OpenAM | Mirror of https : //stash.forgerock.org/projects/OPENAM/openam

Some time ago I implemented a CustomCharacterEscapeHandler and it worked fine up-to Wildfly-18.0.1. Now when updating to Wildfly 19 or higher I get the following exception:

I'm trying to integrate OpenAM Saml SSO to my .net 5 application. ITfoxtec.Saml2 is used to handle the authentication on the SP. When trying to login, a valid post samlResponse is send. But when validating the response, I get following exception.

I am learning the OAuth2 authorization code flow.

• I have my own Authorization Server (AS) which is OpenAM 7.1.
• The Client is a simple Spring-Boot web application with a static HTML page, I use Spring-Security to protect the HTML page and control the Oauth2 flow.

I think that my Authorization Server configuration is correct because AS produces the access_token at the end when I simulate the communication with CURL. But somehow Spring-Security does not want to accept the issued and validated access token. So I think that my Spring-Security configuration is not correct.

I tried to configure Spring-Security in many different ways, but unfortunately, none of them was working. Maybe I need to implement the steps that I execute with CURL with Spring-Security, but maybe I just missed a configuration line.

This is the last step of my CURL chain where AS gives me the access token (exchange the authorization code for an access token):

I am executing a chain of curl commands:

1. I need to echo the command before the execution.
2. Execute the command and save the result to a bash variable.
3. Get values from the result of the execution and execute the next curl with that values.

This is how it looks like:

The program goes through the days and prints the opening and closing hours for each day. On saturday the situation is different, there is no PM times. So by using ?? I thought the program could switch to the second sentence as on Saturday {openPM} and {closePM} are undefined,but it does not work.

I have a table where it holds some duplicate entries, I would like to copy over the distinct entries to another table with out looping the data. I need to check if the distinct data exists in other table and insert what ever is missing. Here is the query I am writing, I feel like it can be implement better

I am trying to build the OpenAM from source.

My System Config : OS : elementary OS (5.1.7 Hera) Kernel : 5.4.0-74-generic Java: java-15 (JAVA_HOME=/usr/lib/jvm/java-15-oracle) Apache Maven 3.6.0

I cloned the repository and run the command mvn install -f OpenAM. While building I first got the error

My problem is that I want to configure Openam so that it returns a JWT-token when I use The simplest user name / password authentication. By default, it returns tokenId. But in my case, I need only JWT-token. I am using this endpoint for authentication: http://openam-01.domain.com:8080/openam/json/authenticate.

Thx!

Question: How to create a web policy agent in OpenAM given that the server URL, which OpenAM runs on, has a not fully qualified hostname?

Initial situation: For a Prove of concept (POC), I emulate a server structure using docker. I have an apache webserver as a resource server (docker container), an OpenAM docker container for the access management, and a flask web app running in a third container as the client. I configured OpenAM via the GUI. Sofar my flask app can authenticate, request, and retrieve access tokens using simple requests as specified here. However now I also want to protect the apache resource server. For the start without flask and simply by installing an OpenAM Web Policy Agent on the apache webserver and configuring a web policy agent profile in OpenAM following this official ForgeRock guide.

Problem: When configuring the agent profile in OpenAM using the GUI the OpenAM container's domain name http://openam:8080/openam is not accepted as a valid server URL.

If I use instead e.g. http://openam.local:8080/openam the error does not show.

What I tried so far:

1. I added an Nginx container that functions as a reverse proxy and used it to change the container's hostnames to .local. Now I can reach the containers e.g. via http://openam.local:8080/openam and http://apache.local:8080. However, when I now access the OpenAM GUI using http://openam.local:8080/openam, enter the default passwords, and press Create Configuration the configuration fails with the following message:
2. Unable to solve the problem from (1) I figured that I recall the Nginx setup and instead try to configure the agent profile using the command line - in the hope that the above error Hostname of server URL is not fully qualified is restricted to the GUI. For the setup via the command line there existed the easy command ./ssoadm create-agent ... as descript here. But ssoadm was deprecated in favor of Amster and I am unable to figure out how to configure the agent policy using Amster.