天道酬勤,学无止境

openam

使用java应用程序通过openam登录adfs(Login to adfs through openam using java application)

问题 我已将 adfs 配置为身份提供者,将 openam 配置为服务提供者,但如何使用 adfs throght openam 测试登录是否正常工作。 任何人都可以帮助我使用 java 应用程序通过 openam 登录 adfs 服务器。 谢谢, 回答1 请参阅 OpenAM 和 ADFS2 配置。 这篇文章涵盖了您的所有问题。 更新: 我通常这样做的方法是使用 OpenSSO / OpenAM Java Fedlet。 请参阅在 Java Web 应用程序中使用 Fedlets(第 8 章)。 显示令牌内容的代码(根据 Fedlet)如下所示: Response samlResp = (Response) map.get(SAML2Constants.RESPONSE); Assertion assertion = (Assertion) map.get(SAML2Constants.ASSERTION); Subject subject = (Subject) map.get(SAML2Constants.SUBJECT); String entityID = (String) map.get(SAML2Constants.IDPENTITYID); String spEntityID = (String) map.get(SAML2Constants.SPENTITYID)

2021-09-11 12:48:39    分类:技术分享    adfs2.0   openam

Login to adfs through openam using java application

I have configured adfs as identity provider and openam as service provider but how to test whether login is working fine with adfs throght openam. Can anyone help me to do login to adfs server through openam using java application. Thanks,

2021-09-05 23:05:34    分类:问答    adfs2.0   openam

OpenSSO (OpenAM) : Turn off URL enforcement

We're using OpenAM to manage sessions on our application. The problem is everytime we're trying to pass a parameters with the GET method, the ressource is blocked (error 403 - forbidden). If no parameter is set, everything is wirking. EX: http://mysite.com/logo.jpg ----> Works. http://mysite.com/logo.jpg?foo=bar ----> ERROR ! For images or css, it's normal to do not have parameters, but all links with using the GET method aren't working. How could we solve our problem? Actually, disabling this policy would be a good solution. We've looked for section 7.4.2 in the OpenAM's documentation (http:/

2021-09-01 07:37:39    分类:问答    policy   url-parameters   opensso   openam

Wso2 API 管理器与 Openam 的集成(Wso2 API manager integration with Openam)

问题 我正在尝试在我们的组织中集成 wso2 api 管理器。 我们使用 Open AM 作为单点登录。 我试图为它搜索一些文档,但找不到任何用于 wso2 API 管理器身份验证和可能与 Open AM 集成的授权片。 是否有任何扩展或插件可用于集成它? 如果对此有任何想法,不胜感激。 提前致谢! 问候, 杰伊什 回答1 请参考 [1] 中的这篇博文。 在这里,我为 WSO2 BAM 做了它。 与您可以为 WSO2 AM 做的一样。 [1] http://manulachathurika.blogspot.com/2013/10/configure-opensso-for-wso2-business.html

2021-07-13 03:18:45    分类:技术分享    wso2   openam

如何对我现有的 Web 应用程序实施 openAM SSO(How to implement openAM SSO to my existing web applications)

问题 我尝试通过参考以下链接使用 OpenAM 在我现有的 Web 应用程序中实现 SSO http://fczaja.blogspot.com/2012/06/idp-initiated-sso-and-identity_21.html 附注。 我的网络应用程序已经有自己的登录页面 现在实现后得到的是,openAM 登录页面在我的 Web 应用程序中受到保护,我需要再次登录我的应用程序 我需要的是,想跳过我的应用程序的登录页面成为单点登录。 那么,谁能告诉我我还需要完成哪些任务? 我需要修改我的应用程序的登录页面吗? 我需要任何数据库或数据存储来保存用户登录信息吗? 回答1 既然 OpenAM 代理已在您的应用程序顶部就位,您的 Web 应用程序可以在已经存在有效登录用户的假设下工作 - 您需要从您的 Web 应用程序中删除登录页面。 要获取当前用户详细信息,只需更改您的 OpenAM 代理配置以设置带有相关字段(如用户名、全名等)的 HTTP 标头。然后,您只需检查 HTTP 标头而不是 Web 应用程序登录页面(应该是安全的,只要只有通过 OpenAM 代理进入您的 Web 应用程序的路由)。 另一种方法是获取 OpenAM cookie 并使用它直接对服务器进行 REST 调用。 使事情变得更加脆弱,因为您现在需要维护额外的配置。

