org.forgerock / org.forgerock.openam

13 Nov, 2013

4 commits

  • 3df70500   Fix for OPENAM-3189 - review: FR-4 ... Browse Dir » 
    SP Adapter is now invoked when the IdP Proxy sends the proxied SAML
request.

git-svn-id: https://svn.forgerock.org/openam/trunk@7280 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
    peter.major
     
  • 7c359dd0   Fix for OPENAM-3190 - review: FR-4 ... Browse Dir » 
    New extension point for IdPAdapter that makes it possible to modify the
SAML response before it's sent out.

git-svn-id: https://svn.forgerock.org/openam/trunk@7278 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
    peter.major
     
  • 080c758b   Fix for OPENAM-1012 - review: CR-2255 ... Browse Dir » 
    The SLO code has been adjusted to cope with situations of having different
sets of supported SLO bindings, and also handle the case when there is no
"appropriate" binding for the current SLO process.

git-svn-id: https://svn.forgerock.org/openam/trunk@7274 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
    peter.major
     
  • f3c3492d   Fix for OPENAM-2922 - review: CR-2244 ... Browse Dir » 
    The SP initiated SLO process has been modified to only try to send SLO
request with the SP the session is currently associated with.
Also made a small adjustment to the code so failing to invalidate the local
session no longer results in a logout error.

git-svn-id: https://svn.forgerock.org/openam/trunk@7271 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
    peter.major
     

08 Nov, 2013

1 commit

11 Oct, 2013

1 commit

03 Oct, 2013

2 commits

02 Oct, 2013

1 commit

  • f1db7289   Fix for OPENAM-3087 - review: CR-2406 ... Browse Dir » 
    This one turned out to be issue with the input data. The SAMLAdapter
expected the expiration date in _seconds_, but instead milliseconds were
provided, and this resulted in quite a time difference.

git-svn-id: https://svn.forgerock.org/openam/trunk@6751 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
    peter.major
     

25 Sep, 2013

2 commits

15 Sep, 2013

1 commit

04 Sep, 2013

1 commit

31 Aug, 2013

1 commit

19 Aug, 2013

1 commit

17 Aug, 2013

1 commit

15 Aug, 2013

3 commits

  • 433de877   Integrating AME-2372 branch part III: ... Browse Dir » 
    * Removing obsolete code
* Moving lockhart to console
* Separating out configurator and upgrade tool from openam-core
* Moving LDIF files to their correct location
* Removing unnecessary files
* Fixing component builds after removing openam-locale
* Updates based on review comments

git-svn-id: https://svn.forgerock.org/openam/trunk@6286 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
    peter.major
     
  • 7a997bff   Integrating AME-2372 branch part II: ... Browse Dir » 
    * Moving resources to their correct locations

git-svn-id: https://svn.forgerock.org/openam/trunk@6285 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
    peter.major
     
  • 2684d91a   Integrating AME-2372 branch part I: ... Browse Dir » 
    * Use commons-lang 2 consistently, and remove commons-lang3
* Remove JMQ/JMS dependencies
* Removing backport-util-concurrent
* Aligning license headers
* Moving amadmtools to openam-core for now (it may be extracted in the
future, when all the CLI tools have their own modules)
* Consolidating POMs

git-svn-id: https://svn.forgerock.org/openam/trunk@6284 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
    peter.major
     

08 Aug, 2013

1 commit

  • a6ff71f6   Integrating AME-1809 / AME-2156 branch ... Browse Dir » 
    This merge also includes changes for:
* short reports were always generated when clicking on an actionlink, even
though the report isn't actually displayed.

* Implementation of OPENAM-1630
SAML2 metadata signatures are now compliant with the specification.
Within this change two new realm level option has been introduced:
metadataSigningKey
metadataSigningKeyPass
These will tell OpenAM which private key to use for signing the SAML2
metadata. In case the SAML entity is remote, OpenAM will try to maintain
the original XML signature (if present), otherwise it will be signed with
the configured key.

* Fixing minor bug with configurator in case the system is already upgraded.
The problem was that the request for upgrade.htm resulted in a redirect
which has been automatically followed, so the final response code was 200,
and that confused the configurator.

* Fix for OPENAM-2710

* Fix for OPENAM-2064
Dashboard service has been extracted to a separate LDIF file and the schema
is now available for all supported data store types.

git-svn-id: https://svn.forgerock.org/openam/trunk@6187 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
    peter.major
     

04 Aug, 2013

1 commit

  • 9e42a5fc   Fix for OPENAM-2134 ... Browse Dir » 
    Adding extra null check to handle the case when the original AuthnRequest
did not contain a NameIDPolicy element.

git-svn-id: https://svn.forgerock.org/openam/trunk@6122 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
    peter.major
     

28 Jul, 2013

2 commits

  • 36f87d33   Small fix-up for OPENAM-1180 ... Browse Dir » 
    git-svn-id: https://svn.forgerock.org/openam/trunk@6028 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
    peter.major
     
  • e5872056   Fix for OPENAM-1180 - review: CR-1957 ... Browse Dir » 
    The solution involved following changes:
* changed the way the login URL is being saved for forwarded request, now
we only save the forwarded request parameters, hence the originally used
parameters (like SAMLRequest) are no longer saved
* changed the SAML redirectAuthentication implementation to include some
extra request parameters for the goto URL, this way we can ensure that we
can send back a SAML error response to the SP even when the AuthnRequest is
no longer available.
* In case the AuthnRequest is not available (by any means) now we send back
a SAML error response to the SP instead of showing an HTTP-500

git-svn-id: https://svn.forgerock.org/openam/trunk@6027 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
    peter.major
     

22 Jul, 2013

1 commit

16 Jul, 2013

1 commit

12 Jul, 2013

1 commit

01 Jul, 2013

1 commit

24 Jun, 2013

1 commit

20 Jun, 2013

1 commit

06 Jun, 2013

1 commit

  • 6a516298   Fix for OPENAM-1934 - review: CR-1009 ... Browse Dir » 
    Modified the handling of passive authentication requests, this way it is
possible to interrupt the passive AuthnRequest handling and still send back
an appropriate SAML response.
An example use-case would be to redirect the request away to a remember me
authentication module, so you get authenticated with a cookie during just a
simple passive request instead of returning a NoPassive response.

git-svn-id: https://svn.forgerock.org/openam/trunk@5488 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
    peter.major
     

29 May, 2013

1 commit

  • f755dddf   AME-804: (CR-1483) Implement new token storage format ... Browse Dir » 
    AME-259: (CR-1751) CTSv2 scale to 2000 sessions/sec

Upgraded the Core Token Services to v2 with a more generalised token storage format. This cover all Core Token Service areas including Sessions, SAML Tokens and OAuth Tokens. New LDAP schema is included which fits into the previous schema. Performance testing of implementation finds its performance to be acceptable with the possibility of further tuning later.

git-svn-id: https://svn.forgerock.org/openam/trunk@5405 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
    rwapshott
     

25 May, 2013

1 commit

24 May, 2013

2 commits

15 May, 2013

1 commit

15 Apr, 2013

1 commit

18 Mar, 2013

1 commit

14 Mar, 2013

1 commit

10 Mar, 2013

1 commit

22 Feb, 2013

1 commit