08 Jun, 2015
1 commit
-
… leverages a use case centered around an insurance company, Example.com, which needs to provide 2 accounts in its ldap directory for agents which can also be insured customers. Also showscases the use of roles in conjunction with link qualifier. git-svn-id: https://svn.forgerock.org/openidm/trunk@5421 d98387aa-ee2c-4292-a9e6-504d2a719fd3
22 Apr, 2015
1 commit
-
… and role based provisioning. The linkqualifier role sample will be addressed at a later time. Also includes a correction to defaultMapping.js git-svn-id: https://svn.forgerock.org/openidm/trunk@5156 d98387aa-ee2c-4292-a9e6-504d2a719fd3
10 Feb, 2015
1 commit
-
against module config to avoid repo read for self-registration use-cases. git-svn-id: https://svn.forgerock.org/openidm/trunk@4822 d98387aa-ee2c-4292-a9e6-504d2a719fd3
06 Feb, 2015
1 commit
-
…s in linked datasources git-svn-id: https://svn.forgerock.org/openidm/trunk@4809 d98387aa-ee2c-4292-a9e6-504d2a719fd3
28 Jan, 2015
1 commit
-
git-svn-id: https://svn.forgerock.org/openidm/trunk@4759 d98387aa-ee2c-4292-a9e6-504d2a719fd3
29 Aug, 2014
1 commit
-
git-svn-id: https://svn.forgerock.org/openidm/trunk@3840 d98387aa-ee2c-4292-a9e6-504d2a719fd3
17 Jun, 2014
1 commit
-
Disabling MANAGED_USER auth module for several samples, in favor of PASSTHROUGH to system/ldap/account Just toggled a boolean config value; no review necessary. Rationale for change: Previously, we attempted to authenticate using MANAGED_USER first, followed by a few others and then finally PASSTHROUGH. The reason it was first created it this way was so that if there was a fully- populated managed/user entry, it would not need to query the remote system. This works fine if you are syncing passwords between managed/user and the remote backend, but as mentioned in OPENIDM-1953, that isn't always the case. To compound this problem, there is also the new function around role calculation; this is per-auth module, and so if you want to calculate roles for a given user you would need to do it for both MANAGED_USER and PASSTHROUGH, if they were both enabled. This redundancy is annoying and a likely source of confusion. So, this change is to just disable the MANAGED_USER auth module, and always use the PASSTHROUGH config. git-svn-id: https://svn.forgerock.org/openidm/trunk@3404 d98387aa-ee2c-4292-a9e6-504d2a719fd3
02 Jun, 2014
1 commit
-
git-svn-id: https://svn.forgerock.org/openidm/trunk@3298 d98387aa-ee2c-4292-a9e6-504d2a719fd3
30 May, 2014
1 commit
-
Support reauth for any auth module configured in authentication.json. * AuthenticationService now handles requests on /authentication, replaciing AuthFilter which was not a filter, and did not fully handle reauth. * Authenticators are used from both JASPI auth modules and AuthenticationService to provide the authentication--either with Http headers in the case of the auth modules, or from the authcid in the HttpContext and the reauth header in the case of reauthentication. * AuthenticationService now satisfies the AuthenticationConfig service for the purposes of OSGiAuthFilterBuilder's access to the config to build the JASPI CAF. * The duplicative managed/user config at the top of the sample authentication.json files are now removed, thus satisfying OPENIDM-1781. git-svn-id: https://svn.forgerock.org/openidm/trunk@3282 d98387aa-ee2c-4292-a9e6-504d2a719fd3
27 May, 2014
1 commit
-
Additional decoupling of auth module role calculation and security context population from auth module validation code. Notably: * factor out basic auth code to allow PassthroughModule to support both basic auth and X-OpenIDM- header auth. * remove IWAPassthroughModule in favor of using auth module configuration to control order of execution * separate client cert auth into its own module, supporting an list of "allowedAuthenticationIdPatterns" to compare against the subject DN * remove static dependency on OSGIAuthnFilterBuilder for injection of OSGi artifacts - improves testability git-svn-id: https://svn.forgerock.org/openidm/trunk@3261 d98387aa-ee2c-4292-a9e6-504d2a719fd3
14 May, 2014
1 commit
-
Provide additional detail on sync failures from managed object CRUD operations. Provide example compensation script to compensate for sync failures. git-svn-id: https://svn.forgerock.org/openidm/trunk@3207 d98387aa-ee2c-4292-a9e6-504d2a719fd3
12 May, 2014
1 commit
-
git-svn-id: https://svn.forgerock.org/openidm/trunk@3171 d98387aa-ee2c-4292-a9e6-504d2a719fd3
23 Apr, 2014
1 commit
-
…low working with the UI, plus some overall cleanup git-svn-id: https://svn.forgerock.org/openidm/trunk@3126 d98387aa-ee2c-4292-a9e6-504d2a719fd3
18 Apr, 2014
1 commit
-
git-svn-id: https://svn.forgerock.org/openidm/trunk@3109 d98387aa-ee2c-4292-a9e6-504d2a719fd3
03 Apr, 2014
1 commit
