ForgeRock OpenAM supports a number of Authentication Modules that can be used to verify the identity of a user attempting to login to the applications protected by OpenAM. One of the biggest strengths of OpenAM is the flexibility that it gives to plug in a Custom Authentication Module in the event the Out of The Box modules do not meet the requirements. Some details around the same can be found here.
In the following video that has a running time of approximately nine minutes, you’ll see an OpenAM instance being configured to contact Google for identifying a user by using OAuth2. Google’s literature about their support for OAuth2 is here in case if you are interested to read.
In an earlier post we saw how to create a new realm in ForgeRock OpenAM. But for that we used the Browser User Interface of OpenAM. Well it’s likely that the ForgeRock customers might not be interested in ForgeRock’s implementation of User Interface, but would like to have their own custom way of interacting with the product. For this very purpose, all components of ForgeRock Identity Platform offers easy-to-use RESTful Web API. A neat introduction about it is here. For a detailed look on the RESTful Web Services, I’d recommend ForgeRock documentation.
So in the following screen-cast, we’ll see how we can use a popular command line tool to make REST calls to the OpenAM first for performing authenticaiton and then for creating a realm.
I’ve tried my level best to keep this post as complete in itself as possible to be able to go through without having to read/watch any of my earlier posts/video logs. So while it is not strictly required to read/watch my earlier posts/video logs on this blog to go through this one, at least to understand the infrastructure used, it’s desired that you take a look at a couple of my earlier posts on OpenAM and OpenDJ at the links below:
ForgeRock OpenIDM comes bundled with OrientDB. But the use of OrientDB as an internal repository for OpenIDM is not recommended in a production environment. A list of supported JDBC repositories for production use with OpenIDM can be found here. In this post, you’ll find a screen-cast that demonstrates the configuration of MySQL as an internal repository for OpenIDM. The following video log, however, does not demonstrate the installation of OpenIDM, but if interested you can watch the OpenIDM installation here.
I’ve already posted an entry on ForgeRock OpenDJ Installation in a Linux Container. If interested, you can read/watch it here. If you are already familiar with OpenDJ installation as a stand alone Directory Server instance and would like to know the very simple steps involved in setting up data replication, the following video log might be useful for you. The screen-cast below uses two OpenDJ instances running on two different Linux Containers to set up data replication. A great deal of information required for performing this demo was fetched from Ludo’s Sketches. ForgeRock Documentation that talks of OpenDJ Data Replication can be found here.
This post picks up from an earlier one and maybe it makes sense to have look at that first before going through this one. So now that we have ForgeRock OpenIDM running inside a Linux Container, in the video log embedded below, we integrate it with ForgeRock OpenDJ. We’ll then use OpenIDM to provision users on to the OpenDJ. Here’s a summary of what you get to see in the video:
– A quick look at the existing installation of ForgeRock OpenIDM and ForgeRock OpenDJ
– Configuring OpenIDM with LDAP connector during startup using available sample files
– Reconciliation of identifies from ForgeRock OpenDJ to ForgeRock OpenIDM
– Provisioning users from ForgeRock OpenIDM to ForgeRock OpenDJ
Chronologically, this is my third blog update around ForgeRock software stack, the first two being Installation of OpenDJ in a Linux Container and ForgeRock OpenAM Installation in a LXC. While none of these entries have any dependency on each other whatsoever, it is recommended to watch it in order so as to get a fairly uncomplicated idea on the infrastructure being used for demonstrations. In the video logs embedded in all the blog posts as mentioned above, the ForgeRock products are being installed in Linux Containers in Ubuntu Linux flavour that in turn is running in a Virtual Box. Because I thought it maybe relatively effortless for you to sit back and enjoy watching a video rather than reading through a lengthy essay, I’m sticking to my idea of publishing my screen-cast on installation of ForgeRock OpenIDM in a Linux Container. In the screencast, you’ll find:
– Creating new linux container for installation of OpenIDM
– Installation of OpenIDM in a LXC
– Starting/stopping OpenIDM Services
– Accessing OpenIDM using REST calls
– Accessing OpenIDM using BUI
– Configuring OpenIDM as a run control script in Ubuntu Linux
With a hope that this screencast will give you a some understanding on getting started with ForgeRock OpenIDM, I here unto present it for you:
We will figure out how to use OpenIDM for Identity provisioning in a later segment, not too far in the future. In the mean time, if you would like to browse away the features of ForgeRock OpenIDM, its documentation can be found here.
In an earlier post we saw the Installation and Configuration of ForgeRock OpenAM and how it protects a Web Based Application. The follow screen-cast, which is an extract from a live session conducted for a ForgeRock Customer takes us through the Policy Configuration in OpenAM so that the Web Application displayes a particular page only to those Users who belong to an OpenDJ group called ‘Employees’:
In continuation to my earlier blog on Installing ForgeRock’s OpenDJ in a Linux Container, and to keep up with the promise of doing my bit to introduce ForgeRock’s software stack, I present here another set of video logs that takes you through the deployment of ForgeRock’s Access Management Solution:
– Installation of Apache Web Server in a Linux Container [Video 00]
– Installation of Apache Tomcat Application a Linux Container [Video 01]
– Deploying ForgeRock OpenAM in a Tomcat Application Server [Video 02]
– Protecting Apache Web Server using ForgeRock OpenAM [Video 03]
So after I bid farewell to over a decade long teaching profession, I’ve now joined the band @ ForgeRock. Feels at home, as I now find myself amongst some familiar folks, doing activities on popular open source products on Identity Management that has always been so dear to me.
Without any further ado, let me do my bit to introduce the ForgeRock products to you. To start with, I’ll help you setup ForgeRock’s directory service solution ‘OpenDJ’. Because I’ve a plan to show you the entire ForgeRock product portfolio over the next few weeks, I’ve setup the OpenDJ component in an OS virtualization solution. I’ve my own OS preferences, but for the sake of demonstration, I’ve decided to use the freely available Ubuntu OS. And in Ubuntu, we will create Linux Containers (a.k.a LXC), light weight OS virtualization solution. Over the next few weeks, we’ll have one container for each of the ForgeRock product.
Rather than writing a lengthy essay on the steps to create/configure Linux containers (LXC) and then install/configure ForgeRock’s OpenDJ, I’ve decided to publish my video logs here, which I think might turn out to be more convenient for you sit back and watch.
So here’s what I’ve done:
– Installed Ubuntu 14.04 LTS on a VirtualBox. [Video 00]
– Performed Package updates post installation.[Video 01]
– Installed the packages required for creating LXC.[Video 01]
– Installed the LXC Web Console package (to access LXC using BUI). [Video 01]
– Upgraded the host OS from 14.04 to 14.10 [not shown in the video]
– Cloned the LXC to create a new Linux Container for installing ForgeRock’s OpenDJ. [Video 02]
– Downloaded the OpenDJ software. [Video 02]
– Installed / Configured OpenDJ in a Linux Container [Video 02]
In case you are familiar with the Linux and Linux Container installation, feel free to skip the video 00 and video 01. Please also note that video recording was paused during the lengthy package installation procedure, which otherwise would have put you to sleep.
Video 00
Video 01
Video 02
For a detailed introduction on OpenDJ, watch this video
