Uploaded image for project: 'OpenIDM'
  1. OpenIDM
  2. OPENIDM-2738 OpenIDM uses existing OpenAM Auth configuration
  3. OPENIDM-2761

Add UI support for enabling use of OpenAM as an AuthN provider

    XMLWordPrintable

    Details

    • Sub-task
    • Status: Closed
    • Major
    • Resolution: Fixed
    • OpenIDM 4.0.0
    • None
    • Module - Web UI
    • Sprint 32

      Description

      Provide a UI to configure OpenAM as an available authentication module for OpenIDM

      • User-supplied information, stored in conf/authentication.json
        • OpenAM root URI
        • OpenAM login URI (allow realm parameters)
        • List of group base DNs (assume LDAP for now) that map to each OpenIDM role
        • If OpenAM is https, collect the public cert from OpenAM and store it in OpenIDM's truststore
          • Borrow the DJ connector's cert UI?
          • Just read the OpenAM public cert directly from OpenAM?
      • Allow the user to decide whether the OpenAM auth module should be used exclusively or alternately (both will be functional via the cREST API)

      Notes:

      • This capability assumes, for the time being, that the OpenAM user store is LDAP.
      • The LDAP connector should already be configured to sync OpenAM users into managed. If this is not yet done then the OpenAM auth module should be left disabled or, at least, a warning displayed to the admin when they try to config the auth module.

        Attachments

          Issue Links

            Activity

              People

              huck.elliott Huck Elliott
              jbranch Jon Branch [X] (Inactive)
              David Gilbert David Gilbert
              Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: