • OpenDJ
      • OpenIG
      • OpenUMA
    • DevOps
    • Internet of Things
    • Documentation
    • Groups
  • Twitter
  • Facebook
  • Linkedin
  • Youtube

Log in with your credentials

Lost your password?

Forgot your details?

I remember my details