Perl 6 - the future is here, just unevenly distributed

IRC log for #openam, 2014-02-13

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
01:25 MegaMatt joined #openam
02:13 aldaris1 joined #openam
02:14 tsmalmbe1 joined #openam
02:19 dean joined #openam
02:41 asyd joined #openam
02:51 ripo joined #openam
03:09 ripo joined #openam
07:30 hos001 joined #openam
08:21 ibenox joined #openam
08:40 Wusel_ joined #openam
08:52 Wusel_ morning guys
08:53 Wusel_ is it possible to deny authentication of a user if he's not in a special group?
09:14 fatbloke joined #openam
09:15 asyd morningm
10:53 aldaris joined #openam
11:44 MegaMatt joined #openam
11:48 aldaris joined #openam
12:12 kala can I call specific authentication chain from JSON API for authentication?
12:12 aldaris yes
12:13 kala it sees that the default <openam>/json/authenticate on uses the "Organisation Authentication Configuration" chain
12:13 kala "seems"
12:14 aldaris yepp, of course
12:14 kala ah. I think I found it
12:16 kala openam/json/authenticate?authIndexTyp​e=service&authIndexValue=ldapService
12:16 kala and then I have to process the callbacks?
12:16 aldaris yepp
12:16 aldaris that would be the idea
12:16 kala let me try the X-OpenAM-Username trick
12:17 kala yes, this works :)
12:17 kala so I can do that in single query
12:17 aldaris you sound surprised
12:18 kala well, its not written in the docs as a clear example
12:18 aldaris right: http://openam.forgerock.org/openam-do​cumentation/openam-doc-source/doc/dev​-guide/index.html#rest-api-auth-json
12:18 kala mhm. "This "zero page login" mechanism works only for name/password authentication."
12:19 aldaris yes
12:19 kala well I guess the ldapService is then a name/password thing
12:19 aldaris well it is
12:19 aldaris namecallback/passwordcallback
12:19 aldaris there is a different way of doing ZPL
12:19 kala but very good. lets try some other queryies
12:23 kala hmm. but but ..
12:24 kala the old interface (http://docs.forgerock.org/en/openam/1​1.0.0/dev-guide/#rest-api-read-legacy) allows to search by any attribute? The new interface (http://docs.forgerock.org/en/openam/11.​0.0/dev-guide/#rest-api-query-identity) only uses the uid attribute?
12:24 aldaris donno
12:24 aldaris the new identity resource is quite bad imo
12:24 kala :(
12:50 metadaddy|lunch joined #openam
13:15 kala hmm. in order to save the information about the authentication failures, I would need to turn on the "Account Lockout"
13:16 kala is there other way? I don't particularly need the lockout thing
13:24 kala well ... I mean we already have the lockout feature, but its done in the opendj server
13:28 kala on the other hand, this only works for password based modules. if I wan't to track the information about other modules, then I would need to dig to the audit log anyway ...
13:35 fatbloke joined #openam
13:37 kala oh ... in case the authentication module returns auth failure during the execution of authentication chain and it is marked as "required" ... the remaining auth modules are not even executed, right?
13:37 aldaris they are
13:37 aldaris it is required
13:37 aldaris not requisite
13:37 kala ok. good
13:37 kala then I could write my own module, which handles all the failures and logs them to the separate place
13:38 kala "handles" = "sees"
13:38 aldaris have you heard of PAP?
13:38 kala yes
13:39 kala we even implemented one
13:39 kala to migrate google openid users to google+ oauth users :)
13:40 kala but I'm not sure if some kind of error message itself is available to the PAP?
13:41 kala let me check, what we are currently sending to audit log
16:17 aldaris joined #openam
19:00 aldaris joined #openam
19:12 aldaris joined #openam
20:54 aldaris joined #openam
21:02 aldaris joined #openam
21:39 aldaris joined #openam
21:48 aldaris joined #openam
22:00 aldaris1 joined #openam
22:20 awkwords joined #openam
22:20 awkwords hi guys, ive configured the radius plugin but its not connecting to my radiusmaster
22:21 awkwords ngrep shows openam hitting the server
22:21 awkwords but radius doesnt even acknowledge it as a client
22:41 MegaMatt joined #openam
23:33 aldaris joined #openam

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary