@manchandap
active 4 months, 2 weeks ago-
Manchanda, P started the topic Validation on scheme for goto parameter in the forum Access Management 2 years, 10 months ago
Respected AM Experts,
As you are aware we can provide a ‘goto’ query string parameter that enables AM to redirect the control after successful authentication. AM also allows to configure the
Valid goto URL Resources
at the global and realm level.
Looking at the code of:
org.forgerock.openam.shared.security.whitelist.RedirectUrlValidator<T>
-
Manchanda, P replied to the topic High CPU consumption by OpenAM process in the forum Access Management 2 years, 12 months ago
@Nwz, was this issue due to enabling the audit event handlers on OpenAM and were you able to find the fix fo the same.
Thanks and Regards
-
Manchanda, P replied to the topic Rename a Federated Realm of OpenAM in the forum Access Management 3 years, 4 months ago
The use case that we are trying to solve is that when we change the existing realm or create a new realm, the customer should not be required to make any changes on the IdP side. Will a sub realm solve this. Say, I create a realm that federates to the customer’s IdP. Then I create a sub realm that inherits all the configurations of its parent. My…[Read more]
-
Manchanda, P started the topic Programmatically generate reset password link in the forum Access Management 3 years, 7 months ago
Respected OpenAM Experts,
OpenAM provides the UI Based that can send a password reset link in mail. This reset password link can be used to create a new password.
I have a scenario where i generate a system user programmatically. At this stage I can generate a password for that user and send it in mail.
However, as an alternative I am…[Read more]
-
Manchanda, P started the topic Rename a Federated Realm of OpenAM in the forum Access Management 3 years, 9 months ago
Respected OpenAM Experts,
I have created a Realm on my OpenAM. The name of this realm corresponds to my customer name. This realm is Federated i.e. it acts as a SP to the Customer’s IdP. The customer’s IdP is outside of my network (and control).
I have a use case that requires me to rename this realm to correspond to the changes at customer…[Read more]
-
Manchanda, P replied to the topic OpenDJ | Replication server only in the forum Directory Services 3 years, 11 months ago
Thanks @ludo. This information is helpful. I was bogged down my other work, so was not able to check on this.
Thanks and Regards
P Manchanda -
Manchanda, P replied to the topic OpenDJ | Replication server only in the forum Directory Services 3 years, 11 months ago
Thanks @ludo
-
Manchanda, P started the topic OpenDJ | Replication server only in the forum Directory Services 4 years, 2 months ago
Respected OpenDJ Experts,
I am planning to set up OpenDJ Replication server to sync the data between different OpenDJ nodes for clustering purpose. I understand that the replication server is enabled using the ‘dsreplication’ and dsreplication is part of the OpenDJ installation.
My confusion and hence query is that can i configure certain nodes…[Read more]
-
Manchanda, P replied to the topic Federation | Sync of user record between SP and IdP when no records exist on SP in the forum Access Management 4 years, 3 months ago
Thanks @Scott,
Looks like thee is lots of analysis that I need to do. Would you be able to share the link to relevant documentation so that I can do my homework before I seek more information.
Thanks and Regards
P Manchanda -
Manchanda, P started the topic Federation | Sync of user record between SP and IdP when no records exist on SP in the forum Access Management 4 years, 3 months ago
Respected OpenAM Experts,
Wanted to discuss the OpenAM behavior that is described by the following use case:
I have created a realm ‘myRealm’ and federated it to an external IdP ‘exIdP’. By external, I mean that the IdP is a remote IdP owned by a third party say my customer of vendor. In this case myRealm is acting as a SP.
I have a user,…[Read more]
-
Manchanda, P replied to the topic OpenAM IdP Proxy to enable a SP to invoke one of the IdPs in the forum Access Management 4 years, 4 months ago
Thanks @Peter Major, the scenario is the following that you described:
Or that your users actually can authenticate against any of the above IdPs at any point in time?
Regarding your second point:
The IdP proxy and the IdPs can share the same cookie domain as long as the cookie names are different (which would mean different OpenAM instances).…
-
Manchanda, P replied to the topic OpenAM IdP Proxy to enable a SP to invoke one of the IdPs in the forum Access Management 4 years, 4 months ago
Thanks @Peter Major, the scenario is the following that you described:
Or that your users actually can authenticate against any of the above IdPs at any point in time?
Regarding your second point:
The IdP proxy and the IdPs can share the same cookie domain as long as the cookie names are different (which would mean different OpenAM instances).…
-
Manchanda, P started the topic OpenAM IdP Proxy to enable a SP to invoke one of the IdPs in the forum Access Management 4 years, 4 months ago
Respected OpenAM Experts,
I have following use case where in a SP needs to invoke one IdP from a set of IdPs for an authentication.
I have a an SP hosted on mySP.external.com
I have multiple IdPs hosted by me. e.g. idp1.mydomain.com, idp2.mydomain.com, idp3.mydomain.comThe SP here can be configured to go against only one IdP.
Going…[Read more]
-
Manchanda, P started the topic OpenAM IdP Proxy to enable a SP to invoke one of the IdPs in the forum Access Management 4 years, 4 months ago
Respected OpenAM Experts,
I have following use case where in a SP needs to invoke one IdP from a set of IdPs for an authentication.
I have a an SP hosted on mySP.external.com
I have multiple IdPs hosted by me. e.g. idp1.mydomain.com, idp2.mydomain.com, idp3.mydomain.comThe SP here can be configured to go against only one IdP.
Going…[Read more]
-
Manchanda, P started the topic OpenAM IdP Proxy to enable a SP to invoke one of the IdPs in the forum Access Management 4 years, 4 months ago
Respected OpenAM Experts,
I have following use case where in a SP needs to invoke one IdP from a set of IdPs for an authentication.
I have a an SP hosted on mySP.external.com
I have multiple IdPs hosted by me. e.g. idp1.mydomain.com, idp2.mydomain.com, idp3.mydomain.comThe SP here can be configured to go against only one IdP.
Going through…[Read more]
-
Manchanda, P started the topic OpenAM IdP Proxy to enable a SP to invoke one of the IdPs in the forum Access Management 4 years, 4 months ago
Respected OpenAM Experts,
I have following use case where in a SP needs to invoke one IdP from a set of IdPs for an authentication.
I have a an SP hosted on mySP.external.com
I have multiple IdPs hosted by me. e.g. idp1.mydomain.com, idp2.mydomain.com, idp3.mydomain.comThe SP here can be configured to go against only one IdP.
Going through…[Read more]
-
Manchanda, P replied to the topic OpenAM Multiple IdPs for a realm | Discovery Service in the forum Access Management 4 years, 5 months ago
@regi4life, would request you to be more specific with your query. Did you get a chance to read my reply to @Lalit.
Thanks and Regards
P Manchanda -
Manchanda, P replied to the topic OpenAM Multiple IdPs for a realm | Discovery Service in the forum Access Management 4 years, 5 months ago
Hi @Lalit,
An alternative can be to let the users choose (drop down) or provide (text box) an IdP (e.g. in form of department name, division name, company name) on the logon page.
Thanks and Regards
P Manchanda -
Manchanda, P joined the group
Internet of Things 4 years, 8 months ago -
Manchanda, P commented on the post, MySQL Database as Identity Repository for ForgeRock OpenAM 4 years, 8 months ago
Thanks @Rajesh,
Do you see any performance differences in using a RDBMS like MySql, Oracle as Identity Repository vis a vis using OpenDJ. E.g. Will the OpenAM’s performance remain same, improve or deteriorate
- Load More
