5:43 a.m.
All,
There is a new project; a group that I support will be using OpenAM to
manage single sign-on (SSO).
The environment is outward facing, where multiple entities (outside users)
will log on to a web portal via openam/opensso. The OpenAM will query the
OpenLDAP (currently it is an embedded OpenDJ implementation) for user
information.
Based on their user credentials they will, hopefully, be forwarded to either
a Production, Development or a Demonstration environment. The group wants
to migrate to OpenLDAP as OpenDJ is 1) not friendly 2) very slow.
I've been looking around at the OpenAM/OpenDJ configuration and most of the
schemas are specifically legacy Sun Microsystems & Java specific.
Basically, the OpenLDAP will be the User-store for OpenAM.
1) Should I migrate those schemas and everything else currently in OpenDJ
over to OpenLDAP and import them?
2) What is the recommended methodology that I should follow to best
implement the above scenario?
Any pointers are much appreciated.
Thanks,
John D. Borresen (Dave)
Linux/Unix Systems Administrator
MIT Lincoln Laboratory
Surveillance Systems Group
244 Wood St
Lexington, MA 02420
Email: john.borresen(a)ll.mit.edu
10:08 a.m.
Hi John,
Your comments are surprising. Can you elaborate on how OpenDJ is not
friendly and slow ?
Kind regards,
Ludovic Poitou
ForgeRock
Product Manager for OpenDJ.
On Tuesday, March 4, 2014, Borresen, John - 0442 - MITLL <
John.Borresen(a)ll.mit.edu> wrote:
All,
There is a new project; a group that I support will be using OpenAM to
manage single sign-on (SSO).
The environment is outward facing, where multiple entities (outside users)
will log on to a web portal via openam/opensso. The OpenAM will query the
OpenLDAP (currently it is an embedded OpenDJ implementation) for user
information.
Based on their user credentials they will, hopefully, be forwarded to
either
a Production, Development or a Demonstration environment. The group wants
to migrate to OpenLDAP as OpenDJ is 1) not friendly 2) very slow.
I've been looking around at the OpenAM/OpenDJ configuration and most of the
schemas are specifically legacy Sun Microsystems & Java specific.
Basically, the OpenLDAP will be the User-store for OpenAM.
1) Should I migrate those schemas and everything else currently in OpenDJ
over to OpenLDAP and import them?
2) What is the recommended methodology that I should follow to best
implement the above scenario?
Any pointers are much appreciated.
Thanks,
John D. Borresen (Dave)
Linux/Unix Systems Administrator
MIT Lincoln Laboratory
Surveillance Systems Group
244 Wood St
Lexington, MA 02420
Email: john.borresen(a)ll.mit.edu <javascript:;>
--
Ludovic Poitou
http://ludopoitou.wordpress.com
11:24 a.m.
Borresen, John - 0442 - MITLL wrote:
All,
There is a new project; a group that I support will be using OpenAM to
manage single sign-on (SSO).
The environment is outward facing, where multiple entities (outside users)
will log on to a web portal via openam/opensso. The OpenAM will query the
OpenLDAP (currently it is an embedded OpenDJ implementation) for user
information.
Based on their user credentials they will, hopefully, be forwarded to either
a Production, Development or a Demonstration environment. The group wants
to migrate to OpenLDAP as OpenDJ is 1) not friendly 2) very slow.
I've been looking around at the OpenAM/OpenDJ configuration and most of the
schemas are specifically legacy Sun Microsystems & Java specific.
Basically, the OpenLDAP will be the User-store for OpenAM.
1) Should I migrate those schemas and everything else currently in OpenDJ
over to OpenLDAP and import them?
2) What is the recommended methodology that I should follow to best
implement the above scenario?
Page 200 of the Packt book on OpenAM shows the steps needed to work with OpenLDAP.
http://www.packtpub.com/openam/book
Any pointers are much appreciated.
Thanks,
John D. Borresen (Dave)
Linux/Unix Systems Administrator
MIT Lincoln Laboratory
Surveillance Systems Group
244 Wood St
Lexington, MA 02420
Email: john.borresen(a)ll.mit.edu
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
3310
days inactive
3310
days old
openldap-technical@openldap.org
2 comments
3 participants
participants (3)
-
Borresen, John - 0442 - MITLL -
Howard Chu -
Ludovic Poitou