-
Doesn't include sample3 updates git-svn-id: https://svn.forgerock.org/openidm/trunk@3051 d98387aa-ee2c-4292-a9e6-504d2a719fd3
26 Mar, 2014
1 commit
-
Update other auth module of 'userId' to 'authenticationId' for consistency. git-svn-id: https://svn.forgerock.org/openidm/trunk@3022 d98387aa-ee2c-4292-a9e6-504d2a719fd3
19 Mar, 2014
2 commits
-
git-svn-id: https://svn.forgerock.org/openidm/trunk@2998 d98387aa-ee2c-4292-a9e6-504d2a719fd3
-
git-svn-id: https://svn.forgerock.org/openidm/trunk@2997 d98387aa-ee2c-4292-a9e6-504d2a719fd3
17 Mar, 2014
2 commits
-
…ientdb repo config, also re-added the managed_group to the samples orientdb repo config because it was accidentally removed with a previous commit. git-svn-id: https://svn.forgerock.org/openidm/trunk@2983 d98387aa-ee2c-4292-a9e6-504d2a719fd3
-
git-svn-id: https://svn.forgerock.org/openidm/trunk@2979 d98387aa-ee2c-4292-a9e6-504d2a719fd3
30 Jan, 2014
1 commit
-
… Replace token used within Index naming scheme to use exclamation instead of pipe in order to avoid issues on Windows. git-svn-id: https://svn.forgerock.org/openidm/trunk@2786 d98387aa-ee2c-4292-a9e6-504d2a719fd3
14 Nov, 2013
1 commit
-
RFC 4519 stipulates that a groupOfUniqueNames object must have at least one uniqueMember. Our sample provides an LDIF file that breaks this requirement. OpenDJ is more relaxed wrt to this specification, so DJ loads the Example.ldif without complaint, but the reporter of this issue notes that other Directory Servers won't load this LDIF file. The solution is to create a dummy user in the Example.ldif file, and add it as a uniqueMember of the second group. Unfortunately this addition necessitated a slight adjustment to the description of the sample (as readers might wonder why there is this second user that is not used in the sample.) git-svn-id: https://svn.forgerock.org/openidm/trunk@2632 d98387aa-ee2c-4292-a9e6-504d2a719fd3
02 Oct, 2013
1 commit
-
git-svn-id: https://svn.forgerock.org/openidm/trunk@2517 d98387aa-ee2c-4292-a9e6-504d2a719fd3
23 Jul, 2013
1 commit
-
Fix regression if syncFailureHandler is not defined in config; liveSync failures will result in infinite retries as before Fix bug where handler exception is never logged by provisioner. Use singleton pattern for handlers without state. Update all samples to have sane defaults of 5 retries and logged-ignore handler. Update README. git-svn-id: https://svn.forgerock.org/openidm/trunk@2321 d98387aa-ee2c-4292-a9e6-504d2a719fd3
10 Jul, 2013
1 commit
-
git-svn-id: https://svn.forgerock.org/openidm/trunk@2272 d98387aa-ee2c-4292-a9e6-504d2a719fd3
27 Jun, 2013
1 commit
-
git-svn-id: https://svn.forgerock.org/openidm/trunk@2240 d98387aa-ee2c-4292-a9e6-504d2a719fd3
17 May, 2013
1 commit
-
… in activity audit log. git-svn-id: https://svn.forgerock.org/openidm/trunk@2159 d98387aa-ee2c-4292-a9e6-504d2a719fd3
02 May, 2013
1 commit
-
…rmatted, added declarations for audit_recon and audit_activity tables in orientdb config git-svn-id: https://svn.forgerock.org/openidm/trunk@2129 d98387aa-ee2c-4292-a9e6-504d2a719fd3
01 May, 2013
1 commit
-
… parsing to fix issues git-svn-id: https://svn.forgerock.org/openidm/trunk@2123 d98387aa-ee2c-4292-a9e6-504d2a719fd3
30 Apr, 2013
1 commit
-
…Summaries, Added Scriptable Formatter For Exception Details git-svn-id: https://svn.forgerock.org/openidm/trunk@2120 d98387aa-ee2c-4292-a9e6-504d2a719fd3
26 Apr, 2013
1 commit
-
…n audit log entries. Implemented in both CsvAuditLogger and RepoAuditLogger. git-svn-id: https://svn.forgerock.org/openidm/trunk@2109 d98387aa-ee2c-4292-a9e6-504d2a719fd3
04 Apr, 2013
1 commit
-
git-svn-id: https://svn.forgerock.org/openidm/trunk@2074 d98387aa-ee2c-4292-a9e6-504d2a719fd3
21 Mar, 2013
1 commit
-
…contain the query and table for cluster states. git-svn-id: https://svn.forgerock.org/openidm/trunk@2057 d98387aa-ee2c-4292-a9e6-504d2a719fd3
17 Dec, 2012
1 commit
-
git-svn-id: https://svn.forgerock.org/openidm/trunk@1807 d98387aa-ee2c-4292-a9e6-504d2a719fd3
07 Dec, 2012
1 commit
-
…samples started by -p option git-svn-id: https://svn.forgerock.org/openidm/trunk@1732 d98387aa-ee2c-4292-a9e6-504d2a719fd3
01 Dec, 2012
1 commit
-
git-svn-id: https://svn.forgerock.org/openidm/trunk@1682 d98387aa-ee2c-4292-a9e6-504d2a719fd3
30 Nov, 2012
1 commit
-
git-svn-id: https://svn.forgerock.org/openidm/trunk@1678 d98387aa-ee2c-4292-a9e6-504d2a719fd3
28 Nov, 2012
1 commit
-
…uld work with the standard router file git-svn-id: https://svn.forgerock.org/openidm/trunk@1660 d98387aa-ee2c-4292-a9e6-504d2a719fd3
27 Nov, 2012
1 commit
-
git-svn-id: https://svn.forgerock.org/openidm/trunk@1649 d98387aa-ee2c-4292-a9e6-504d2a719fd3
21 Nov, 2012
1 commit
-
git-svn-id: https://svn.forgerock.org/openidm/trunk@1621 d98387aa-ee2c-4292-a9e6-504d2a719fd3