Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
    vharseko
    @vharseko
    OpenIdentityPlatformCommunity is the bot for OpenIdentityPlatform organization
    Kortanul
    @Kortanul
    where do you guys see you need the most support?
    vharseko
    @vharseko
    the biggest problem: we do not have confidence in the release of OpenIDM, there are no installations in real clients :( Need help in testing
    Kortanul
    @Kortanul
    Ah, I think that it may make sense for us to pool our resources there. We have a lot of support/interest in IDM in Wren but not as much support right now from the AM side :)
    Kortanul
    @Kortanul
    on the IDM side, a lot of our support comes from an organization called Orchitech. One of their biggest focuses is on Identity Management, though AM is also something they do
    vharseko
    @vharseko
    good guys, it is a pity that the last code is not used and rebranded of the known product
    Kortanul
    @Kortanul
    as in, that we're not keeping the OpenIDM name?
    vharseko
    @vharseko
    Yes, it is dangerous to lose a name that has a positive history
    Kortanul
    @Kortanul
    yeah, I understand where you're coming from. in our trade area, we did it to maintain a clear separation between our efforts and ForgeRock's. In addition, FR trademarked OpenAM, OpenDJ, etc within the US.
    I respect that you guys are maintaining the name, though :) And like I said I think it would be worthwhile for our two groups to support each other
    vharseko
    @vharseko
    We do not know about registration of the trademark for products of "OpenIDM Community", and we plan to support and develop them under the old name. If we release the product under a closed binary license, maybe we'll think about a different name, but rather, it will be like "OpenIDM Enterprise" or like "Orchitech IDM" :)
    Kortanul
    @Kortanul
    sure
    Inkata
    @Inkata

    is opendj 4.1.10 equivalent to FR 3.5 ?

    i'm reading the FR docs and I'm not sure if they apply

    hi all, btw :-)
    Maxim Thomas
    @maximthomas
    @Inkata, Hi! Basically, it's between 3.5 and 5, because FR closed source code in the middle of development 4th version. But after 3.5 version FR released version 5.
    pitinga
    @pitinga
    Hello.... I didn't find the web policy agent for Microsoft IIS. Only the web agent for apache. The Web Policy Agent for IIS will remains with Forgerock only?
    @vharseko can you give more details about "testing for windows (iis + apache)"? Which agent did you use? Did you install on IIS or Apache?
    pitinga
    @pitinga
    Thanks @vharseko
    pitinga
    @pitinga

    The IIS Windows version seems to be the same avaiable in Forgerock download center. Am I right?

    We had somes problems with version 4.0.0. When the URL has some "*" (asterix) in the middle, some error occur during pattern match of Not Enforced URLs and the request is blocked. I tried the version 4.1.0 in the same situation and this problem didn't occur anymore. But with 4.1.0 our machines started to reach 100% of CPU load. We thing that is because issue https://bugster.forgerock.org/jira/browse/AMAGENTS-509.

    I suppose that the correction is only avaiable in Forgerock paid support, right? Or version 4.1.1 correct this issue? But there is no 4.1.1 patch for IIS Windows.

    vharseko
    @vharseko
    @pitinga You can:
    1 Check for a problem in the free version of the community, and, if it is present, create a problem here: https://github.com/OpenIdentityPlatform/OpenAM-Web-Agents/issue
    2 Contact FR for paid version and paid support.
    3 Go to the free ".Net" version of the community https://github.com/OpenIdentityPlatform/OpenAM-.Net-Agent/blob/master/README.md , which is much faster than points 1 and 2
    Francesco Chicchiriccò
    @ilgrosso
    Hi there, I thought you might be interested in https://tiimeworkshop.eu/agenda/
    See Agenda on Tuesday, click on OSS IDM tab
    skr1023
    @skr1023

    Hello

    I was going through openAM documentations availabe on backstage and I came across below security advisory from Forgerock for Openam 12.0.4.

    https://backstage.forgerock.com/docs/openam/12/release-notes/#chap-security-advisories

    I want to know if any of these critical issues are still open with openAM 14.3.1 .

    Also can you please share details about your support model.

    vharseko
    @vharseko
    if you are aware of a product vulnerability, you can:
    1) correct and execute the merge request patch yourself
    2) Request community assistance through issue
    3) Request paid support from the organization
    more details https://github.com/OpenIdentityPlatform/OpenAM#support-and-mailing-list-information
    skr1023
    @skr1023
    Hi,
    I'm trying to build the OpenIDM(5.5.0) source code using Apache Maven 3.6.1 but I'm getting the following error.
    It probably has something to do with the authentication required to access forgerock repository for maven.
    How to resolve this issue???
    [ERROR] [ERROR] Some problems were encountered while processing the POMs:
    [FATAL] Non-resolvable parent POM for org.forgerock.openidm:openidm-project:5.5.0-SNAPSHOT: Could not transfer artifact org.forgerock:forgerock-parent:pom:2.0.10 from/to forgerock-staging-repository (http://maven.forgerock.org/repo/releases): Connect to maven.forgerock.org:80 [maven.forgerock.org/81.171.204.41] failed: Connection refused (Connection refused) and 'parent.relativePath' points at wrong local POM @ line 19, column 13
    vharseko
    @vharseko
    @skr1023 FIXED please pull and try again: https://github.com/OpenIdentityPlatform/OpenIDM#how-to-build
    kumar panchal
    @kumarpanchal18_twitter

    Hello

    After upgrading OpenAM 12 to 14 facing issue with external DS. Receiving CTS error

    ERROR: AuthD init()
    java.lang.RuntimeException: org.forgerock.openam.session.service.access.persistence.SessionPersistenceException: Failed to save session
    at org.forgerock.openam.session.service.SessionAccessManager.persistInternalSession(SessionAccessManager.java:135)
    at com.iplanet.dpro.session.service.AuthenticationSessionStore.promoteSession(AuthenticationSessionStore.java:107)
    at org.forgerock.openam.authentication.service.AuthSessionFactory.initAuthSession(AuthSessionFactory.java:105)
    at org.forgerock.openam.authentication.service.AuthSessionFactory.getAuthenticationSession(AuthSessionFactory.java:79)
    at com.sun.identity.authentication.service.AuthD.<init>(AuthD.java:224)
    at com.sun.identity.authentication.service.AuthD.<init>(AuthD.java:103)
    at com.sun.identity.authentication.service.AuthD$SingletonHolder.getInstance(AuthD.java:125)
    at com.sun.identity.authentication.service.AuthD.getAuth(AuthD.java:512)
    at com.sun.identity.authentication.service.AuthUtils.getAuthContext(AuthUtils.java:199)
    at org.forgerock.openam.core.rest.authn.core.wrappers.CoreServicesWrapper.getAuthContext(CoreServicesWrapper.java:58)
    at org.forgerock.openam.core.rest.authn.core.LoginAuthenticator.getAuthContext(LoginAuthenticator.java:197)
    at org.forgerock.openam.core.rest.authn.core.LoginAuthenticator.getLoginProcess(LoginAuthenticator.java:87)
    at org.forgerock.openam.core.rest.authn.RestAuthenticationHandler.authenticate(RestAuthenticationHandler.java:177)
    at org.forgerock.openam.core.rest.authn.RestAuthenticationHandler.initiateAuthentication(RestAuthenticationHandler.java:109)
    at org.forgerock.openam.core.rest.authn.http.AuthenticationServiceV1.authenticate(AuthenticationServiceV1.java:154)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at org.forgerock.openam.http.annotations.AnnotatedMethod.invoke(AnnotatedMethod.java:84)
    at org.forgerock.openam.http.annotations.Endpoints$1.handle(Endpoints.java:72)
    at org.forgerock.http.routing.Router.handle(Router.java:100)
    at org.forgerock.openam.audit.AbstractHttpAccessAuditFilter.filter(AbstractHttpAccessAuditFilter.java:73)
    at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:61)
    at org.forgerock.http.routing.Router.handle(Router.java:100)
    at org.forgerock.openam.rest.RealmContextFilter.filter(RealmContextFilter.java:86)
    at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:61)
    at org.forgerock.http.routing.Router.handle(Router.java:100)
    at org.forgerock.http.routing.Router.handle(Router.java:100)
    at org.forgerock.openam.rest.RealmRoutingFactory$ChfRealmRouter.handle(RealmRoutingFactory.java:147)
    at org.forgerock.http.handler.Handlers$UndescribedAsDescribableHandler.handle(Handlers.java:187)
    at org.forgerock.openam.rest.RealmRoutingFactory$HostnameFilter.filter(RealmRoutingFactory.java:124)
    at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:61)
    at org.forgerock.http.routing.Router.handle(Router.java:100)
    at org.forgerock.http.routing.Router.handle(Router.java:100)
    at org.forgerock.http.routing.ResourceApiVersionRoutingFilter.filter(ResourceApiVersionRoutingFilter.java:64)
    at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:61)
    at org.forgerock.caf.authentication.framework.AuthenticationFramework.grantAccess(AuthenticationFramework.java:220)
    at org.forgerock.caf.authentication.framework.AuthenticationFramework.access$400(AuthenticationFramework.java:65)
    at org.forgerock.caf.authentication.framework.AuthenticationFramework$3.apply(AuthenticationFramework.java:212)
    at org.forgerock.caf.authentication.framework.AuthenticationFramework$3.apply(AuthenticationFramework.java:205)
    at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:255)
    at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:244)
    at org.forgerock.caf.authentication.framewo
    vharseko
    @vharseko
    please attach 99-user.ldif from external DS
    kumar panchal
    @kumarpanchal18_twitter
    I didn't find this name ldif file
    vharseko
    @vharseko
    check config/schema path in base OpenDJ install
    kumar panchal
    @kumarpanchal18_twitter
    Ok
    vharseko
    @vharseko
    $ ls config/schema/
    00-core.ldif 03-keystore.ldif 03-rfc2739.ldif 03-uddiv3.ldif 05-solaris.ldif
    01-pwpolicy.ldif 03-pwpolicyextension.ldif 03-rfc2926.ldif 04-rfc2307bis.ldif 06-compat.ldif
    02-config.ldif 03-rfc2713.ldif 03-rfc3112.ldif 05-rfc4876.ldif 99-user.ldif
    03-changelog.ldif 03-rfc2714.ldif 03-rfc3712.ldif 05-samba.ldif
    kumar panchal
    @kumarpanchal18_twitter
    can you please provide full path?
    vharseko
    @vharseko
    you use OpenDJ as External DS ?
    kumar panchal
    @kumarpanchal18_twitter
    Yeah
    while configuration i have provided my own LDAP as external
    vharseko
    @vharseko
    on external DS search find / -name 99-user.ldif
    kumar panchal
    @kumarpanchal18_twitter
    Meanwhile on my LDAP location?
    vharseko
    @vharseko
    yes
    kumar panchal
    @kumarpanchal18_twitter

    Ok. Just we have to import 99-user. ldif file and issue will resolve?

    Because it's hitting authenticate the request with an anonymous user to get login page of openam

    vharseko
    @vharseko
    yes
    kumar panchal
    @kumarpanchal18_twitter
    Ok
    Thank you let me do it and get back you
    kumar panchal
    @kumarpanchal18_twitter
    CTS: Timed out whilst waiting for result
    at org.forgerock.openam.cts.impl.queue.AsyncResultHandler.getResults(AsyncResultHandler.java:88)
    at org.forgerock.openam.cts.monitoring.impl.queue.TokenMonitoringResultHandler.getResults(TokenMonitoringResultHandler.java:50)
    Receiving this
    vharseko
    @vharseko
    please restart and reindex external DS after schema update and attach full openam log
    kumar panchal
    @kumarpanchal18_twitter
    Ok