Perl 6 - the future is here, just unevenly distributed

IRC log for #openam, 2013-12-23

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
23:21 aldaris joined #openam
23:28 mad_noob joined #openam
23:29 mad_noob Hi does anyone have openam setup as a reverse proxy to server internal services from external locations?
23:29 aldaris openam is not a reverse proxy?
23:33 mad_noob I understand you could have apache in front of it as a reverse proxy to serve the openam pages
23:33 mad_noob then the users could authenticate  to access an internal service using sso.
23:33 mad_noob I am a noob trying to setup an example
23:33 mad_noob Internet > Apache reverse proxy > Openam > Internal service
23:34 aldaris I still don't get it, but sure let's try to get this going
23:34 aldaris so you have a protected service
23:35 aldaris or at least an application that you want to protect
23:35 mad_noob yes
23:35 aldaris you have an RP and you also have an AM
23:35 mad_noob and access it from the internet
23:35 aldaris right
23:35 mad_noob RP?
23:35 aldaris so user goes
23:35 aldaris reverse proxy
23:35 mad_noob User goes to website > access internal service from Internet
23:36 aldaris so it's not really an internal service then, it's just an app I suppose which exposes features of an internal system?
23:36 mad_noob yes
23:36 mad_noob for example
23:37 mad_noob I am trying to make this as very basic as possible
23:37 aldaris okay
23:37 aldaris so where do you have an RP?
23:37 mad_noob User on Internet > accesses RP > RP goes to OpenAM page > User authenticates at page > accesses internal service
23:37 aldaris in front of AM? in front of app? both?
23:37 mad_noob in the DMZ
23:37 mad_noob I was thinking
23:38 mad_noob RP > OpenAM > Internal Service...
23:38 mad_noob RP : DMZ > Openam AM internal network with Internal Service
23:38 mad_noob as seen here: http://docs.forgerock.org/en/openam/10.1.0/admin-guide/index/images/securing-openam-rp.png
23:39 mad_noob I could make the example baisc
23:39 mad_noob baci
23:39 mad_noob basic
23:40 aldaris I just can't understand what the hell do you mean by AM > internal service, it's not past AM, it's either accessed through RP or something else, not THROUGH AM
23:40 mad_noob Access via RP
23:40 aldaris same RP?
23:40 mad_noob yes one RP
23:40 mad_noob Internet > RP > Service ?
23:40 aldaris where do you install the agent then?
23:40 mad_noob On the Service server
23:41 aldaris okay
23:41 aldaris so this should work then just fine
23:41 mad_noob Ok sorry I am new to this all
23:41 mad_noob User goes in to the Internet accesses page on the RP
23:41 aldaris have you tried going through the getting started guide?
23:42 mad_noob the RP diverts them to the service with the agent installed
23:42 aldaris so what is not working and how?
23:42 mad_noob I am planning
23:42 mad_noob that is all
23:44 mad_noob any good basic apps
23:45 mad_noob apart from the example one with the agent
23:45 mad_noob to perform easy SSO?
23:45 aldaris not too much really, any app would do :p
23:45 aldaris even a simple one with an index.jsp
23:48 mad_noob no worries will look around....
23:57 mad_noob anyone used shibboleth??
00:11 aldaris idp?
01:28 mad_noob yeh
03:33 tsmalmbe joined #openam
07:43 ludovicp joined #openam
09:02 aldaris joined #openam
09:59 aldaris joined #openam
11:36 MegaMatt joined #openam
13:44 aldaris joined #openam
19:18 MegaMatt_ joined #openam
20:54 aldaris joined #openam

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary