11 Sep, 2014

1 commit


02 Jun, 2014

1 commit


30 May, 2014

1 commit

  • Support reauth for any auth module configured in authentication.json.
     * AuthenticationService now handles requests on /authentication, replaciing
       AuthFilter which was not a filter, and did not fully handle reauth.
     * Authenticators are used from both JASPI auth modules and AuthenticationService
       to provide the authentication--either with Http headers in the case of the 
       auth modules, or from the authcid in the HttpContext and the reauth header 
       in the case of reauthentication.
     * AuthenticationService now satisfies the AuthenticationConfig service for 
       the purposes of OSGiAuthFilterBuilder's access to the config to build the 
       JASPI CAF.
     * The duplicative managed/user config at the top of the sample authentication.json 
       files are now removed, thus satisfying OPENIDM-1781.
    
    
    
    git-svn-id: https://svn.forgerock.org/openidm/trunk@3282 d98387aa-ee2c-4292-a9e6-504d2a719fd3
    brmiller
     

28 May, 2014

1 commit


27 May, 2014

1 commit

  • Additional decoupling of auth module role calculation and security context 
    population from auth module validation code.  Notably:
    
     * factor out basic auth code to allow PassthroughModule to support both basic auth and X-OpenIDM- header auth.
     * remove IWAPassthroughModule in favor of using auth module configuration to control order of execution
     * separate client cert auth into its own module, supporting an list of "allowedAuthenticationIdPatterns" 
       to compare against the subject DN
     * remove static dependency on OSGIAuthnFilterBuilder for injection of OSGi artifacts - improves testability
    
    
    
    git-svn-id: https://svn.forgerock.org/openidm/trunk@3261 d98387aa-ee2c-4292-a9e6-504d2a719fd3
    brmiller
     

14 May, 2014

2 commits


12 May, 2014

1 commit


23 Apr, 2014

1 commit


07 Apr, 2014

1 commit


03 Apr, 2014

1 commit


17 Mar, 2014

1 commit


17 Dec, 2013

1 commit


21 Aug, 2013

1 commit


23 Jul, 2013

1 commit

  • Fix regression if syncFailureHandler is not defined in config; liveSync failures
      will result in infinite retries as before
    Fix bug where handler exception is never logged by provisioner.
    Use singleton pattern for handlers without state.
    Update all samples to have sane defaults of 5 retries and logged-ignore handler.
    Update README.
    
    
    git-svn-id: https://svn.forgerock.org/openidm/trunk@2321 d98387aa-ee2c-4292-a9e6-504d2a719fd3
    brmiller
     

13 Feb, 2013

1 commit


17 Dec, 2012

1 commit


13 Dec, 2012

1 commit


10 Dec, 2012

1 commit


01 Dec, 2012

1 commit


30 Nov, 2012

1 commit


21 Nov, 2012

1 commit


15 Nov, 2012

1 commit

  • http://sources.forgerock.org/cru/CR-891
    
    This also includes global rename of _query-id to _queryId and _query-expression to _queryExpression.
    
    Note for documenters: there are several changes expected to be made soon; review the code review (linked above) and note Andi's comments
    
    git-svn-id: https://svn.forgerock.org/openidm/trunk@1531 d98387aa-ee2c-4292-a9e6-504d2a719fd3
    jake.feasel
     

19 Aug, 2012

1 commit


07 Aug, 2012

1 commit


30 Jul, 2012

2 commits


24 May, 2012

2 commits


13 Jan, 2012

1 commit


12 Jan, 2012

1 commit


23 Dec, 2011

3 commits


13 Dec, 2011

1 commit

  • … embeddedServer for clustered (default false), clusterName (default openidm), clusterAddress (default 235.1.1.1), clusterPort (default 2424). embeddedServer property now a boolean instead of String. root user password now defaulted to regular user password, settable via rootPwd.
    
    git-svn-id: https://svn.forgerock.org/openidm/trunk@617 d98387aa-ee2c-4292-a9e6-504d2a719fd3
    andi
     

09 Dec, 2011

2 commits


21 Nov, 2011

2 commits


03 Nov, 2011

1 commit