2021-07-12 11:29:14    分类:技术分享    single-sign-on   saml-2.0   openam

Connect OpenAM with multiple LDAP servers

I have installed OpenAM in my ubuntu machine and installed LDAP. I could able to authenticate with the Datastore (default : embedded) credentials, but couldn't able to connect with LDAP server. My issues are - When I add authentication chains with multiple(3) LDAP servers and Datastore which is default to 'Top Level Realm', I need to submit the form 4 (3 LDAP+ 1 Datastore) times to autheticate (I have added Datastore as 4th and first 3 were my LDAP servers). Even I have tried multiple(3) possible configurations (uid, cn) for same LDAP server, nothing authenticating from the external LDAP

2021-06-29 04:26:02    分类:问答    ldap   openam

Custom Identity Provider for OpenAM/OpenSSO

We are looking to use OpenAM/OpenSSO to act as a SSO provider. We need, however, to have OpenAM use our mongo datastore under the hood to manage its authentication needs. With this in mind, I found this: http://www.badgers-in-foil.co.uk/notes/installing_a_custom_opensso_identity_repository/ which looks promising. Apparently, this should allow me to add an "Access Manager Repository plugin", but I have since read this: The Access Manager Repository plugin is also called amSDK or legacy SDK as it provides downward compatibility to work with the existing Sun Access Manager 7.x version deployment

2021-06-12 13:01:23    分类:问答    java   single-sign-on   opensso   openam

Wso2 API manager integration with Openam

I'm trying to integrated wso2 api manager in our organization. We are using Open AM as out Single sign on. I tried to search for some documentation for it but couldn't find any for wso2 API manager authentication and possibly authorization piece integration with Open AM. Is there any extension or plugin available to integrate it? Appreciate if have any idea about this. Thanks in advance! Regards, Jayesh

2021-06-11 04:15:23    分类:问答    wso2   openam

forgerock 身份管理解决方案与 WSO2 身份服务器(forgerock Identity Management Solution Vs WSO2 Identity Server)

问题 我正在尝试选择 forgerock 身份管理解决方案(openAM、openIDM)和 wso2 身份服务器之一来实施身份和访问管理解决方案。 我有兴趣使用以下功能: 单点登录 (SSO) 基于策略的访问控制管理用户身份连接到中央存储库,如 Active Directory、OpenLdap、Oracle Internet Directory 等。 等等.. 这两种开源产品看起来都可行。 我对拥有上述所有功能以及实现这些功能的良好 API 以及积极的社区支持感兴趣。 两个中哪一个最好? 谢谢。 回答1 我是 WSO2 的架构师 - 主要领导 WSO2 身份服务器。 我尽量不要偏见:-) 这两种产品都为您带来了一个全面的身份管理平台——支持 SAML2、OpenID、XACML 3.0、OAuth 2.0、SCIM、WS-Security 标准。 我想在 WSO2 身份服务器上强调的几个独特功能是...... 分散的联合 SAML2 IdP (http://blog.facilelogin.com/2012/08/security-patterns-decentralized.html) 分布式 XACML PDP 用户友好的 XACML PAP 向导高可扩展性(我们有一个使用 WSO2 IS 的中东客户,拥有超过 400 万的 OpenID 支持用户群。) 基于

2021-06-09 15:35:03    分类:技术分享    wso2   openam   federated-identity   identity-management   openidm

How to implement openAM SSO to my existing web applications

I'm try to implementing SSO in my existing web applications with using OpenAM by refer following link http://fczaja.blogspot.com/2012/06/idp-initiated-sso-and-identity_21.html PS. my web applications have their own login page already Now what is got after implementation is, openAM login page are protected in my web applications and i need to make login again to my application what i need is, want to skip the login page of my application to become single sign on. so, can anyone tell me what tasks need i do left? do i need to revise my Login page of my application? do i need any database or

2021-06-05 09:47:44    分类:问答    single-sign-on   saml-2.0   openam