Perl 6 - the future is here, just unevenly distributed

IRC log for #openam, 2013-11-13

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
07:02 hos001 joined #openam
07:43 ludovicp joined #openam
09:03 aldaris joined #openam
10:13 SteveF_ joined #openam
11:03 aldaris joined #openam
11:09 aldaris I guess the channel is silent since everyone is having fun with the new release :)
11:20 balo unfortunetly i can't play with it... i'm still working on the feasibility study... And 3 other projects at the same time
11:37 * pdurbin can't decide if he should try Fedlets again with the new version
11:42 aldaris fedlets didn't change that much, believe me
11:43 aldaris although I still think you should be able to make fedlets work :D
11:43 aldaris or at least it should be possible to achieve what you want
11:44 pdurbin probably time for someone other than me to try to get a Fedlet working with the IdP at http://testshib.org ... I tried... needs some fresh eyes
11:44 aldaris well I'm looking at SAML today anyways, let me prove my right then
11:47 SteveFerris joined #openam
11:48 balo i'd be glad if you could share the result. I should work with fedlets to integrate an other SSO with ours. I'm talking about that project which I should work with for years now :D
11:49 aldaris well originally I wanted to make a full AM to work with testshib IdP, but I guess I'll end up doing it for a fedlet then, asyd I guess we have the subject for the next blog post :p
11:55 MegaMatt joined #openam
11:58 dean I've ran into another issue with OpenSSO, some users with * in their email addresses have registered and they get entered into the directory just fine. But when we try to authenticate them via /opensso/identity/authenticate REST interface it fails. Should we be escaping the * in some way or something?
11:59 aldaris is * a valid character for an e-mail address?
12:00 balo yep
12:00 balo http://en.wikipedia.org/wiki/Email_address
12:00 balo my favourite valid email address is !#$%&'*+-/=?^_`{}|~@example.org
12:00 balo :D
12:00 aldaris worth a try :p
12:00 balo however not every mail provider and smtp software supports it so...
12:01 dean Is it a valid user id in OpenSSO (or OpenAM) though? I'm not sure if the problem is we can create the user or just authenticating them after.
12:01 aldaris well
12:01 aldaris AM doesn't handle special characters too well
12:02 aldaris even if the authentication itself works, AM then creates a UUID based on the username
12:03 aldaris usually that screws up escaping (it's in a DN format), but no components really knows that it's a DN, or handles it as a DN, or escapes it as a DN :D
12:03 dean Ahh I see.
12:03 dean I did see this as well: https://java.net/jira/browse/OPENSSO-4118 which suggests it's a bad idea.
12:03 dean So I might suggest just blocking emails with those characters at the application.
12:04 aldaris the built-in LDAP module has a username validation mechanism
12:04 aldaris it rejects *()| and a few other characters I think
12:05 aldaris but yeah, make sure users don't register with such addresses (if you can make such limitation)
12:05 dean Well that's the other interesting thing. It does through the web interface but that validation doesn't seem to fire when I create a user via the rest interface.
12:07 balo If you can escape these characters somehow in the rest api I'm still not sure you can sleep well. They can cause problems elsewhere.
12:10 dean Yeah that's what I thought :(
12:24 MegaMatt sounds risky to allow * in email
13:53 jjpp hi.
13:54 jjpp aldaris: nice to have a tag. do you happen to have a git repository with that tag somewhere as well? :)
13:56 jjpp (I could try to add another svn2github repo, though that one will obviously not change)
13:57 aldaris nah, I don't have git repo for that
13:57 aldaris I do have a local git svn repo, but that contains way too many things :)
13:59 jjpp hm, you could push some specific branches from there? :)
13:59 aldaris true, but I won't most likely. I don't feel that comfortable with git yet, 95% of the time I just use git-svn :(
14:02 jjpp okay, understandable. is the conversion to git somewhere on the roadmap?
14:02 aldaris Q1 2014
14:02 aldaris so not that far away
14:02 jjpp (also, I'll probably try to add the repo for tag to svn2github, then)
14:03 jjpp hm, thats really soon, indeed.
14:03 aldaris I want to fight for separate repositories, jee-agents,webagents, .netfedlet should all have different repositories...
14:05 jjpp hm, yeah. with git the least unit of "checkout" is the repository and you cant check out just one branch, so, yes.. splitting up the repository is indeed a thing to think about..
14:05 jjpp (or, rather you of course can check the branch out in git's sense of the word. but you still have the whole repo on your disk. even if that repo is smaller than a checkout of a branch in svn world:)
16:58 SteveFerris joined #openam
19:33 SteveF_ joined #openam
19:41 MegaMatt svn and git still both are like black magic to me :(
19:43 hos001 left #openam
19:51 ludovicp joined #openam
20:06 * pdurbin did a migration recently: https://github.com/dvn/dvn-sourceforge2github
20:08 jjpp btw, there is https://github.com/svn2github/openam11 now. it's tags/11.0.0/openam/
21:40 aldaris joined #openam
22:11 MegaMatt Hey aldaris , you lurking?
22:29 aldaris joined #openam
22:33 aldaris yeah around now MegaMatt
22:33 MegaMatt Ah no worries - just trying to figure out why not all the s1ws 3.3 agents are on forgerock.com
22:35 MegaMatt We weren't sure if that was on purpose or not ;)
22:48 MegaMatt Time for me to head to dinner :D

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary