-
smmellac started the topic No handler to dispatch to for URI in the forum Identity Gateway 2 years, 9 months ago
Hello,
We are trying to chain IGs i.e., IG-DMZ will authenticate against AM and then pass traffic to IG (protected zone). However, we are seeing the below error
“no handler to dispatch to for URI:xxxxxxxx”Route – IG (DMZ)
{
“name”: “400_openam”,
“baseURI”: “https://openigdevext.com”,
“condition”: “${matches(request.uri.path,…[Read more] -
smmellac started the topic Obtain JWT token from AccessToken in the forum Access Management 2 years, 9 months ago
Hello,
We have an app configured to use OIDC. We get the access token when we try to access the app in the browser. When we use the access token we’re able to retrieve the JWT token using CURL commands. Is there a way to directly pass the JWT token to the app instead of access token?
I’m new to this space and pardon me if i have used terms…[Read more]
-
smmellac replied to the topic Unable to do sso or federation in the forum Access Management 3 years, 3 months ago
Validated that the keystore password is correct. The privaet key we are using is based on our company signed cert, which looks good. I am wondering if any certs that come with the keystore are referenced somewhere
es384test
es512test
es256test
selfserviceenctest
testAny thoughts on this?
-
smmellac started the topic Unable to do sso or federation in the forum Access Management 3 years, 3 months ago
Below is the error. The keystore has privatekey entry for the cert and correct alias in the server defaults. Any thoughts on what the disconnect is?
ERROR: Given final block not properly padded. Such issues can arise if a bad key is used during decryption.
libSAML2:05/09/2019 05:45:30:333 PM UTC: Thread: TransactionId
ERROR: FMSigProvider.sign:…[Read more] -
smmellac started the topic Best practices for openam keystore setup? in the forum Access Management 3 years, 4 months ago
We are starting out building a new loadbalanced openam environment. Is it necessary to have a seperate keystore i.e., keystore.jceks for ssl and dummy.jceks for other purposes? What are the pros and cons of having seperate keystores vs one keystore for everything
Please advise
-
smmellac replied to the topic Unable to login to /openam in clustered environment in the forum Access Management 3 years, 4 months ago
Incorrect cookie domain value was provided that caused this issue. It is now resolved
-
smmellac replied to the topic Unable to login to /openam in clustered environment in the forum Access Management 3 years, 4 months ago
Followed the below steps from doc to setup a clustered instance
To Add a Server to a Site
High availability requires redundant servers in case of failure. With AM, you configure an AM site with multiple servers in a pool behind a load balancing service that exposes a single URL as an entry point to the site.Follow these steps to configure a…[Read more]
-
smmellac started the topic Unable to login to /openam in clustered environment in the forum Access Management 3 years, 4 months ago
We are trying to setup a clustered openam env. At this point, both openam instances are pointing to the same DS. When we login to http://server1:8080/openam using amadmin creds it works. However, when we login to http://server2:8080/openam using amadmin creds, we get username/password not valid error.
Upon looking further into the server config,…[Read more]
-
smmellac replied to the topic LDAP Replication – Data is not getting replicated in the forum Directory Services 3 years, 4 months ago
We are using version 6.5
-
smmellac started the topic LDAP Replication – Data is not getting replicated in the forum Directory Services 3 years, 4 months ago
WE used dsreplication configure and dsreplication initialize to setup replication between 2 LDAP servers installed on 2 different linux servers. Status shows replication setup is true between both servers. However data from one is not seen in the other. Logs got generated in /tmp folder but there is no content.
Below are the commands we…[Read more]
-
smmellac replied to the topic IDM 6.5 Admin URL not working in the forum Identity Management 3 years, 4 months ago
Login page comes up when we try http://localhost:8080/. However credentials openidm/openidm is not working
When we try http://localhost:8080/admin we get below error on screen
This site can’t be reached <servername>’s server IP address could not be found.
Search Google for <servername> 8080 admin
ERR_NAME_NOT_RESOLVEDThis is the URL we hav…[Read more]
-
smmellac started the topic Authentication Failed when logging in with user configured in datastore in the forum Access Management 3 years, 5 months ago
Hello,
We have AD configured as datastore. When i try to login with user in datastore i get “Authentication Failed” error.
I see below in the log“Unable to get members for identity user::<userid> in any configured data store”
Please advise
Thanks in advance