Perl 6 - the future is here, just unevenly distributed

IRC log for #openam, 2014-09-15

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:06 dean|away joined #openam
04:56 ramteid joined #openam
05:45 tsmalmbe joined #openam
05:57 bthalmayr joined #openam
06:24 tsmalmbe1 joined #openam
07:20 aldaris joined #openam
07:38 pfreixes joined #openam
07:41 fatbloke joined #openam
08:51 pfreixes joined #openam
09:00 KermitTheFragger joined #openam
09:30 aldaris joined #openam
09:43 kala aldaris: we have certificate authentication working for simpler cases. load balancer forwards the cert in HTTP header and everything is ok
09:43 aldaris Good morning
09:43 kala however, when we do certificate authentication with existing session, the OpenAM complains that it doesn't get the certificate
09:43 kala yes. morning :)
09:43 asyd morning
09:44 kala it seems that with existing session, the http request is handed to OpenAM differently and the original HTTP header gets lost
09:44 kala I had to add the DAUI servers to the "Trusted Remote Hosts" field of the Cert module
09:44 aldaris so this is with DAS?
09:44 kala and we have the openam.remoteauth.include.reqres=true
09:44 kala yes. DAS
09:45 aldaris so the DAS receives the cert in a header?
09:45 kala yes
09:45 aldaris did you make sure that the header is copied when the DAS proxies the request to the other DAS?
09:45 kala no. how do I make sure that?
09:46 aldaris by reading the documentation :)
09:46 kala or is this load balancer problem?
09:46 aldaris there are also settings in the DAS config file
09:46 kala uh. docs. right
09:46 aldaris http://openam.forgerock.org/openam-docum​entation/openam-doc-source/doc/webhelp/i​nstall-guide/handle-request-headers.html
09:47 kala ok. thats new
09:47 * kala reads
09:48 kala ok, let me try that
10:00 kala aldaris: thanks. does you local pub has some kind of "beer gift certificate" service? :)
10:01 kala I rememberd that in the old 9.5 days there used to be the option "openam.remoteauth.include.reqres=true", but I was'nt aware of the new ones
11:17 aldaris not sure if such a pub exists, but that would be a lovely "feature" :)
11:54 fatbloke joined #openam
11:54 fatbloke1 joined #openam
12:36 pfreixes joined #openam
13:38 auke- joined #openam
13:48 bthalmayr joined #openam
14:12 ramteid joined #openam
18:41 aldaris joined #openam
18:42 pfreixes joined #openam
19:35 aldaris joined #openam

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary