This topic has 6 replies, 4 voices, and was last updated 5 years, 7 months ago by Rogerio Rondini.
-
AuthorPosts
-
September 27, 2016 at 3:47 pm #13307
f.strada
ParticipantHi,
I’ve hard problem about OpenAM. I configured OpenAM with Http Apache Server, using Policy Agent for Apache 2.4. I followed the guide “https://forgerock.org/openam/doc/bootstrap/quick-start-guide/index.html#install-apache-http”.
Unfortunately, if I call “url of apache resource” with special character, I’ve got this error:
“Forbidden – you don’t have permission to access …. on this server”.For example:
OpenAM URL: http://openam.example.com:8080/openam
Url Apache: http://www.example.com:8085/if I call http://www.example.com:8085/page1.html there’s no error
if I call http://www.example.com:8085/page1.html?h=223 there’s 403 http errorI don’t find the solution. Help me!!!
-
This topic was modified 5 years, 8 months ago by
f.strada.
September 27, 2016 at 4:59 pm #13309Henrique Droog
ParticipantSeptember 28, 2016 at 10:39 am #13349f.strada
ParticipantUnfortunately, I don’t find the solution. I tried to disabled “FQDN check” on OpenAM Web Agent, but I ‘ve got same error. Is It possible that OpenAM does accept special character such as “?” or query String? Most of the web url contain query string with special character (?,% ecc….)…
September 28, 2016 at 11:33 am #13350[email protected]
Participantif you are using virtual host, then add below code to httpd-vhosts.conf (<apachehome>/conf\extra)
<directory “E:/Documenten/Dropbox/Dropbox/dummy-htdocs”>
Allow from all
</directory>Example:
<VirtualHost *:80>
DocumentRoot “C:/webserver/sites/site2”
ServerName http://example.com
# Set access permission
<Directory “C:/webserver/sites/site2”>
Options Indexes FollowSymLinks
AllowOverride None
Allow from All
Require all granted
</Directory></VirtualHost>
September 28, 2016 at 11:46 am #13352f.strada
ParticipantEureka!!!! I solved the problem!!!! It’s very simple:
1) TOP LEVEL REALM -> Authorization -> Policy Sets
2) Select “your policy agent” (If it doesn’t exists, select “new policy Set”)
3) Select Add Resources
4) Select as resource pattern *://*.*/*?* and valorize : http://www.example.com:8080/*?*
5) Select as resource pattern *://*.*/* and valorize : http://www.example.com:8080/*It works!!!!
September 29, 2016 at 11:27 am #13376f.strada
ParticipantI’ve got other problem on this integration: if there’s a wildcard “*” into query string, I’ve got 403 forbidden. For example:
http://www.example.com:8085/page1.html?h=223*&yyy=343efwfwe
The result of call is: 403 Forbidden.
In this case, It’s not possibile to resolve this problem using Policy Set. How can I resolve it?-
This reply was modified 5 years, 7 months ago by
f.strada.
September 30, 2016 at 1:20 am #13409Rogerio Rondini
ParticipantIn the previous post you was talking about “www.example.com:8080” … now you are talking about “www.example.com:8085”. Is that just a typo in the post related to port 8080 and 8085, or is really missing policy for port 8085?
-
This reply was modified 5 years, 7 months ago by
Rogerio Rondini.
-
This topic was modified 5 years, 8 months ago by
-
AuthorPosts
You must be logged in to reply to this topic.