How Can I get a list of all Realms with name and description using OpenAM API call?
If you are using the ClientSDK then you can see a sample implementation here for example:
http://sources.forgerock.org/browse/openam/trunk/openam/openam-cli/openam-cli-impl/src/main/java/com/sun/identity/cli/realm/SearchRealms.java?hb=true
Related
I understand the mechanism of OIDC in Kogito with the help of process-usertasks-with-security-oidc-quarkus example.
However, I have a question about user information. In the given example, the approved field is filled by a Query string. Is there any way to get user information in Kogito? If it doesn't have that feature, can it reflect from header to service?
The integration with the security context inside the Kogito app is something that is on the radar, see https://issues.redhat.com/browse/KOGITO-6162. That would ignore the query string and use the authenticated user. Perhaps, for now, you could create your own endpoint to retrieve the authenticated information as needed and mimic the same API call that is done in the generated endpoint.
I figure out a temporary fix that problem with help of written Custom Service when using Kogito with Quarkus.
https://quarkus.io/guides/security-jwt
JWT Injection can call from the Service layer when used with Kogito.
It is also possible to propagate user identity to other workflow items with internally tagged process variables.
My company is using G-suite and I'd like to analyze basic organization structure details like who's my manager? or who do I manage?
Is this possible using the GoogleApis?
Thanks,
Aubrey
You can definitely consult this information, not by using Gmail API, but by using the G Suite Admin SDK.
Particularly, you may be interested in the following endpoints:
Retrieving a user
Retrieving an organizational unit
You may also want to see the Quickstart which will help you set up an application that can retrieve this data. There are many languages supported (you can choose the one you prefer on the left sidebar).
We need to show document from alfresco in Liferay portlets. We would use the CMIS connector with the document library. But we are required that the users be authenticated with OpenAM (a sso).
All the research I've done seam to indicate that ootb it doesn't work. But I can't find anyone that made it works.
So is it possible to use the CMIS connector with an SSO authenticated user?
If yes, what step should we do, or is there some doc already available?
If no, Is there any work around or other solution to connect Liferay with alfresco with an SSO authenticated user?
So to summarize the situation, no, by default there is no way to use Liferay document librairy/cmis connector with any SSO.
But, it is possible to use it by modifying the Liferay feature (With hook) and using a specific strategies (This go from proxy sso to some java script hack that I wont go to deep into as we decides not to do it) to get the required info to send to alfresco.
Other solution (that we chooses) is to implement a custom authentication on alfresco and to use a password that is not the user one as password, but there is some security concern that need to be taken into account with this solution because the simple way to do it create a "master password" that could be used by anyone.
So basically there is really no one size fit all solutions on this subject.
I would like to enter a value in a field and retrieve related information from a REST service provider. How should I approach this in an xpage?
For example, typing a product name should be the input for a REST call to the third part provider I alread have access to and get all the relevant information in JSON/XML. I have looked at the REST Control in xpage and not sure how to make it look at a third party URL. It seems to only look at domino objects.
The REST Control from the extension library is to provide a REST service, not consume one. Dojo has methods for consuming a REST service, namely the xhrGet and xhrPost methods. Here's a link to xhrGet. Then use the value from the field you were speaking about to build the URL to your 3rd party REST service.
#Keithstric is right. Use Dojo to read REST from other URLs. You might need to use the Domino Proxy to comply with JavaScript same origin policies.
I'm following the Java EE 6 tutorial and I'm reading the part related to security.
In the examples, the user management is done using the features provided with the Glassfish server. Is this the usual method used to manage users in Java EE?
Is it possible to use mechanisms such as e-mail based user account creation (password sent via email) etc. by using this method? If not, what alternative mechanism/library do you recommend for user account management?
I found the answer to my problem here.