Perl 6 - the future is here, just unevenly distributed

IRC log for #openam, 2015-10-06

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
03:59 ramteid joined #openam
05:03 GrosSeb joined #openam
05:04 noisebleed joined #openam
05:05 lazzurs joined #openam
06:13 aldaris joined #openam
06:35 KermitTheFragger joined #openam
06:37 ovix joined #openam
06:40 ovix joined #openam
08:35 ovix joined #openam
08:52 ovix joined #openam
08:58 ovix joined #openam
09:08 Newerth joined #openam
09:08 Newerth hello
09:08 Newerth I came to ask for your help. :)
09:09 Newerth I'd like to deploy OpenAM to maintain user sessions between applications with SAML2 support.
09:09 Newerth The OpenAM server is behind nginx on a different machine.
09:11 Newerth On nginx I created a context mysite.com/openam pointing to the OpenAM instance.
09:12 Newerth Then I set up the OpenAM's Tomcat so that it knows it's behind a proxy.
09:12 Newerth This way I can get to the login dialog while staying in the mysite.com/openam context.
09:13 Newerth However, the user credentials do not work there.
09:13 Newerth They work only if I access the OpenAM machine directly.
09:14 Newerth Is there anything I am obviously doing wrong?
09:14 aldaris sounds like 12.0.0?
09:14 Newerth yep
09:15 aldaris OPENAM-5304?
09:17 Newerth That looks familiar. :)
09:17 Newerth Thank you. I'll try out the workaround.
09:39 aldaris joined #openam
09:45 Newerth Hmm.... no. That wasn't it. I am preserving the header. If I don't set any proxy info in the Tomcat at all, I keep getting redirected to https at 80. If I set the proxy to be the machine with OpenAM, the credentials work, but I keep getting redirected outside the mysite.com/openam context. If I set the proxy to be mysite.com/openam, all the credentials stop working. I guess there's some setting keeping them from being valid outside a
09:45 aldaris joined #openam
09:46 Newerth @aldaris: That wasn't it. I am preserving the header. If I don't set any proxy info in the Tomcat at all, I keep getting redirected to https at 80. If I set the proxy to be the machine with OpenAM, the credentials work, but I keep getting redirected outside the mysite.com/openam context. If I set the proxy to be mysite.com/openam, all the credentials stop working. I guess there's some setting keeping them from being valid outside a g
09:47 aldaris then it's more along the lines of realm handling, i.e. OPENAM-5508, OPENAM-5999/OPENAM-6000
09:59 aldaris joined #openam
10:02 Newerth @aldaris: Thank you a lot! It's the OPENAM-5508 bug.
10:53 ovix joined #openam
11:14 ovix joined #openam
11:19 MegaMatt joined #openam
11:52 aldaris joined #openam
12:06 mckeanbs joined #openam
12:10 ovix joined #openam
12:11 aldaris joined #openam
12:30 us3r777 joined #openam
12:33 ovix joined #openam
12:44 us3r777 Hi
12:44 us3r777 I'm trying to figure out the algorithm used to hash the amadmin password.
12:44 us3r777 I found the hash in services.sunIdentityRepositoryService.​1.0.GlobalConfig.default.users.amAdmin
12:44 us3r777 It is a base64 encoded string. Once decoded, the output is 43 bytes long.
12:51 MegaMatt I think the ampassword utility will probably give the clues
12:54 MegaMatt It uses am.encryption.pwd to encode
13:19 us3r777 Using the am.encryption.pwd present in my ldif file, is there a simple way to decrypt my userPassword value ?
13:20 MegaMatt From what I recall, the easiest way to change the password is to just encrypt a new one and replace it.
13:20 us3r777 Because i'm trying to follow the java classes to understand the encryption decryption mechanism with no result at the moment
13:22 us3r777 Yes but i'm doing a security audit, i don't want to set a new password. I want to try to break / recover existing passwords to give recommandations on their strength
13:25 MegaMatt Eh, yeah - you’re probably on your own then
13:45 ovix joined #openam
14:25 aldaris joined #openam
16:28 aldaris joined #openam
16:46 ovix joined #openam
16:57 aldaris joined #openam
17:43 aldaris joined #openam
17:52 us3r777_ joined #openam
17:59 us3r777 joined #openam
18:10 ovix joined #openam
19:17 Reepicheep joined #openam
19:32 ovix joined #openam
19:53 ovix joined #openam
20:14 ovix joined #openam
20:16 ovix_ joined #openam
20:45 kala_ joined #openam
21:24 aldaris joined #openam
21:41 MegaMatt joined #openam
22:37 aldaris joined #openam
23:01 aldaris joined #openam

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary