OpenAM _ How authentication works ?

This topic has 4 replies, 2 voices, and was last updated 7 years ago by monginm.

  • Author
    Posts
  • #4324
     monginm
    Participant

    Hi,

    I would like to know if it’s possible to configure several authentications on the same realm for several URL web, for example in my realm [/] on OpenAM, I’ve 3 URL:

    http://www.example.com:8000/appli1/
    http://www.example.com:8000/appli2/
    http://www.example.com:8100/appli3/

    And I want for my first URL one authentication by Pop-up, my second URL by OpenAM form and my third by double authentication.

    Currently I made 3 authentications chaining, but I don’t know how to specify an authentication mechanism for http://www.example.com:8000/appli1/ different from the one inherited from the realm [/]. How it can be configured and where exactly ?

    Thank you for your help
    Regards,

    #4337
     Peter Major
    Moderator

    I’ve started to detail these things on your first question:
    https://forgerock.org/topic/openam-webagent/

    If you are really interested in how authentication works, then you could read this too:
    http://blogs.forgerock.org/petermajor/2015/04/understanding-the-login-process/

    #4359
     monginm
    Participant

    Hello,

    Ok; Now I change my method. I have 2 realms.

    My first realm [/] with:
    – One authentication by form.
    – One strategy on application: http://www.example.com:8100/appli4/
    – One Web agent; installed for one Apache server.

    When I test, my URL work.

    After I have a second Realm (for example: realm1), my Realm1 inherit of my first Realm.
    In my second Realm I have:
    – One authentication by Pop-up.
    – One strategy on application: http://www.example.com:8000/appli1/

    However, when I try to connect on this URL, I have an error message: “forbidden you don’t have permission to access /appli1/ on this server”.

    Do you know why ?

    Regards,

    #4383
     Peter Major
    Moderator

    Forbidden may be caused by policy evaluation failure, but there could be lots of potential reasons to it, I would suggest to have a look at the debug logs and look for further clues.

    #4459
     monginm
    Participant

    I found the solution to my problem; thank you for your help.

Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?