Provide a UI to configure OpenAM as an available authentication module for OpenIDM
- User-supplied information, stored in conf/authentication.json
- OpenAM root URI
- OpenAM login URI (allow realm parameters)
- List of group base DNs (assume LDAP for now) that map to each OpenIDM role
- If OpenAM is https, collect the public cert from OpenAM and store it in OpenIDM's truststore
- Borrow the DJ connector's cert UI?
- Just read the OpenAM public cert directly from OpenAM?
- Allow the user to decide whether the OpenAM auth module should be used exclusively or alternately (both will be functional via the cREST API)
- This capability assumes, for the time being, that the OpenAM user store is LDAP.
- The LDAP connector should already be configured to sync OpenAM users into managed. If this is not yet done then the OpenAM auth module should be left disabled or, at least, a warning displayed to the admin when they try to config the auth module.