Perl 6 - the future is here, just unevenly distributed

IRC log for #openam, 2016-05-24

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:03 MegaMatt joined #openam
01:48 ilbot3 joined #openam
01:48 Topic for #openam is now Chat about the OpenAM project - https://backstage.forgerock.com/#/downloads - OpenAM 13.0.0 is out! OpenAM 12.0.2 is out! Channel logs at: http://irclog.perlgeek.de/openam/today
06:23 metadaddy_______ joined #openam
06:43 aldaris joined #openam
09:03 HelgeO_ joined #openam
10:56 MegaMatt joined #openam
13:08 emanuelle joined #openam
13:08 emanuelle hi all
13:08 MegaMatt Hi
13:08 emanuelle please help me if you can
13:09 emanuelle i installed openam as in gettingstarted guide
13:09 emanuelle i have apache httpd with 2 virtual hosts
13:10 emanuelle defined 2 policy to rule access to these ulrs
13:10 emanuelle installed 2 webagents (foreach vhost)
13:11 emanuelle but i'm always redirected to the 2nd one
13:12 emanuelle webagent centralized configuration says
13:12 emanuelle To map the partial hostname myserver to myserver.mydomain.com: enter myserver in the Map Key field and myserver.mydomain.com in the Corresponding Map Value field. To map a virtual server rst.hostname.com that points to the actual server abc.hostname.com: enter valid1 in the Map Key field and rst.hostname.com in the Corresponding Map Value field.
13:13 MegaMatt Are you using the 4.0 agent?
13:13 emanuelle but what is valid1 ?
13:13 emanuelle is this a reserved keyword or justa a sample ?
13:13 emanuelle yes
13:13 emanuelle v4
13:17 MegaMatt Another example is if you have multiple virtual servers say rst.hostname.com,
13:17 MegaMatt #   uvw.hostname.com and xyz.hostname.com pointing to the same actual server
13:17 MegaMatt #   abc.hostname.com and each of the virtual servers have their own policies
13:17 MegaMatt #   defined, then the fqdnMap should be defined as follows:
13:17 MegaMatt #
13:17 MegaMatt #   com.sun.identity.agents.config.fqdn.mapping[valid1] = rst.hostname.com
13:17 MegaMatt com.sun.identity.agents.config.fqdn.mapping[valid2] = uvw.hostname.com
13:17 MegaMatt com.sun.identity.agents.config.fqdn.mapping[valid3] = xyz.hostname.com
13:18 MegaMatt and there’s also com.sun.identity.agents.config.fqdn.mapping[invalid_hostname] = valid_hostname
13:18 MegaMatt does that help?
13:21 emanuelle i think i have done it already
13:21 emanuelle what is valid1 ?
13:22 MegaMatt Just a keyword for the map key
13:22 emanuelle ok
13:22 emanuelle fort the key i have used valid 1
13:22 emanuelle for the value, rst.hostname.com instead
13:23 emanuelle is this correct ?
13:23 MegaMatt just like the example above from the bootstrap file
13:23 MegaMatt com.sun.identity.agents.config.fqdn.mapping[valid1] = rst.hostname.com
13:23 MegaMatt just like that
13:24 emanuelle i don't use the local agent file, but a centralized openAM config through the web interface og opeaAM agents
13:25 MegaMatt that’s fine
13:26 emanuelle tkz
13:26 MegaMatt you should be able to see the exported configuration
13:26 MegaMatt from inside the gui
13:26 MegaMatt and it should look right there too
13:26 emanuelle ok
13:26 emanuelle the fqdn checkbox should be enabled to use the map, isn't it ?
13:29 emanuelle excuse me, a question
13:29 emanuelle when installing web agent in apache
13:29 emanuelle as mentioned in man page
13:29 emanuelle agentadmin --s "web-server configuration file, directory or site parameter" \                 "OpenAM URL" "Agent URL" "realm" "agent user id" \                 "path to the agent password file" [--changeOwner] [--acceptLicence] [--forceInstall]
13:30 emanuelle what should be the value of argument realm ?
13:30 MegaMatt whatever realm the agent config is in
13:30 emanuelle i left default value
13:30 emanuelle \/
13:31 emanuelle "/"
13:31 MegaMatt Is the agent config in the root realm?
13:31 emanuelle in the existent top realm
13:31 MegaMatt yeah, that’s / or the root realm
13:32 emanuelle right
13:32 MegaMatt You could create a subrealm, and then you’d need to tell the agent about it
13:32 emanuelle the strange thing is
13:33 emanuelle before configuring web agent
13:33 emanuelle i was correctly redirected to the virtual host i requested
13:34 emanuelle after web agent installation for the first vhost, there was openam filter also for the 2nd vhost
13:35 emanuelle after 2nd web agent installation (for the 2nd virtual host)
13:36 emanuelle all the request are filtered by openam and redirected to 2nd virtual host (1st vhost not accessible)
13:37 emanuelle i don't understand
13:37 emanuelle :O
13:37 MegaMatt sounds like the old agent, how you couldn’t set up the agent per virtual host (diff agent config per virtualhost), but you could protect multiple virtual hosts with the same agent config..
13:38 MegaMatt The 4.0.0 agent supports multiple vhosts
13:41 emanuelle OpenAM Web Agent for Apache Server 2.4.x  Version: 4.0.0  Revision: 16207  Build machine: delacroix  Build date: Nov  5 2015 10:20:15
13:41 emanuelle this is agentadmin -v
13:42 MegaMatt ok. then something else is wacky
13:42 emanuelle i will try using 1 agent/ multiple vhosts
13:43 emanuelle and the maps
13:43 emanuelle right ?
13:44 MegaMatt yes, that sounds more correct from what I recall
13:55 emanuelle it does not work
13:56 emanuelle having just 1 webagent config
13:56 emanuelle and 2 entry
13:56 emanuelle valid1 -> xcv.host.com
13:56 emanuelle valid2 -> asd.host.com
13:56 emanuelle i can access host1
13:57 emanuelle but when i ask host 2
13:57 emanuelle i hav a blank page
13:57 emanuelle which contain "#403x"
14:02 MegaMatt Did you follow this: https://backstage.forgerock.com/#!/docs/openam-web-policy-agents/4/web-users-guide/chap-apache#install-agent-into-apache-vhost
14:29 emanuelle with 1 agent and many vhost it works
14:32 emanuelle thkz for last link
14:33 emanuelle sure i skipped a setting in vhost
14:35 emanuelle bye bye
14:35 emanuelle tkz
15:40 aldaris joined #openam
16:40 aldaris joined #openam
19:24 aldaris joined #openam
21:33 MegaMatt joined #openam
22:23 MegaMatt joined #openam

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary