Perl 6 - the future is here, just unevenly distributed

IRC log for #openam, 2014-05-14

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
03:41 reflectivedev joined #openam
06:16 pfreixes joined #openam
06:35 bthalmayr joined #openam
06:49 aldaris joined #openam
07:22 aldaris joined #openam
07:35 rghose joined #openam
07:40 aldaris joined #openam
07:46 fatbloke joined #openam
07:46 eivind joined #openam
08:26 aldaris joined #openam
08:44 asyd morning folks
09:01 fatbloke joined #openam
10:30 fatbloke joined #openam
10:43 aldaris joined #openam
10:56 fatbloke joined #openam
10:58 aldaris joined #openam
11:03 fatbloke joined #openam
11:04 MegaMatt joined #openam
11:22 aldaris joined #openam
12:22 fatbloke joined #openam
12:30 chucky joined #openam
12:31 aldaris1 joined #openam
12:45 chucky Hello! I have a jboss eap 6 running with policy agent, I need to protect a java application who already uses @RolesAllowed in all Controllers. Is it possible to just use autentication in OPenAM and use Authorization in my application? I'm using Spring security with a tag who set the jsr 250!
12:46 MegaMatt SSO Only Mode ?
12:53 chucky Just that? After I log into my application using the Login interface from OpenAM how can I have the roles of this user? I ask that to understand how I will obtain the user data and link to the roles of my app!
13:00 chucky DO you think I need a Policy Agent or doing a fedlet integration is better?
13:00 fatbloke joined #openam
13:07 rghose joined #openam
13:10 fatbloke joined #openam
13:21 aldaris joined #openam
13:34 aldaris joined #openam
13:38 bthalmayr @Chucky .... using Agents is OpenAM proprietary way of achieving SSO , fedlet is standards based SSO (SAML) ... retrieving Identity data is only somewhat related
13:43 aldaris joined #openam
15:12 aldaris joined #openam
15:29 pfreixes joined #openam
15:29 aldaris joined #openam
15:30 chucky joined #openam
15:31 chucky tks @bthalmayr, so the way I retrieve information about the users, after login is somewhat similar, I can use the policy agente with SSO_ONLY set and after the login code the necessary to work like I want!
15:59 fatbloke joined #openam
16:02 aldaris joined #openam
16:10 fatbloke joined #openam
16:15 fatbloke joined #openam
17:06 igorwidl joined #openam
17:08 igorwidl Any idea why static attributes map for remote SP stops working once user profile is set to "Dynamic" from "Required" ?
17:16 igorwidl or maybe some other way to pass static content with "Dynamic" user profile? Remote SP needs corporate account to be passed along with each user id..
17:46 fatbloke1 joined #openam
18:06 aldaris joined #openam
18:12 aldaris chucky: you can use RolesAllowed with Java EE agents
18:12 aldaris you need to set the filter mode to J2EE_POLICY (not SSO_ONLY)
18:14 aldaris igorwidl: check out the attribute mapper used, I suppose you are right, static attribute mapping should work even with dynamic profile mode. Can you file a JIRA bug for that?
18:16 igorwidl sure will do
18:52 fatbloke joined #openam
19:03 chucky aldaris: tks, I will try that!
19:06 chucky aldaris: Do you know some sample on github with this kind of implementation?
19:06 aldaris there is the sampleapp
19:06 aldaris but I believe the EJB integration doesn't really work on that one
19:06 aldaris there is a bug for that in JIRA somewhere
19:16 aldaris joined #openam
19:17 rghose joined #openam
19:46 aldaris joined #openam
20:05 asyd hmm any forgerock team member?
20:05 asyd "This gadget was uninstalled by the administrator. Please delete it from your dashboard.
20:05 asyd on bugster, but it's watched issues gadget !
20:06 aldaris joined #openam
20:06 asyd oh aldaris, just asked a question about bugster
20:07 asyd is there a particular reason the 'watched issues' is disabled?
20:07 aldaris works for me fine
20:07 aldaris I could add that gadget
20:10 asyd i don't have it in gadget directory
20:11 aldaris I've found it under All Gadgets
20:11 aldaris JIRA type
20:12 rghose joined #openam
20:13 asyd wondering if the isMemberOf
20:13 asyd "issue" is fixed
20:14 asyd (about the cache)
20:26 haiji joined #openam
20:26 haiji hello
20:27 haiji i'm wondering if openam is the best solution for implementing sso, we have a bunch of rails apps, and API's. we also want to connect with zendesk and similar services with SSO
20:27 aldaris joined #openam
20:28 haiji as opposed to spring security and other tools
20:28 haiji any tips?
20:29 aldaris Zendesk has SAML support
20:29 aldaris so solving that with AM should be fairly simple
20:30 aldaris depends how you run your rails apps, but if you use an apache module, then I suppose you could use web agents to protect your site
20:35 haiji apache module?
20:36 aldaris like passenger
20:36 haiji ah ok
20:36 haiji well i'm just having doubts. I don't know if AM can handle roles and authorization
20:37 aldaris read the getting started guide at http://docs.forgerock.org/en/openam/11.0.0/getting-started/
20:37 haiji yeah AM covers sso using SAML (that's what we need)  and authentication
20:38 haiji ook, i'll check it out
20:38 haiji thanks
21:30 aldaris joined #openam
21:30 fatbloke joined #openam
21:39 aldaris joined #openam
22:17 aldaris joined #openam
22:31 fatbloke joined #openam
22:45 aldaris joined #openam
22:57 chucky joined #openam
23:31 fatbloke joined #openam

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary