December 12, 2016 at 7:55 pm #14790subiParticipant
Hoping one of you will be able to help.
In OpenAM 13 admin guide, I see a section (184.108.40.206) that talks about specifying realm names in login URL. Post the success of ‘getting-started-assignments’, I created a new realm and named it MyNewRealm. However, when I try to mention this realm name in the XUI login url, I am getting ‘Authentication Failed’. I tried all different options (as part of URL path, as URL parameter, parameter of XUI etc) but none works. However, if I login to OpenAM without mentioning any realm name, I am able to login in and see both the Top Level Realm as well as MyNewRealm. Any pointers as to what I am missing?
p.s. I am logging in as amadmin.
subiDecember 12, 2016 at 10:48 pm #14794Peter MajorModerator
amadmin user only exists in the top level realm, you cannot authenticate as amadmin in a subrealm.December 20, 2016 at 6:35 pm #14984subiParticipant
Thank you Peter. I ended up creating additional users and put them in a group. Then gave admin previleges for the group for the new realm. After these changes, I was able to use all the above mentioned methods to access the url.
However, I had a follow/up question – while I am able to see the new realm as we all as the user’s self service pages using the above method, I am not able to see the same behaviour when I dont mention the realm name in the URL. My impression was that if the logged in user is part of the group that has admin priviliges for a particular realm, then the realm should show up when I give the normal login URL (for example, http://openam.example.com:8080/openam)
You must be logged in to reply to this topic.