Perl 6 - the future is here, just unevenly distributed

IRC log for #openam, 2015-09-08

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
04:52 ramteid joined #openam
06:47 aldaris joined #openam
08:14 noisebleed joined #openam
10:43 kala__ joined #openam
10:48 kala__ hello. I would like to discuss the section "13.5. Configuring OpenAM as (OAuth2) Authorization Server & Client" (https://backstage.forgerock.com/#!/docs/openam/11.0.0/admin-guide/chap-oauth2#oauth2-client-plus-authz)
10:48 kala__ I don't quite understand what is the role of the "OAuth2 module instance"
10:52 kala__ I read that the OAuth2 module is specified as the default authentication module for the policy agent and "This ensures that the policy agent directs the resource owner to OpenAM with the instruction to authenticate using the OAuth2 authentication module.", however, I don't understand in this case, how can I authenticate users with other authentication modules?
11:00 kala__ hmm ... I need to specify the "Authentication Endpoint URL" with the 'module' and 'service' parameters?
11:00 kala__ this is the actual service, which is going to authentication user?
11:01 kala__ "which is going to authenticate the user"
11:34 kala__ also, in this example ... what actually happened after the user gave the authorization to scope "cn" ... was the J2EE agent able to verify that the OAuth2 token was issued with that scope?
11:38 kala__ I mean, how do I specify in the agent configuration that tokens with scope "mail" shouldn't be permitted to access the resource and tokens with scope "cn" should be permitted?
11:51 kala__ well, it seems that one doesn't specify it in the agent configuration, but in the general policy. However, there doesn't seem to be options to build use the scope values in the conditions.
11:54 kala__ aha, Mark says that it's in the nightly builds for the 13.0
11:54 kala__ "OAuth 2.0 scopes as conditions for OpenAM policies" - https://forgerock.org/2014/11/openam-oauth-2openid-connect-features/
12:04 mckeanbs joined #openam
12:23 MegaMatt joined #openam
12:42 noisebleed joined #openam
13:17 balo joined #openam
14:52 Reepicheep joined #openam
16:54 aldaris joined #openam
18:54 aldaris joined #openam
19:20 a77 joined #openam
19:28 mckeanbs joined #openam
19:29 a77 hi! openam 12 is not open(source) for commercial use anymore? are 10 and 11 using same license?
19:31 MegaMatt The source code is licensed under CDDL, the binary is licensed under the binary license...
19:53 a77 got it. let's  build...
19:53 jjpp MegaMatt: btw, if I take forgerock compiled binary and then alter it (eg. change jsps that are used to build login pages etc), is it still under binary license? (probably is but I have no wish to go and check at the moment and perhaps you know from the top of your head)?
19:54 MegaMatt I believe that’s still binary license - you took the binary as your base
19:55 MegaMatt You would have to build from source to be under cddl
19:55 jjpp okay, sounds reasonable.
19:55 MegaMatt IANAL though, obviously
19:55 jjpp fortunately we patch and alter openam and therefore we have to build it by ourselves anyway.. :)
19:56 MegaMatt Still worth it to get a license, imo - then you can have aldaris sanction your patches ;)
20:00 jjpp every now and then the topic comes up. we really should upgrade our opendjs etc. but it is not clear how much money the client would spend on it and fr sales people wanted to meet with the board members of client if i understood correctly (and that is unlikely to happen as of now, afaik. then again, things may change quickly here)
20:01 jjpp sales people wanted to meet before they will give any indications, that is
20:02 MegaMatt Do you know who the sales rep is?
20:03 jjpp kala__ should know, he was the one who was dealing with it, afaik.
20:03 jjpp i was out of the loop (fortunately:)
20:03 MegaMatt unfortunately ;)
20:05 jjpp i'll try to ask him tomorrow -- or he can come and say it by himself. and perhaps there have been developments that i am not aware of..
21:50 MegaMatt joined #openam

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary