Perl 6 - the future is here, just unevenly distributed

IRC log for #openam, 2014-06-26

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
02:14 tsmalmbe joined #openam
04:50 ramteid joined #openam
05:10 Groc joined #openam
05:18 pfreixes joined #openam
06:34 Groc joined #openam
07:35 aldaris joined #openam
08:16 bthalmayr joined #openam
08:27 hos001 joined #openam
08:48 hos001 joined #openam
08:49 rghose1 joined #openam
08:50 rghose1 hey all, does authenticating with the REST api set the domain cookie as well ?
08:50 aldaris no, it's a REST API, which should be more or less stateless
08:52 rghose1 so which basically means, SSO will not work ?
08:52 aldaris SSO with what?
08:53 rghose1 but will work with the token-id
08:53 rghose1 sso with web agent
08:53 rghose1 the web-agent requires cookies right ?
08:53 aldaris make up your mind, do you want to use REST or agent?
08:53 rghose1 Both?
08:53 rghose1 some applications will run on agent
08:53 aldaris if you know how cookies work, then you can still achieve SSO between them
08:53 rghose1 and some use REST
08:54 aldaris cdsso is a lot more difficult with REST, because that will most likely mean that on AM's domain there is no cookie
08:55 rghose1 the way I am doing it is: use rest + redirection to Openam for setting the cookie
08:55 rghose1 REST is used for other stuff, like user attributes and all
09:04 rghose1 btw, where can I check for default timeout of the cookie ?
09:04 rghose1 and change it as well ?
09:04 rghose1 can this be done on a realm level ?
09:05 aldaris OpenAM creates session cookies, they don't have expires/maxage flag…
09:06 rghose1 how is it tracked then how long is the user valid ?
09:07 aldaris I would guess: on the server side? Having a valid session as long as the cookie value is presented seems a bit "interesting" approach for security
09:09 rghose1 yeah on OpenAM side
09:10 rghose1 so what I am trying to understand is that, since this is a session cookie, it is valid till the cookie value is presented right?
09:10 rghose1 but OpenAM also has checks regarding the validity of the token
09:10 rghose1 as to how long it is valid
09:10 rghose1 For e.g., I can see on my particular deployment it is around 2 hours
09:10 rghose1 how can one change that ?
09:11 rghose1 and can that be changed on a realm level as well
09:16 rghose1 aah found it
10:25 aldaris joined #openam
14:25 aldaris joined #openam
14:54 fatbloke joined #openam
16:35 ramteid joined #openam
17:36 aldaris joined #openam
17:42 aldaris joined #openam
18:10 aldaris joined #openam
18:43 hos001_ joined #openam
18:47 hos001_ joined #openam
18:47 aldaris joined #openam
18:47 ramteid joined #openam
18:47 hos001 joined #openam
18:47 Hunger- joined #openam
18:47 GLHMarmot joined #openam
18:47 roysjosh joined #openam
18:47 ibenox joined #openam
18:47 jjpp joined #openam
18:47 _br_ joined #openam
18:47 dean|away joined #openam
18:47 auke- joined #openam
18:47 palt joined #openam
19:18 hos001 joined #openam
19:18 tsmalmbe joined #openam
20:18 hos001 left #openam
21:21 aldaris joined #openam
23:50 MegaMatt joined #openam

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary