org.forgerock / org.forgerock.openig

19 Nov, 2014

3 commits

18 Nov, 2014

2 commits

14 Nov, 2014

2 commits

12 Nov, 2014

3 commits

10 Nov, 2014

1 commit

07 Nov, 2014

4 commits

  • 471ec570   OPENIG-336 OPENIG-350 (CCR-5078) Lazily retrieve cached user info resources in OAuth2 Client Filter ... Browse Dir » 
    Without this change, the OAuth 2.0 Client Filter triggers the retrieval of
the user info resource for each request that is intercepted. It's a problem
for Identity Providers such as Google that have an allowed quota of request/sec,
because of the sudden burst of user info request.

This is even worse than that because sometimes, the intercepted request may
not even need to use theses information (think of OpenIG intercepting an
image served by the protected application and returned as-is) ...

This fix includes both a user-info resources caching for a few seconds (the
time for all requests to load a web page to be executed) and a lazy loading
of the resource (triggered the first time a downstream filter/handler access
the `user_info` structure). By default, resources are kept for 20 seconds after
the first access.

Like for OAuth2ResourceServerFilter, you can disable that cache with
`"cacheExpiration": "disabled"` in the configuration.

git-svn-id: https://svn.forgerock.org/openig/trunk@694 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
    guillaume.sauthier
     
  • 61cbf492   OPENIG-264 Supports zero-length Durations ... Browse Dir » 
    That will be useful to support deactivation marker values when configuring cache timeouts.

This fix support both `zero` and `disabled` as zero-length Duration markers.
When the parsed String value also represents a zero-length duration (like `0 days and 0 ms`),
the special ZERO marker duration is returned.

Updated documentation as well.

git-svn-id: https://svn.forgerock.org/openig/trunk@692 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
    guillaume.sauthier
     
  • 707ab045   Updated doc with new log samples ... Browse Dir » 
    git-svn-id: https://svn.forgerock.org/openig/trunk@690 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
    guillaume.sauthier
     
  • 397990d0   OPENIG-320 CR-5181 Rename KeyStore 'file' option to 'url' ... Browse Dir » 
    git-svn-id: https://svn.forgerock.org/openig/trunk@687 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
    matthew
     

06 Nov, 2014

1 commit

03 Nov, 2014

1 commit

30 Oct, 2014

2 commits

29 Oct, 2014

1 commit

  • 6f011d88   OPENIG-358 (CR-5060) Improve generated names for inline object declarations ... Browse Dir » 
    Although the JSON pointer is sufficient to guarantee unicity of a name
within the scope of a heap, it makes it hard for reader to link that name
to the configuration object they provided.

This patch supports both improvements:
* if a `name` attribute is provided in the declaration, use it as-is
* if not, prepend the `type` attribute value to the pointer String to help identification

This patch also updates the logs samples provided in the documentation.

git-svn-id: https://svn.forgerock.org/openig/trunk@666 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
    guillaume.sauthier
     

28 Oct, 2014

1 commit

24 Oct, 2014

1 commit

  • 4e05621d   Fix typo ... Browse Dir » 
    git-svn-id: https://svn.forgerock.org/openig/trunk@664 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
    mark
     

23 Oct, 2014

2 commits

22 Oct, 2014

1 commit

  • 5849c460   CR-4937 OPENIG-312 Updated troubleshooting section. ... Browse Dir » 
    - Updated stacktrace in section 1.
- Remove section 2.
- Replaced section 'Unexpected character  at position 1103' and replaced it by
'Extra or missing character / invalid JSON'

git-svn-id: https://svn.forgerock.org/openig/trunk@643 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
    violette
     

10 Oct, 2014

1 commit

25 Sep, 2014

4 commits

24 Sep, 2014

2 commits

23 Sep, 2014

4 commits

22 Sep, 2014

2 commits

19 Sep, 2014

1 commit

18 Sep, 2014

1 commit

  • 6f608832   CR-4573 OPENIG-275: Document what is needed for load balancing and failover ... Browse Dir » 
    If you can store all state on the user-agent,
for example by using the JwtSession implementation,
then perhaps OpenIG can be stateless enough
that there is no need to do anything special when load balancing.

If some of the state is stored on the server,
then you need to configure the load balancer for session stickiness
and to configure the container for session replication.

Neither the load balancer configuration
nor the container configuration
are specific to OpenIG,
so this patch explains what needs doing
and points to the documentation
for supported containers Apache Tomcat & Jetty.

git-svn-id: https://svn.forgerock.org/openig/trunk@582 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
    mark