December 8, 2016 at 3:36 pm #14732
I posted this first in the OpenDJ Topic but it seems that it was the wrong one. So I post it again here.
first of all i want to apologise for my english since it’s not my mother language. I understand english better than I write it
I have set up OpenAM succesfully with an external OpenDJ server. It all works so far since I have made 200 example userdata to test the connection and I see them on OpenAM. The amadmin was imported in the data from OpenDJ too.
So here is my problem:
With the embedded OpenDJ DataStore the Social Authentication works perfectly with Facebook and Google+ but when i reinstall OpenAM and use the external OpenDJ Server they say in both cases “Authentication Failed”. The amadmin account works perfekt and the Config in the Realm is nearly the same than in the version from OpenAM with the embedded OpenDJ.
I have looked many Videos and looked at many Sites but i can’t solve the problem.
I dont usually write in Forum so sorry for mistakes in the Topic.
DafughDecember 9, 2016 at 12:42 am #14744NanParticipant
Can you post the logs?December 9, 2016 at 8:41 am #14749
I found logs from localhost, localhost-access, host-manager and catalina in the Directory and
access.csv, activity.csv, authentication.csv, config.csv in the config directory. i dont really want to post them all here because i dont find spoiler tags and it would take too mutch placeDecember 9, 2016 at 9:28 am #14750
Perhaps this is important:
I use Oracle Java 8 for tomcat,
use 7.0.73 as tomcat Version
use OpenDJ version 13.0 and
OpenAM version 13.0
also i found logs from earlier day where they posted a huge error log(3500 Lines). I overlooked them and found the same massage at localhost.log over and over again:
Caused by: com.sun.identity.security.AMSecurityPropertiesException: AdminTokenAction: FATAL ERROR: Cannot obtain Application SSO token.
at java.security.AccessController.doPrivileged(Native Method)
… 12 more
This is the error i get when i try to login with Facebook or Google+.December 9, 2016 at 11:17 am #14757
I think I found one issue.
On the external OpenDJ and in OpenAM’s Data Store I set the LDAP Organization DN to
“dc=openam,dc=forgerock,dc=org” and I think that I might change them to my Domain. but I don’t really understand what DN means and what Options I have. It was the same in the working embedded version of OpenDJ and it was the same dc’s.
One more thing: When i set up Opendj and set my Hostname he always uses my IP domain even when im telling him to use my correct Domain. I don’t really understand why he does that and how I can change it. but that might be a question for the OpenDJ Forum.
You must be logged in to reply to this topic.