Is OpenAM supports Web Services Security Support?

This topic has 4 replies, 3 voices, and was last updated 6 years, 5 months ago by Bhargava.bada.

  • Author
  • #11547

    Hi All,
    I am using OpenAM 12 version for development environment i am stuck at web service security using OpenAM.

    what is the best way to secure my web services using openAM .

    i don’t find any documentation related to this in OpenAM. But OpenSSO provides some kind of documentation .

    is this same approch will work in openAM and is there any better approach supported by openAM.

    i just want to know is there any better approach in OpenAM ?


    • This topic was modified 6 years, 5 months ago by Bhargava.bada.
     Peter Major

    Are you talking about WS-* web-services?


    Hi Peter ,

    we have couple of restful services built in our applications . clients are already using those restful services . we need to Authenticate these requests against OpenAM via HTTP Basic Authentication .

    we tried by using OpenAM HTTP basic Authentication . But Agent Always redirects the call to OpenAM so client program is receiving 302 .



    We may be looking at a similar situation. I was told once that the OpenAM web agent is not suited to secure web services, as unauthorised requests will return a 302 as you’ve seen.

    Apparently this is something OpenIG may be better suited for, and can hook into OpenAM policy rules (so I’ve heard, I’ve not tried this).


    Hi Andy ,

    we have different options . but we are trying to do best and cleaner approach through J2ee Agent itself .
    we are trying with Non enforced URI and calling the OpenAM REST API authentication for Rest calls .
    now we are trying to identify what is cost of doing OpenAM rest API authentication becasue t requires multiple Rest calls to authenticate .

    Also from the OpenAM developers I just want to know is there any better approach/configuration can achieve through agent itself .


Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?