@soma
active 1 week ago-
soma replied to the topic infinite redirect loop after log out in the forum Access Management 4 years, 10 months ago
Hi,
Thank you for the reply.
I tried that before but unfortunately it did not help :( -
soma started the topic infinite redirect loop after log out in the forum Access Management 4 years, 10 months ago
Hi,
I still have this issue (Session Termination issue) and I do not know how to solve it. Hope you will help me.
My scenario is easy:
1) Login via XUI login page
2) Open a role protected page in a new tab of the web browser (/hello/private/index.jsp), content is displayed properly
3) Go back to the XUI login page and logout
4) Navigate to the…[Read more] -
soma replied to the topic Session Termination issue in the forum Access Management 4 years, 11 months ago
This is the full log:
No configuration value found for: com.sun.identity.agents.config.amFilter.logout.application.handler, or: com.sun.identity.agents.config.logout.application.handler[Read more]
amFilter:10/22/2016 07:46:12:678 PM CEST: Thread
ERROR: AmFilter: Error while delegating to inbound handler: Not Enforced List Task Handler, access will be… -
soma replied to the topic Session Termination issue in the forum Access Management 4 years, 11 months ago
This is the full log:
No configuration value found for: com.sun.identity.agents.config.amFilter.logout.application.handler, or: com.sun.identity.agents.config.logout.application.handler[Read more]
amFilter:10/22/2016 07:46:12:678 PM CEST: Thread
ERROR: AmFilter: Error while delegating to inbound handler: Not Enforced List Task Handler, access will be… -
soma started the topic Session Termination issue in the forum Access Management 4 years, 11 months ago
Hi All,
I have a strange issue after log user out. I use OpenAM 13.0 + Tomcat + J2EE Agent 3.5.0 + OpenAM rest api.
My web application has own login/logout pages. For login I call POST /openam/json/authenticate rest with X-OpenAM-Username and X-OpenAM-Password. For logout I use POST /openam/json/session/?_action=logout.
My own logout restapi…[Read more]
-
soma replied to the topic CORS request with Apache HTTP + Web Agent in the forum Access Management 5 years ago
Additional info
I can see this in the Apache HTTP log:
mod_dumpio: dumpio_out (data-HEAP): 231 bytes
mod_dumpio: dumpio_out (data-HEAP): HTTP/1.1 200 OKrnDate: Fri, 09 Sep 2016 05:07:16 GMTrnServer: Apache/2.4.23 (Unix) OpenAM Web Agent/4.0.0rnContent-Length: 499rnKeep-Alive: timeout=5, max=100rnConnection: Keep-AlivernContent-Type:… -
soma started the topic CORS request with Apache HTTP + Web Agent in the forum Access Management 5 years ago
Hi,
I wonder if you can help me. I have problem with HTTP DELETE CORS restapi request.My infrastructure looks like this:
1) Apache Tomcat + JEE Policy Agent 3.5 on web.example.com:80802) Apache HTTP 2.4 + Web Policy Agent 4.0.0 on api.example.com:80
3) Application Server where the REST api is deployed (no OpenAM agent here) on…[Read more]
-
soma replied to the topic Web Policy Agenmt > no action decision found in the forum Access Management 5 years ago
@rarondini thanks for your reply.
The solution was so tricky. I have spent days to figure it out why my policy set was not applied.I added a new Policy Set as you have suggested but could not see any changes in the openam/openam/debug/Policy log file. That was so suspicious.
I read the documentation again and again and finally i have found…[Read more]
-
soma replied to the topic Web Policy Agenmt > no action decision found in the forum Access Management 5 years ago
Thanks for your reply.
The solution was so tricky. I have spent days to figure it out why my policy set was not applied.I added a new Policy Set as you have suggested but could not see any changes in the openam/openam/debug/Policy log file. That was so suspicious.
I read the documentation again and again and finally i have found this: “Policy…[Read more]
-
soma replied to the topic Web Policy Agenmt > no action decision found in the forum Access Management 5 years, 1 month ago
Hi @rarondini
I think the reason why I always get HTTP403 is not because of missing Policy.
Anyway, as you suggested I created a Policy set with the following parameters:My Resource Type
* pattern 1: http://*/*
* pattern 2: http://api.example.com/*
* actions (allowed): GET, POST, PUT, HEAD, DELETE, OPTIONS, CREATE, READ, UPDATE, PATCH,…[Read more] -
soma started the topic hotswap does not work with Default Privileged Attribute in the forum Access Management 5 years, 1 month ago
Hi,
I have just realized that hotswap does not work with Default Privileged Attributes. I had to restart my protected server in order to get the modification work.
