Here’s a simple Shell script to backup an OpenAM server. Feel free to customize it, for example if you use an external configuration store.
This script will:
In the 1st et 2d articles about chaining kerberos with OpenAM, there may be some use cases where the « referer » solution may not work, since for example the browser does not always generate it, for security reasons.
In such a case, here’s a more sophisticated 401.jsp page, that requires a Java 7 environment:
Basically, in comparison with part 1, the Openstack authentication against the Keystone server is now achieved by OpenAM itself, thanks to a specialized authentication module.
The default SQLAttributeFilter in OpenIG doesn’t handle result sets very well: it doesn’t allow to browse the results in any direction.
To workaround this problem, simply modify the following line in the SQLFilter source code, this way:
PreparedStatement ps = c.prepareStatement(preparedStatement,ResultSet.TYPE_SCROLL_SENSITIVE,ResultSet.CONCUR_READ_ONLY);
The original code lies below:
PreparedStatement ps = c.prepareStatement(preparedStatement);
See this URL for full details ..
A nice feature which comes with OpenAM agents 3.3 is the ability to define conditional login URLs.