738dcf53cdbddc9f941ca40c8db8dcf3e472eca5 |
|
09-Oct-2015 |
Jake Feasel <jake.feasel@forgerock.com> |
OPENIDM-4217 - Align with CUI-111 and 21dcdac9 to properly use managed/user authzRoles. Still blocked by OPENIDM-4246 |
48a99a679220c6522d8b11dc1305f7780ae02a8e |
|
07-Oct-2015 |
Jake Feasel <jake.feasel@forgerock.com> |
CR-7438 - OPENIDM-3344 - Separate different role types into different fields for managed/user |
db4f02cbee52b92fd37a39aeee44dcd2272bc99c |
|
22-Apr-2015 |
Alin Brici <alin.brici@forgerock.com> |
OPENIDM-3162 CR-6709 Updated sample 3 to demonstrate the custom-scripted-connector-bundler tool |
194cdefb77cf5217ac87c29c6412db51bd6b8c8d |
|
10-Feb-2015 |
Brendan Mmiller <brendan.miller@forgerock.com> |
IDME-340 (CR-5999) Add "static user" auth module to authenticate anonymous user
against module config to avoid repo read for self-registration use-cases. |
94dade725a55de70aec65a84bc4949882e5277b1 |
|
02-Jun-2014 |
Jake Feasel <jake.feasel@forgerock.com> |
CR-3654 - OPENIDM-1896 - Renaming passthroughAuthnPopulateContext.js to populateAsManagedUser.js |
ca9cecf8aad26de692a51049e26d3374dc97f975 |
|
30-May-2014 |
Brendan Mmiller <brendan.miller@forgerock.com> |
OPENIDM-1708 (CR-3633)
Support reauth for any auth module configured in authentication.json.
* AuthenticationService now handles requests on /authentication, replaciing
AuthFilter which was not a filter, and did not fully handle reauth.
* Authenticators are used from both JASPI auth modules and AuthenticationService
to provide the authentication--either with Http headers in the case of the
auth modules, or from the authcid in the HttpContext and the reauth header
in the case of reauthentication.
* AuthenticationService now satisfies the AuthenticationConfig service for
the purposes of OSGiAuthFilterBuilder's access to the config to build the
JASPI CAF.
* The duplicative managed/user config at the top of the sample authentication.json
files are now removed, thus satisfying OPENIDM-1781. |
b4260bb3e2303240ecf6c7e4e5639439c3f98889 |
|
27-May-2014 |
Brendan Mmiller <brendan.miller@forgerock.com> |
OPENIDM-1762 (CR-3586)
Additional decoupling of auth module role calculation and security context
population from auth module validation code. Notably:
* factor out basic auth code to allow PassthroughModule to support both basic auth and X-OpenIDM- header auth.
* remove IWAPassthroughModule in favor of using auth module configuration to control order of execution
* separate client cert auth into its own module, supporting an list of "allowedAuthenticationIdPatterns"
to compare against the subject DN
* remove static dependency on OSGIAuthnFilterBuilder for injection of OSGi artifacts - improves testability |
0b90cf39da4c7ba2b843ffd3512d84d009b5dff0 |
|
14-May-2014 |
Brendan Mmiller <brendan.miller@forgerock.com> |
OPENIDM-1735 / OPENIDM-1134 (CR-3503)
Provide additional detail on sync failures from managed object CRUD operations.
Provide example compensation script to compensate for sync failures. |
0c3f79f75f596c8d6700b2de830000f754bb28a9 |
|
12-May-2014 |
Phill Cunnington <phill.cunnington@forgerock.com> |
CF-2495 - CAF-93/CAF-103 - Session integration with OpenAM via common session module |
7d83b6a03bd7b63f2eb6404d6cc1e4c074391ea7 |
|
23-Apr-2014 |
Jake Feasel <jake.feasel@forgerock.com> |
http://sources.forgerock.org/cru/CR-3415 - OPENIDM-1734 - samples 8, 9 and workflow working with the UI, plus some overall cleanup |
4b3769ce483ece06f60f983193712492b920144f |
|
03-Apr-2014 |
Jake Feasel <jake.feasel@forgerock.com> |
http://sources.forgerock.org/cru/CR-3243 - OpenIDM updates to samples 1 through 4
Doesn't include sample3 updates |