04 Feb, 2014
1 commit
-
Modified relaystate validation logic for SLO cases to handle the scenario when the metaAlias is not available in the URL. git-svn-id: https://svn.forgerock.org/openam/trunk@7971 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
07 Jan, 2014
2 commits
-
Escaping the Recipient attribute's value in a SAML 1.x response. git-svn-id: https://svn.forgerock.org/openam/trunk@7709 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
-
git-svn-id: https://svn.forgerock.org/openam/trunk@7698 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
14 Dec, 2013
1 commit
-
Modified the NameIdentifierMapper interface so it now receives the NameIDFormat value directly instead of using a session property as transport. git-svn-id: https://svn.forgerock.org/openam/trunk@7573 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
06 Dec, 2013
1 commit
-
git-svn-id: https://svn.forgerock.org/openam/trunk@7478 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
04 Dec, 2013
4 commits
-
…e (additional fix against build error, ...my mistake) git-svn-id: https://svn.forgerock.org/openam/trunk@7433 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
-
…e (additional fix against build error, ...my mistake) git-svn-id: https://svn.forgerock.org/openam/trunk@7432 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
-
git-svn-id: https://svn.forgerock.org/openam/trunk@7431 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
-
git-svn-id: https://svn.forgerock.org/openam/trunk@7428 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
21 Nov, 2013
1 commit
-
git-svn-id: https://svn.forgerock.org/openam/trunk@7371 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
20 Nov, 2013
1 commit
-
For SAML logins the LoginServlet should detect the authentication session from the query string rather than using any existing cookies, that way we can make sure that the SAML authentication flow will stay on the server that stores the necessary request data to finish the SAML. git-svn-id: https://svn.forgerock.org/openam/trunk@7351 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
19 Nov, 2013
1 commit
-
git-svn-id: https://svn.forgerock.org/openam/trunk@7345 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
13 Nov, 2013
4 commits
-
SP Adapter is now invoked when the IdP Proxy sends the proxied SAML request. git-svn-id: https://svn.forgerock.org/openam/trunk@7280 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
-
New extension point for IdPAdapter that makes it possible to modify the SAML response before it's sent out. git-svn-id: https://svn.forgerock.org/openam/trunk@7278 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
-
The SLO code has been adjusted to cope with situations of having different sets of supported SLO bindings, and also handle the case when there is no "appropriate" binding for the current SLO process. git-svn-id: https://svn.forgerock.org/openam/trunk@7274 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
-
The SP initiated SLO process has been modified to only try to send SLO request with the SP the session is currently associated with. Also made a small adjustment to the code so failing to invalidate the local session no longer results in a logout error. git-svn-id: https://svn.forgerock.org/openam/trunk@7271 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
08 Nov, 2013
1 commit
-
git-svn-id: https://svn.forgerock.org/openam/trunk@7257 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
11 Oct, 2013
1 commit
-
git-svn-id: https://svn.forgerock.org/openam/trunk@6919 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
03 Oct, 2013
1 commit
-
git-svn-id: https://svn.forgerock.org/openam/trunk@6771 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
02 Oct, 2013
1 commit
-
This one turned out to be issue with the input data. The SAMLAdapter expected the expiration date in _seconds_, but instead milliseconds were provided, and this resulted in quite a time difference. git-svn-id: https://svn.forgerock.org/openam/trunk@6751 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
25 Sep, 2013
2 commits
-
…es. Better logging in SAML2ConfigService. Bug fix in ServiceConfigManagerImpl to no longer return stale cache entries for global attributes (mimic semantics for organizational attributes). git-svn-id: https://svn.forgerock.org/openam/trunk@6660 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
-
…x or in an external Directory store. AME-2291 CR-2319 The CTS expired tokens deletion feature was too slow, this has now been improved. git-svn-id: https://svn.forgerock.org/openam/trunk@6647 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
15 Sep, 2013
1 commit
-
git-svn-id: https://svn.forgerock.org/openam/trunk@6551 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
31 Aug, 2013
1 commit
-
git-svn-id: https://svn.forgerock.org/openam/trunk@6476 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
19 Aug, 2013
1 commit
-
git-svn-id: https://svn.forgerock.org/openam/trunk@6320 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
