Archive

Posts Tagged ‘Tomcat’

A simple OpenAM realm scenario

26/06/2012 5 comments

A Realm is an OpenAM concept and a feature which is used to group and organise the information and configuration parameters. OpenAM has a top level realm which contains all other, user-defined, realms. We will try here to demonstrate the realm functionality on a simple but practical scenario where realms will be used to separate administration entities.

Let’s imagine a hypothetical service provider company (Example.com) which has a centralised directory for all of it’s clients, and a separate branch per client:

  • suffix: dc=example,dc=com
  • Client1: o=client1,dc=example,dc=com
  • Client2: o=client2,dc=example,dc=com

Example.com would like to employ OpenAM  for access management (authentication and authorisation) in a way that users from the client companies cannot access each other’s resources. This functionality can be easily achieved by the Realms feature such that each client company has it’s own sub-realm. Below we’ll explain the detailed setup procedure.

Read more…

Certificate based authentication with OpenAM 10 and Tomcat 7

24/05/2012 11 comments

Although my use case for certificate based authentication is pretty basic, the existing documentation for Access Manager/OpenSSO/OpenAM is somewhat scarce and requires gathering information from various, often unrelated sources. For that reason, I have summarised the process in this article.

Read more…