Realm > Application > Privilege Attributes Processing > Default Privileged Attribute > Add
OpenAM Environment:
– OpenAM 13.0.0 on Apache Tomcat 8.0.23
– J2EE Agent 3.5 for Tomcat,…[Read more] -
soma replied to the topic Web Policy Agenmt > no action decision found in the forum Access Management 5 years, 1 month ago
Hi,
Why do we need to declare AmAgentConf property in the VirtualHost configuration if centralized configuration is used?
Where the policy configuration comes exactly in case of centralized config? Can I remove AmAgentConf property from VirtualHost definition?
-
soma replied to the topic Web Policy Agenmt > no action decision found in the forum Access Management 5 years, 1 month ago
Hi,
Why do we need to declare AmAgentConf property in the VirtualHost configuration if centralized configuration is used?
-
soma replied to the topic Web Policy Agenmt > no action decision found in the forum Access Management 5 years, 1 month ago
Not Enforce URI list in empty. I use the default Web Agent Settings, I have not changed anything.
I use Centralized configuration with a realm.My VirtualHost looks like this:
<VirtualHost *:80>
ServerName api.example.com
ServerAlias api.example.comDocumentRoot “/home/…./servers/apache-http/www/api.example.com”
AmAgent On…[Read more]
-
soma replied to the topic Web Policy Agenmt > no action decision found in the forum Access Management 5 years, 1 month ago
Not Enforce URI list in empty. I use the default Web Agent Settings, I have not changed anything.
I use Centralized configuration with a realm.My VirtualHost looks like this:
<VirtualHost *:80>
ServerName api.example.com
ServerAlias api.example.comDocumentRoot “/home/…./servers/apache-http/www/api.example.com”
AmAgent On…[Read more]
-
soma started the topic Web Policy Agenmt > no action decision found in the forum Access Management 5 years, 1 month ago
Hi,
I am playing with Web Policy Agent.My environment:
– Apache HTTP 2.4.23
– Web Agent: Apache_v24_Linux_64bit_4.0.0.zip
– OpenAM 13.0I followed the documentation and it seems that my environment works fine:
error_log
AH00489: Apache/2.4.23 (Unix) OpenAM Web Agent/4.0.0 configured — resuming normal operationsdebug.log
2016-08-02…[Read more] -
soma started the topic ralm name wih . (dot) does not work in the forum Access Management 5 years, 2 months ago
Hi,
I have just realized that realm name with dot is not acceptable when OpenAM looks up ui files.
My realm name is “web.example.com”
This login url does not work correctly: http://openam.example.com:8083/openam/XUI/#login/&realm=web.example.com
I get a “Invalid Domain Alias” error.I can not see in the docs to mention that realm name may not…[Read more]
-
soma started the topic Group Universal ID mapping bug? in the forum Access Management 5 years, 2 months ago
Hi,
I see a strange behavior when Universal ID of a group is mapped.
I use realm and a group is created under my realm.Details:
Java EE container: Apache Tomcat 8.x
Agent Mode: J2EE
Realm name: ‘web.example.com’
Group uid: ‘id=app admins,ou=group,o=web.example.com,ou=services,dc=openam,dc=forgerock,dc=org’But the uid which appears on the web…[Read more]
-
soma started the topic Login Form URI in the forum Access Management 5 years, 2 months ago
Hi,
A couple of months ago I tried to implement a custom login page + login via OpenAM rest API but that was not worked. The original topic is here: Social Login through OpenAM API
Thanks for the community the question is answered and the knowledge is shared. So I am going back to this topic again and I am trying to get my customized login form…[Read more]
-
soma replied to the topic Declarative Security does not work in the forum Access Management 5 years, 2 months ago
The result of my info servlet:
PROTECTED Info Servletserver time: Fri Jul 08 11:58:54 CEST 2016
auth type: FORM
remote user: demoprincipal
principal class: org.apache.catalina.realm.GeneralPrincipal
principal name: demo
web principal subject 1: AUTHENTICATED_USERS
web principal subject 2: id=sales,ou=group,dc=openam,dc=forgerock,dc=orguser…[Read more]
- Load More
