Perl 6 - the future is here, just unevenly distributed

IRC log for #openam, 2016-07-20

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
01:31 MegaMatt joined #openam
01:48 ilbot3 joined #openam
01:48 Topic for #openam is now Chat about the OpenAM project - https://backstage.forgerock.com/#/downloads - OpenAM 13.5.0 is out! OpenAM 12.0.3 is out! Channel logs at: http://irclog.perlgeek.de/openam/today
05:45 aldaris joined #openam
07:29 aldaris joined #openam
07:56 aldaris joined #openam
10:35 MegaMatt joined #openam
10:43 toon_ joined #openam
10:45 toon_ does openam support realm changes through the API? I've seen how to create one, but is openam already fully setup for multi-tenancy through its APIs?
10:47 aldaris what do you mean?
10:47 toon_ through the GUI its easy to create and change realm specifications, but how is it through the GUI?
10:47 toon_ through the API*?
10:48 MegaMatt I think 13.5 would be good in that area, since it has the XUI
10:48 aldaris what is realm specification
10:49 toon_ well, in the GUI, you start off with one realm (at location "/"), but you can easily create new realms
10:49 toon_ but I wonder how we could automate this for a (mass) multi-tenancy setup via APIs
10:49 aldaris you could always use ssoadm
10:50 toon_ we kind of want it to be REST interfaces
10:50 aldaris 13.5 allows you that
10:50 MegaMatt You can use REST interfaces
10:50 MegaMatt See 13.5 comment above ;)
10:50 toon_ indeed, to create one
10:51 toon_ but I wonder what implications it has to adapt one, is there going to be outage? system restart?
10:54 MegaMatt From my limited understanding, if it has the XUI you can see what the GUI is doing and just do that — since it uses REST itself — so the things you’d do in the GUI would be the same as via REST — as far as implications like restart and such, I don’t know. Most likely there are ways to avoid a restart…
10:54 MegaMatt My suggestion would be to play with it yourself and find out :D
11:04 aldaris if you don't need to restart OpenAM for doing it via XUI, the same will apply to the REST endpoints as well
11:19 toon_ it used to be the case (openam v11) that 2FA could only be enabled on a realm basis, rather than on endpoint basis. Is this still the case?
11:23 aldaris joined #openam
11:26 toon_ do you know, MegaMatt?
11:27 aldaris what is endpoint basis 2fa
11:31 toon_ so for example, if you have a realm at / and you configure 2FA, then every url in the realm will be protected by 2FA
11:31 toon_ what if you just wanted to have one url protected?
11:32 aldaris where url represents a resource where?
11:38 toon_ and the url is for example /test-resource
11:38 toon_ what if I only wanted to protect /test-resource?
11:38 aldaris then you configure a policy that does so
11:39 toon_ okay so then I'm fine :) thanks
14:37 aldaris joined #openam
17:36 aldaris joined #openam
18:07 aldaris joined #openam
18:49 aldaris joined #openam
20:52 aldaris joined #openam
22:46 MegaMatt joined #openam

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary