Perl 6 - the future is here, just unevenly distributed

IRC log for #openam, 2014-07-11

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
01:17 MegaMatt joined #openam
01:56 ibenox joined #openam
01:56 _br_ joined #openam
01:56 auke- joined #openam
01:56 tsmalmbe joined #openam
01:58 metadaddy joined #openam
01:58 Hunger-- joined #openam
01:58 jjpp joined #openam
01:58 roysjosh joined #openam
01:58 palt joined #openam
01:58 asyd joined #openam
01:58 reflecti` joined #openam
02:00 metadaddy joined #openam
02:05 dean joined #openam
02:05 GLHMarmot joined #openam
02:06 MegaMatt joined #openam
04:55 ramteid joined #openam
06:50 jamiebowen joined #openam
07:00 jamiebowen joined #openam
07:06 rghose joined #openam
07:20 bthalmayr joined #openam
07:29 tsmalmbe joined #openam
08:28 aldaris joined #openam
08:35 rghose hey all!  have a query regarding agents, does Openam initiate a logout request to all agents when logout is done ?
08:35 fatbloke joined #openam
08:35 rghose or does the agent get to know about this when the next request is made and the token is marked as expired
09:01 rghose joined #openam
09:47 rghose1 joined #openam
10:12 mkulke joined #openam
10:31 aldaris joined #openam
10:46 rghose joined #openam
10:51 rghose1 joined #openam
11:01 MegaMatt joined #openam
11:03 rghose joined #openam
11:08 rghose hey one query, does openam allow / deny logins when the data store (or promary data store) is down? is there any way to allow all logins if that is the case ? (for certain agents)
11:09 aldaris NO
11:09 rghose Hm, failover data stores ?
11:10 aldaris failover is possible of course
11:10 rghose yeah so if one did not work, it would use the other one
11:10 aldaris well that's what failover is…
11:14 rghose yeah well
11:15 rghose even if the authentication fails it would check the second datastore I assume
11:15 aldaris which authentication module are you using?
11:20 rghose Active Directory
11:21 aldaris then you should configure both the auth module and the data store for failover
11:29 asyd morning
11:29 rghose Auth module, meaning the chain ?
11:29 asyd it is possible - only by code I guess - to add extra attributes in the SAML assertion but based on the SP?
11:37 danielmain joined #openam
11:41 danielmain hello, is an openam-agent for Node.js planned or already there?
11:43 rghose joined #openam
11:48 MegaMatt there’s no current node agent, as far as I know
11:49 MegaMatt Is there a node web server that is … fully functional?
11:50 MegaMatt You could probably just use some sort of apache proxy with agent in front of the node server
11:52 danielmain I thought about making a proxy, but if you have something out of the box I would prefer that
11:52 danielmain anyway thank you for your answer ;)
12:02 rghose hey anyway other than writing a java file to create a  post auth plugin ?
12:05 rghose maybe by changing the jsp files in the war
12:16 aldaris just write the plugin
12:31 shljad joined #openam
12:35 shljad Q: a minor but slight confusing discrepancy.  The bundle of ssoadm tools in OpenAM 11.0.1 (in zip file SSOAdminTools-11.0.1.zip) reports this version string when installed...
12:35 shljad OpenAM OpenAM 10.0.1 (2012-December-13 15:43)
12:36 shljad I was debugging an issue yesterday with ssoadm that turned out to be related to a bug about ssoadm not picking up changes to site/server config till openam was restarted...and that bad version string sent me down a dead end for a bit, thinking we had the wrong ssoadm tools installed (which we didn't)
12:37 MegaMatt File a bug ;)
12:37 aldaris there is already a bug for that
12:38 aldaris ssoadm uses the ~/openam/.version file or ~/openam/openam/.version file
12:38 shljad I looked for it, but didn't see it.
12:38 aldaris https://bugster.forgerock.o​rg/jira/browse/OPENAM-3270
12:38 aldaris this causes ssoadm to report incorrect version
12:38 aldaris you've upgraded your openam from 10.0.1 most likely ;)
12:38 shljad ayup.
12:39 aldaris good to see you are looking into AM again, Susan :)
12:39 shljad Sez you, Peter :-)  I just fell into this because Josh took a much deserved vacation this week...
12:44 shljad I just added a comment to that ticket to indicate that as a side effect of this bug, sspadm -V might report the wrong version.
12:45 aldaris but if you look at the openam/bin/ssoadm shell script and watch closely you'll see the version number as a JVM property ;)
12:46 shljad Related Q: ssoadm will continue to live on in OpenAM 12, as I recall, even after the big movement to the new C-REST tooling and the new scripting support (Groovy? Javascript? forget exactly the details which I heard at the IRM)?  It will no longer be preferred, but it will still exist, yes?
12:46 aldaris it will not disappear
12:47 aldaris the CREST resources are not covering the SMS configuration at the moment
12:47 aldaris so there is no replacement for configuration management yet for JAX-RPC and direct LDAP connections..
12:47 aldaris 13 will most likely have CREST endpoints for config management
12:48 aldaris 12 only manages policies/entitlements through CREST
12:48 shljad SMS of course being not text messages, but whatever OpenSSO back in the day called SMS :-)
12:48 aldaris and we are hoping to have a nice policy editor, so that we can throw away the old one
12:48 aldaris Service Management Service or something like that :)
12:49 shljad yeah, I remember looking for that acronym at one point years back, because it caused me some cognitive dissonance
12:49 MegaMatt Yeah, I’m looking forward to the policy changes
12:49 aldaris finally entitlement applications will actually have a meaning
12:50 shljad I see what you mean about the version property in the ssoadm script. I look forward to the day when the string "iplanet" no longer appears anywhere :-)
12:50 aldaris good luck with that :D
12:50 aldaris we still have DSAME :)
12:51 shljad I was playing with iPlanet related software when my son was 3...and now he's 19.  Time to let it go, right?
12:55 rghose any idea why this might happen? The following artifacts could not be resolved: org.forgerock.openam:amserver:jar:11.0.0, ...
12:57 aldaris you should read the replies to your mailing list queries
12:59 MegaMatt https://wikis.forgerock.org/confluence​/display/openam/Using+Maven+and+OpenAM
13:01 rghose thx :)
13:04 rghose -DarchetypeVersion=11.0.0-SNAPSHOT ?
13:04 aldaris svn co https://svn.forgerock.org/openam/trunk​/community/extensions/mavenquickstart/ ; cd mavenquickstart; mvn clean install
13:05 aldaris and then you could use the 12.0.0-SNAPSHOT version for the archetype, since that is defined in https://svn.forgerock.org/openam/trunk/com​munity/extensions/mavenquickstart/pom.xml
13:05 fatbloke joined #openam
13:05 rghose ok, so 12 would work would OpenAM 11 ?
13:05 rghose 11.0.0
13:06 aldaris you would get the quickstart against 12.0.0-SNAPSHOT
13:06 aldaris but then you could look at the generated POM
13:06 aldaris modify it back to 11.0.0
13:06 aldaris and live happily after
13:21 rghose joined #openam
13:27 rghose1 joined #openam
13:39 rghose joined #openam
14:42 danielmain left #openam
17:21 aldaris joined #openam
17:40 auke-_ joined #openam
18:23 aldaris joined #openam
19:51 rghose joined #openam
20:08 aldaris joined #openam
21:14 aldaris joined #openam
21:47 aldaris joined #openam
22:30 aldaris joined #openam
23:23 aldaris joined #openam

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary