Perl 6 - the future is here, just unevenly distributed

IRC log for #openam, 2014-02-04

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:04 MegaMatt joined #openam
00:08 MegaMatt_ joined #openam
02:54 MegaMatt joined #openam
06:38 dean|away joined #openam
07:18 Wusel_ joined #openam
08:24 ludovicp joined #openam
08:31 Wusel_ are the examples in http://docs.forgerock.org/en/openam/11.0.0/dev-guide/index/chap-rest.html#rest-api-read-identity correct?
08:32 Wusel_ when i try to read the user's own identity i get
08:32 Wusel_ Unsupported major.minor version 51.0 (unable to load class com.sun.identity.idsvcs.GeneralFailure)
08:39 fatbloke joined #openam
08:48 ludovicp That kind of error is an issue with incompatible java versions. Most likely running Java 6 with a built done with Java 7.
08:49 ludovicp fatbloke:  Welcome to the OpenAM channel :-)
08:49 fatbloke ludovicp: cheers!
09:14 fatbloke joined #openam
09:17 ludovicp joined #openam
09:19 fatbloke joined #openam
09:21 Wusel_ ludovicp: so i better should run it with java7 or rebuild it with java6?
09:47 ludovicp Yes, version 51 is Java 7. So you need to run with 7, or build generating Java 6 level code.
09:49 aldaris joined #openam
09:56 fatbloke1 joined #openam
10:08 fatbloke joined #openam
10:40 Wusel_ aldaris: ?
10:40 aldaris morning
10:40 Wusel_ :)
10:40 Wusel_ I've another question :P
10:41 Wusel_ I want to set up openAM11 on its own server
10:41 Wusel_ our apache is running on a different one
10:41 Wusel_ i want openam to be accessed by https://www.mycompany.com/sso
10:42 Wusel_ so we inserted just a proxy/redirect from this address to http://openamIP:8080/sso
10:42 Wusel_ (i named it sso.war)
10:42 Wusel_ first configuration does work
10:43 Wusel_ but login doesn't work because openam redirects me to http://www.mycompany.com/sso/console
10:44 Wusel_ so without s
11:41 Wusel_ aldaris: :|
11:41 Wusel_ asyd: :|
11:41 Wusel_ anyone
11:41 MegaMatt joined #openam
11:41 Wusel_ MegaMatt: ?
11:41 MegaMatt Yes?
11:41 Wusel_ need help
11:41 Wusel_ :D
11:42 MegaMatt I just woke up, I need a few to warm up and such
11:42 Wusel_ ok ;)
11:42 MegaMatt But post your q's, maybe somebody will know
11:43 Wusel_ i redirected https://www.mycompany.com/sso to my openam http://openamip:8080/sso (it's sso.war)
11:43 Wusel_ config went fine
11:43 Wusel_ loginpage is fine
11:43 Wusel_ but when logging in
11:43 Wusel_ it redirects me to http://www.mycompany.com/sso/console
11:44 Wusel_ so the wrong protocol
11:50 asyd edit properties in 'server and sites'
11:52 aldaris joined #openam
11:58 Wusel_ it's not possible to log in
11:58 Wusel_ because it's redirecting to the wrong protocol
11:58 Wusel_ asyd
11:59 MegaMatt You shouldn't configure it using IP
11:59 MegaMatt Should be FQDN for cookies
11:59 MegaMatt brb
11:59 Wusel_ i configured it by https://www.mycompany.com/sso
12:00 Wusel_ and filled in as serveraddress https://www.mycompany.com/sso
12:02 Wusel_ when redirecting to /UI/login it's using http
12:03 Wusel_ *https
12:03 Wusel_ but when logging in, it's using http
12:06 Wusel_ any ideas?
12:09 MegaMatt port 8080 is really https?
12:09 Wusel_ no
12:10 Wusel_ https://www.mycompany.com/sso is a proxy to http://openamip:8080/sso
12:10 Wusel_ via apache
12:11 MegaMatt So you're saying you can't login directly to the admin console on your openam:8080 port?
12:11 Wusel_ yes, because I configured it as https://www.mycompany.com/sso and that's why it is redirecting me
12:12 Wusel_ but it is using the wrong ptotocol when logging in
12:12 Wusel_ *protocol
12:12 MegaMatt Sounds like your redirect is bad
12:12 fatbloke joined #openam
12:12 Wusel_ but why did it work when configuring it?
12:12 hos002 joined #openam
12:12 MegaMatt .. and why do you keep saying openamip?
12:12 MegaMatt heh
12:13 Wusel_ o_O
12:13 MegaMatt what happens if you just go to http://openam.mycompany.com:8080/sso ??
12:14 MegaMatt with out the apache redirect in front of it
12:14 Wusel_ then the tomcat or openam itself redirect me to http://www.mycompany.de:8080/sso/UI/Login
12:14 Wusel_ and this site doesn't exist
12:14 MegaMatt ok, then you've configured it wrong ;)
12:15 MegaMatt you should be able to hit the tomcat server directly, and log in
12:16 Wusel_ ok wait, I'll reset and configure it together with u :D
12:16 MegaMatt follow the install guide, I've got to afk for a few mins
12:16 MegaMatt minimizing you
12:17 pdurbin heh. minimizing you
12:19 ibenox joined #openam
12:27 MegaMatt I find install is usually pretty easy, as long as you can access TomCat directly using a FQDN. You just put up tomcat.. make sure you can access it's "I'm up" page... deploy the war... go to the war's deploy name using the FQDN again.. take most of the defaults.. done.
12:37 Wusel_ ok, I set it up with the internal fqdn now
12:38 Wusel_ now I "only" need to make openam know, that it is also available as https://www.mycompany.com/sso
12:38 Wusel_ i guess
12:38 MegaMatt .. Usually on the web server you just put an agent
12:39 MegaMatt But that's to protect the resources on that web server
12:39 MegaMatt I guess you just want an alias for your TC server
12:39 Wusel_ yea
12:39 Wusel_ :>
12:39 Wusel_ the second
12:40 MegaMatt I don't have my console up, but I believe asyd was right, go into server and sites
12:42 MegaMatt Or maybe it's like realm, dns alias'
12:42 MegaMatt My memory is so bad, .. I'd have to start up the instance and poke around
12:43 MegaMatt It's like access -> realm -> dns alias'
12:43 MegaMatt Something like that
12:46 Wusel_ i try to play around with it too :|
12:50 Wusel_ maybe I have to use distributed authentication?
12:50 Wusel_ just an idea
13:15 Wusel_ i dont get it working
13:15 Wusel_ the problem is, that I'm not able to change the apacheconfig
13:15 fatbloke joined #openam
13:16 Wusel_ don't have access to this server
13:48 aldaris joined #openam
14:02 Wusel_ with ajp everything works
14:02 MegaMatt what's ajp?
14:03 MegaMatt ah, he left?
14:04 aldaris seems so
14:04 aldaris I just wanted to say it's probably a missing ProxyPassReverse in Apache config
14:06 fatbloke joined #openam
14:06 aldaris AJP works differently when compared to HTTP proxy, hence it works fine with AJP
14:20 ludovicp joined #openam
14:20 MegaMatt You just like watching me take blind stabs at things ;)
14:20 aldaris I think I've just failed to set up proper notifications in Adium :)
14:21 MegaMatt Sure sure ;)
14:32 aldaris1 joined #openam
14:47 fatbloke1 joined #openam
14:48 pdurbin MegaMatt: more on AJP: http://docs.oracle.com/cd/E26576_01/doc.312/e24928/webapps.htm#CIHJDAJD
14:49 MegaMatt Ah I figured A was for apache
14:49 MegaMatt but had to guess on the JP part
14:56 pdurbin http://en.wikipedia.org/wiki/Apache_JServ_Protocol
15:00 aldaris joined #openam
15:12 fatbloke joined #openam
15:13 fatbloke joined #openam
15:38 ludovicp joined #openam
15:43 fatbloke joined #openam
16:01 Zendron joined #openam
16:09 fatbloke joined #openam
16:10 Zendron Hello! Guys is it possible to use the PolicyAgent for Authentication and my application for Authorization? Does the PolicyAgents provides this kind of approach?
16:11 aldaris yes
16:11 aldaris you can use the agent in sso only mode, and then authorization is only up to the application
16:12 Zendron Great
16:12 Zendron Just follow the JAAS pattern!
16:13 aldaris the JEE agents have JAAS integration btw
16:13 Zendron Great! I will try it now! tks!
16:14 Zendron Do you know some great tutorial showing this?
16:14 aldaris nothing jumps to me
16:15 Zendron No problem!!
16:20 asyd jaas integration of agents is disabled in SSO_ONLY iirc
16:27 aldaris yes, it is
16:48 fatbloke joined #openam
17:12 fatbloke joined #openam
17:48 jjpp joined #openam
18:05 fatbloke joined #openam
20:10 ludovicp1 joined #openam
21:01 hos002 left #openam
22:08 sayakb joined #openam
22:59 MegaMatt joined #openam

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary