par janua | Sep 9, 2016 | Communauté, Gestion des Identités, Sécurité, SSO
Refresh token lifecycle in OpenAM could be very tricky, not easy to understand and implement. So that we share in this document our experiences. 1. Description Refresh Token is a feature provided with Oauth2 Authorization code or Resource Owner Password Credentials...
par janua | Juil 15, 2016 | Communauté, Gestion des Identités, Sécurité, SSO
This post is about understanding tokens roles in OpenID Connect (OIDC) intégration: 1. Presentation OpenID Connect Specification is described at . OpenID Connect is provided on top of OAuth2 layer, defined in RFC 6749. OpenID provides authentication which is expressed...
par janua | Juin 10, 2016 | Gestion des Identités, Sécurité, SSO
This article describes how it is possible to create a new tomcat instance and deploy openam in it (which is not the default tomcat instance) very quickly. This can be very useful if you have already other openam tomcat instances. How to create and deploy a new OpenAM...
par janua | Juin 6, 2016 | Communauté, Gestion des Identités, Sécurité, SSO
OpenAM integration is tigthly coupled with Apache Server to protect web pages using a web policy agent. Apache Server can be made available out of the box when bundled with the OS, but often does not allow to be tailored to customer needs. OpenAM-compiling Apache...
par janua | Avr 14, 2016 | Communauté, Gestion des Identités, SSO
Saving OAuth2 consent: when configured as an OAuth2 service provider, OpenAM is capable of saving the user’s consent. This prevent the resource owner from having to validate the authorization consent each time for the same client and scopes. To save OAuth2...
par janua | Jan 30, 2016 | Gestion des Identités, Sécurité, SSO
Janua is hiring IAM Experts : OpenAM, CAS, Shibbboleth, OpenDJ, OpenLDAP, OpenIDM, Fortress. Janua is hiring, the jobs are located in France, wherever you want if not so far from à TGV line or Airport. Please contact Pascal Flamand, CEO –...
par janua | Oct 14, 2015 | Gestion des Identités, Open Source, Produit, SSO
In a previous post, we have seen that OpenAM implements the OpenID Connect protocol and that it is possible to configure it as an OIDC provider (with some limitation though). In the current post, we will learn how to login with email on OpenID Connect provider based...
par janua | Sep 3, 2015 | Communauté, Gestion des Identités, Open Source, Sécurité, SSO
Lately we have been trying to use OpenID Connect with OpenAM. By following the official documentation, you can easily configure a basic scenario where OpenAM is just an OAuth/OpenID Connect provider. However, we have found that some goals are not easily...
par janua | Juil 13, 2015 | Communauté, Documents, Formation, Gestion des Identités, IoT, LDAP, Open Source, Presse, Sécurité, SSO
Press Release : Frederic Barabas appointed CTO at JANUA, R&D Identity Management and Open Source. Sophia-Antipolis, July 13, 2015 – Janua is proud to anounce the appointment of Frederic Barabas as CTO, R&D Identity Management and Open Source. Frederic is...
par janua | Mai 24, 2015 | Communauté, Gestion des Identités, Open Source, SSO
The OpenAM Capture and Replay password feature can be really handy in some scenarios. Unfortenately, for some reason, it does not work when the authentication is made through the REST interface, but we can use a pretty simple workaround to that issue. The OpenAM...
par janua | Mai 13, 2015 | Developpement, Gestion des Identités
OpenAM Java API : Retrieve LDAP Datastore credentials. When developing plugins in OpenAM, using the Java SDK API, you could need to retrieve some information from a registered LDAP datastore. But in order to do that, you have to extract the directory credentials from...
par janua | Avr 15, 2015 | Developpement, Gestion des Identités
OpenIDM and Google Apps new API : a few months ago, Google announced that as of April 20, 2015 the Provisioning API, among others, will be discontinued and replaced by the Admin SDK API. Since the deprecation period for these APIs is coming to an end, the Google...
par janua | Mar 30, 2015 | Communauté, Gestion des Identités, Open Source, Sécurité, SSO
OpenAM 12 tricks: I recently had to find a solution built on OpenAM where the business requirements were to be able to display a form to end users accessing a SAML SP (among several) for the first time, in order to let them make a choice upon which SAML assertions...
par janua | Fév 5, 2015 | Communauté, Gestion des Identités, Open Source, Sécurité, SSO
OpenAM security is a serious matter, especially when this software has a critical role in your architecture, which is often the case. So here are some advices to avoid OpenAM security holes. 1 – OpenAM lower layers security To avoid security flaws in your OpenAM...
par janua | Jan 9, 2015 | Communauté, Developpement, Gestion des Identités, Sécurité, SSO
OpenAM Custom Password Generator : I told you in a previous post about the OpenLDAP Password Policy Module which allows defining the password complexity rules by configuring an external file. OpenAM-CPG is an OpenAM reset password plugin using the same configuration...