17 Aug, 2013
1 commit
-
git-svn-id: https://svn.forgerock.org/openam/trunk@6305 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
15 Aug, 2013
2 commits
-
* Moving resources to their correct locations git-svn-id: https://svn.forgerock.org/openam/trunk@6285 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
-
* Use commons-lang 2 consistently, and remove commons-lang3 * Remove JMQ/JMS dependencies * Removing backport-util-concurrent * Aligning license headers * Moving amadmtools to openam-core for now (it may be extracted in the future, when all the CLI tools have their own modules) * Consolidating POMs git-svn-id: https://svn.forgerock.org/openam/trunk@6284 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
08 Aug, 2013
1 commit
-
This merge also includes changes for: * short reports were always generated when clicking on an actionlink, even though the report isn't actually displayed. * Implementation of OPENAM-1630 SAML2 metadata signatures are now compliant with the specification. Within this change two new realm level option has been introduced: metadataSigningKey metadataSigningKeyPass These will tell OpenAM which private key to use for signing the SAML2 metadata. In case the SAML entity is remote, OpenAM will try to maintain the original XML signature (if present), otherwise it will be signed with the configured key. * Fixing minor bug with configurator in case the system is already upgraded. The problem was that the request for upgrade.htm resulted in a redirect which has been automatically followed, so the final response code was 200, and that confused the configurator. * Fix for OPENAM-2710 * Fix for OPENAM-2064 Dashboard service has been extracted to a separate LDIF file and the schema is now available for all supported data store types. git-svn-id: https://svn.forgerock.org/openam/trunk@6187 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
04 Aug, 2013
1 commit
-
Adding extra null check to handle the case when the original AuthnRequest did not contain a NameIDPolicy element. git-svn-id: https://svn.forgerock.org/openam/trunk@6122 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
28 Jul, 2013
2 commits
-
git-svn-id: https://svn.forgerock.org/openam/trunk@6028 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
-
The solution involved following changes: * changed the way the login URL is being saved for forwarded request, now we only save the forwarded request parameters, hence the originally used parameters (like SAMLRequest) are no longer saved * changed the SAML redirectAuthentication implementation to include some extra request parameters for the goto URL, this way we can ensure that we can send back a SAML error response to the SP even when the AuthnRequest is no longer available. * In case the AuthnRequest is not available (by any means) now we send back a SAML error response to the SP instead of showing an HTTP-500 git-svn-id: https://svn.forgerock.org/openam/trunk@6027 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
22 Jul, 2013
1 commit
-
git-svn-id: https://svn.forgerock.org/openam/trunk@5921 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
16 Jul, 2013
1 commit
-
… AttributeAuthorityMappers should be thread safe; CR-1980 git-svn-id: https://svn.forgerock.org/openam/trunk@5861 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
12 Jul, 2013
1 commit
-
git-svn-id: https://svn.forgerock.org/openam/trunk@5849 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
01 Jul, 2013
1 commit
-
git-svn-id: https://svn.forgerock.org/openam/trunk@5724 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
24 Jun, 2013
1 commit
-
…de in commons dependency git-svn-id: https://svn.forgerock.org/openam/trunk@5630 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
20 Jun, 2013
1 commit
-
git-svn-id: https://svn.forgerock.org/openam/trunk@5607 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
06 Jun, 2013
1 commit
-
Modified the handling of passive authentication requests, this way it is possible to interrupt the passive AuthnRequest handling and still send back an appropriate SAML response. An example use-case would be to redirect the request away to a remember me authentication module, so you get authenticated with a cookie during just a simple passive request instead of returning a NoPassive response. git-svn-id: https://svn.forgerock.org/openam/trunk@5488 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d
29 May, 2013
1 commit
-
AME-259: (CR-1751) CTSv2 scale to 2000 sessions/sec Upgraded the Core Token Services to v2 with a more generalised token storage format. This cover all Core Token Service areas including Sessions, SAML Tokens and OAuth Tokens. New LDAP schema is included which fits into the previous schema. Performance testing of implementation finds its performance to be acceptable with the possibility of further tuning later. git-svn-id: https://svn.forgerock.org/openam/trunk@5405 0f4defcf-c51a-4c67-9f44-6fb5eba73c5d