This is first of four blog entries that aims at demonstrating how to use SAML Assertion Attributes in an Application protected by ForgeRock OpenAM. For the convenience of viewing, a thirty five odd minutes screen-cast has been split into four sections, the first of which is embedded on this blog post. While each entry talks of an independent facility in ForgeRock OpenAM, it makes sense to read/view them in the following order:
As you can possibly make out from the illustration above, there are three Linux Containers being used in our demonstration, two of which runs an OpenAM instance each. A third Linux Container is used for installing a J2EE Application. The illustration captures the end state of this segment, where a J2EE Application is protected by an OpenAM J2EE Agent, making sure all client requests to it are intercepted by the Agent and redirected to the OpenAM for Authentication/Authorization.
This is a sequel to my earlier blog update on ForgeRock OpenDJ Replication and is largely inspired by a question raised in the ForgeRock Community Website. So if you are not very familiar with the steps involved in configuring OpenDJ Replication, I suggest you read/watch it before watching the embedded video below:
One-liner about the infrastructure used: two Linux Containers, each running an instance of ForgeRock OpenDJ is already replicating the OpenDJ data, but the replication traffic is not secure. In the video demonstration that follows, we’ll tighten the security a bit by encrypting the replication traffic as well as monitor the same using wireshark running on the host OS. Well, the diagram below indicates the end state of our screen-cast:
ForgeRock has four main products: OpenDJ, OpenAM, OpenIDM and OpenIG. A few days back I embarked on a journey to publish posts on my blog that demonstrated basic functionality of each of the aforesaid products. This post, it’s safe to say, might be the one leading to the chequered flag. So here’s the story so far:
and now to the last one in the series that demonstrates the functionality of OpenIG (Identity Gateway) at a very basic level of course. And as with the last blog entries, I present to you the video logs of OpenIG installation and configuration. The demonstration in the video is based on ForgeRock OpenIG Quick Start documentation.
What you get to see in the video log is:
– Creation of a new Linux Container ‘my-openig’
– Installation of Jetty
– Deployment of OpenIG in Jetty
– Installation of minimal http server
– Configuring the OpenIG to redirect requests to the minimal http server