Perl 6 - the future is here, just unevenly distributed

IRC log for #openam, 2017-02-16

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:10 jelmd strange: just unzipped /tmp/SSOAdminTools-13.0.0.zip and run setup several times, ’til it was happy, but it seems to be pretty picky:
00:10 jelmd Password file /var/tmp/x/.pass needs to be readonly by owner only.
00:10 jelmd but it has 0600 set.
00:10 aldaris 0400
00:11 jelmd oh.
00:11 jelmd Logging configuration class "com.sun.identity.log.s1is.LogConfigReader" failed
00:11 jelmd com.sun.identity.security.AMSecurityPropertiesException: AdminTokenAction: FATAL ERROR: Cannot obtain Application SSO token.
00:11 jelmd com.sun.identity.security.AMSecurityPropertiesException: AdminTokenAction: FATAL ERROR: Cannot obtain Application SSO token.
00:12 aldaris can ssoadm connect to AM? does FW reject such requests?
00:13 jelmd shouldn’t, but checking
00:13 jelmd running it on the same machine BTW
00:13 aldaris that's the only way
00:14 jelmd ah ok. fw log shows nothing, so should be able to connect
00:14 aldaris you haven't set up openam over https, right?
00:15 * jjpp thinks . o O ( curl urls were http and port 8080. )
00:15 jelmd just did the quick install. So not I guess not
00:16 jelmd it is port 50389, correct?
00:16 aldaris that's the embedded DJ
00:16 jelmd ok and 8080 is open
00:18 jelmd do I need to expand the stuff in the same directory, where the autoconfig expanded it?
00:18 aldaris no
00:18 jelmd OK. Just using /var/tmp/x for now
00:18 aldaris at this point in time, I have to give up. need to get some sleep..
00:19 jelmd ok - I’ll try to find it out by myself. Thanx so far 4your help :)
00:20 aldaris joined #openam
00:21 aldaris joined #openam
00:22 aldaris joined #openam
00:22 aldaris joined #openam
00:23 aldaris joined #openam
00:24 aldaris joined #openam
00:43 aldaris joined #openam
01:38 aldaris joined #openam
04:18 jelmd BTW: did not get the ssoadm cmd work - always fails. Just removing the leading dot in $openamconfig/config/xml/* did not work either, so putting <CookieProcessor className="org.apache.tomcat.util.http.LegacyCookieProcessor"/> as a child of hte <Context> element in tomcat/conf/context.xml makes it actually work.
04:45 jelmd and yes, after that the ssoadm command to adjust the cookieDomain can be run successfully as well. Finally CookieProcessor  can be removed from context.xml as well.
07:14 jjpp hm, catch22
07:15 jjpp some of the system parameters can be overriden with -D cmdline (as you overrode debug level..). this one as well, possibly.
09:01 aldaris joined #openam
09:08 KermitTheFragger joined #openam
10:51 aldaris joined #openam
11:44 aldaris joined #openam
12:05 MegaMatt joined #openam
12:15 jelmd ok
12:16 jelmd BTW: any hints, when v14 gets released? Is there an URL, where one can get the current “trunk” as previously for svn based repos?
12:20 jjpp there used to be
12:20 jjpp https://forgerock.org/topic/where-has-the-trunk-gone/#post-14593
12:29 jelmd Hmm, so it is not open source anymore :(
12:31 aldaris joined #openam
12:38 jjpp jelmd: agreed.
12:38 jjpp i understand that developers in fr are not that happy with that either.
12:41 jelmd hmmm. So need to eval other stuff as well :(
12:46 KermitTheFragger jjpp, jelmd: I think we should wait for 14 before jumping to conclusions
12:47 KermitTheFragger i do agree that it is a very concerning move and I don't really see the value of it for Forgerock
12:47 KermitTheFragger besides giving a FY signal to the opensource community
12:48 KermitTheFragger personally I expect it to be business as usual after the 14.0 release
12:49 MegaMatt How do other “enterprise” opensource companies handle trunk access? Like RHEL for example?
12:50 KermitTheFragger MegaMatt: well in case of rhel everything is opensource
12:50 KermitTheFragger they don't have a first class paid version and a second rate community version
12:50 MegaMatt Cool, I really didn’t know - I haven’t tried to download RHEL trunk code ever
12:50 KermitTheFragger for example you can just download the RHEL package sources SRPMS of the RHEL stable version
12:51 KermitTheFragger redhat's model is more based to providing paid support and priority in bug fixing
12:51 KermitTheFragger but the source is open
12:51 KermitTheFragger for all branches, trunk, stable, etc.
12:52 KermitTheFragger also for other products, like their OpenAM alternative, Keycloack (http://www.keycloak.org/)
12:53 KermitTheFragger but i think openam trunk access will be open after the 14.0 release
12:53 KermitTheFragger remember that openam is based on Sun / Oracle's OpenSSO and the CDDL compels them to release the source with the binaries for 14
12:54 aldaris bear in mind that the licence only forces the release of source if the binary is made available
12:54 KermitTheFragger aldaris: true, thats why im not really worried for 14
12:55 KermitTheFragger since i expect the source to be there again
12:55 KermitTheFragger aldaris: i guess hypothetically someone could also download (with a support agreement) download the 13.5.X source from backstage and legally distribute it?
12:56 aldaris I do not know if there is anything in the support contract that prevents one from that (or whether such a restriction could be in place)
12:56 KermitTheFragger or in theory forgerock would be required to distribute the source for the parts they don't fully own
12:56 aldaris but theoretically yes..
12:56 KermitTheFragger but thats a bit license knit picking :-)
12:57 KermitTheFragger like i said i have no insider knowledge but i expect everything to go back as it was after the 14.0 release
12:57 KermitTheFragger im guessing forgerock has some big thing they want to keep under the wraps and unveil with a lot of bang
12:57 MegaMatt I don’t have any clue, but if I had a say, I would follow the example of other major “opensource” companies…
12:58 KermitTheFragger Well obvisouly forgerock owes us nothing. However I do think that a more open approach would help them
12:58 KermitTheFragger for example I like OpenAM
12:59 KermitTheFragger a lot of my friends are consultants and for some reason IAM always comes up in conversations
12:59 KermitTheFragger guess because its a subject, like foorball, you can say a lot about :-)
12:59 KermitTheFragger so in that sense Forgerock benefits from me when Im in an "ambassador" role
13:00 KermitTheFragger large companies will always pay for support. Managers want to cover their behinds
13:00 KermitTheFragger people like me who work in small companies will probably never pay for it simply because we have no budget for it
13:02 * KermitTheFragger will get off his soapbox now :-)
13:02 MegaMatt I think you took the fair stance: Wait to see what happens, and then go from there.
13:50 jjpp hmyeah, (were away, had to consult with some network guys about possibilities of a multisite-loadbalanced-failed-over-does-everything openam-deployment:), which bring us to the original question -- when was the 14 due? :)
13:51 aldaris december originally
13:51 aldaris now it's more like mid March
13:51 MegaMatt “End of Q1” is what I’ve been told
13:52 aldaris the summer/winter release concept will change to a spring/autumn one instead
13:54 jjpp and to the topic.. i imagine that someone estimated that there is a lot of people (like myself) who can compile openam themselves, who might generate fair amount of support-noise and only rarely contribute back. so i imagine that financially and in the short term fr might even be winning.
13:54 jjpp because of people who have tied them in swallowing the pill and trying to get some support agreement.
13:56 jjpp then again, last attempt of getting some quote for the support ended when sales wanted to meet CEO of our client. which was somehow way over the level where the decision would have been made here..
13:57 MegaMatt I’ve met with the sales guys here in the US, that doesn’t sound like what they would do to me.. but who knows the entire situation….
14:07 jjpp yeah, it was a few years ago. and yes, i was not involved in personally. felt like that we wanted to get the estimate of the support contract and "they" wanted to see how big of a company "we" are, so that they could give us as big number as possible. :)
14:08 jjpp and .. ultimately it died off somewhere there because the (our) big wigs had no time for us.
14:21 auke- joined #openam
14:46 KermitTheFragger joined #openam
15:26 KermitTheFragger joined #openam
16:39 KermitTheFragger jjpp: yeah I understand what your saying. Personally I really don't like it when companies don't list their prices on their website for software (unless its some really niche product).
16:39 KermitTheFragger always gives me that feeling that im about to be ripped off....
16:39 KermitTheFragger i mean, c'mon, even Oracle has a pricelist ;-)
19:45 KermitTheFragger joined #openam
19:56 aldaris joined #openam
20:31 aldaris joined #openam
22:01 jelmd KermitTheFragger: yepp. feeling the same. And if trunk would be avail, I would have switched to eval this one, because 13.x seems to be pretty buggy (from what I can tell so far). And developers probably hate to waste time for discussing bugs, which are already fixed …

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary