Perl 6 - the future is here, just unevenly distributed

IRC log for #openam, 2017-10-09

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
01:55 ilbot3 joined #openam
03:15 ramteid joined #openam
05:33 aldaris joined #openam
06:00 aldaris joined #openam
07:32 aldaris joined #openam
10:11 aldaris joined #openam
11:13 ramteid joined #openam
12:35 aldaris joined #openam
13:21 gbuxton1 joined #openam
13:22 gbuxton1 left #openam
14:55 galli joined #openam
14:55 galli Hello all
14:56 aldaris hi
14:58 galli Is there any way in OpenAM to use HTTP-POST binding for SSO (e.g.)
14:58 galli http://www.url.com:80/openam/SSOPOST/metaAlias/myrealm/
14:58 galli that I would like to use particular authentication chain ?
14:59 galli I have been hitting my head on the wall for hours without finding any resource talking about it
14:59 galli it is usually just with REST Api
14:59 aldaris do you want SAML to be part of an authentication chain?
14:59 galli yes
15:00 aldaris then use the SAML integrated module
15:00 galli but how can I specify on SP side (e.g. with Picketlink) which chain should be used?
15:01 galli I want several different chains to have SAML and just that in the authentication chain
15:02 aldaris but if your SP is not an OpenAM, then how would you do that? Sounds like instead you want to have an OpenAM IdP that displays some customized authentication chain instead
15:02 galli but different settings for the loginurl
15:02 galli OpenAM is the IDP that receives the request from an external SP
15:03 galli as a service I am calling the OpenAM idp calling the Single SignOn Service via POST using
15:03 galli http://www.url.com:80/openam/SSOPOST/metaAlias/myrealm/
15:03 galli but I don't know how to specify which chain for the specific realm should be used
15:04 galli when making the POST call
15:04 aldaris have a read of the SAML spec then
15:04 aldaris RequestedAuthContext is your friend
15:04 galli checking into that, thanks :)
15:04 galli so it is a configuration on SP end, correct?
15:05 aldaris both
15:05 aldaris you will need to map authncontexts to authentication methods on the idp
15:06 aldaris but you will also need the sp to request actually existing contexts
15:08 galli yes, obviously
15:08 galli point now is how to request specific contexts in Picketlink
15:08 galli checking this out
15:08 galli thanks a lot, was not expecting such a prompt reply
16:29 galli joined #openam
17:12 aldaris joined #openam
17:58 aldaris joined #openam
18:43 aldaris joined #openam
19:10 aldaris joined #openam
19:43 aldaris joined #openam
21:55 aldaris joined #openam

| Channels | #openam index | Today | | Search | Google Search | Plain-Text | summary