[prev in list] [next in list] [prev in thread] [next in thread]
List: forgerock-openam
Subject: Re: [OpenAM] user created in openam and ldap entry of user
From: "tarun.kumar" <tarun.kumar () orkash ! com>
Date: 2014-10-21 4:46:34
Message-ID: 5445E25A.8090804 () orkash ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
On Monday 20 October 2014 08:22 PM, tarun.kumar wrote:
> hello guys
>
> I have a query on subject creation in openam console and users created
> in ldap.
> i created a new user "user1" in openam console as a new subject and i
> have data store for that
> realm as dc=orkash,dc=com.
> so i believe universal id for "user1"
>
> id=user1,ou=people,dc=orkash,dc=com
>
> thats how i see that entry in external opendj location.
> But in openam console i see "user1" uid as
> *id=user1,ou=user,dc=config,dc=com**
> *so i have tried with defferent repository locations :
> config data store : dc=config,dc=com
> and
> user data store : dc=orkash,dc=com
> importantly both at same backend : userRoot
> and i feel due to this reason i get agent logs as
>
>
> amPolicy:10/20/2014 06:40:40:102 PM IST:
> Thread[http-bio-18080-exec-8,5,main]
> HttpURLResourceName.compare: after canonicalization: request
> resource=http://taruns.orkash.com:18080/socialcluster/WEB-INF/jsp/dashboard.jsp;
> policy
> resource=http://taruns.orkash.com:18080/socialcluster/WEB-INF/jsp/dashboard.jsp
> amRemotePolicy:10/20/2014 06:40:40:103 PM IST:
> Thread[http-bio-18080-exec-8,5,main]
> ResourceResultCache.getPolicyDecision()::serviceName=iPlanetAMWebAgentService:token= \
> id=andy,ou=user,dc=config,dc=com:resourceName=http://taruns.orkash.com:18080/socialc \
> luster/WEB-INF/jsp/dashboard.jsp:actionNames=[GET]:env:cacehMode=self:useCache=true:returning \
> policyDecision:
> amRemotePolicy:10/20/2014 06:40:40:103 PM IST:
> Thread[http-bio-18080-exec-8,5,main]
> PolicyEvaluator:getPolicyDecision():token=id=andy,ou=user,dc=config,dc=com:resourceN \
> ame=http://taruns.orkash.com:18080/socialcluster/WEB-INF/jsp/dashboard.jsp:actionNames=[GET]:returning \
> policyDecision:<PolicyDecision>
> <ResponseAttributes>
> </ResponseAttributes>
> </PolicyDecision>
>
> amWebPolicy:10/20/2014 06:40:40:103 PM IST:
> Thread[http-bio-18080-exec-8,5,main]
> AmWebPolicy: XML policy decision for
> resource:http://taruns.orkash.com:18080/socialcluster/WEB-INF/jsp/dashboard.jsp,
> action=GET, XML=<PolicyDecision>
> <ResponseAttributes>
> </ResponseAttributes>
> </PolicyDecision>
>
> amWebPolicy:10/20/2014 06:40:40:103 PM IST:
> Thread[http-bio-18080-exec-8,5,main]
> WARNING: AmWebPolicy: empty action decision for
> resource:http://taruns.orkash.com:18080/socialcluster/WEB-INF/jsp/dashboard.jsp,
> action=GET
> amFilter:10/20/2014 06:40:40:103 PM IST:
> Thread[http-bio-18080-exec-8,5,main]
> URLPolicyTaskHandler: access denied by AmWebPolicy
> amFilter:10/20/2014 06:40:40:103 PM IST:
> Thread[http-bio-18080-exec-8,5,main]
> AmFilter: result =>
>
> -----------------------------------------------------------
> FilterResult:
> Status : FORBIDDEN
> ProcessResponse : false
> RedirectURL : null
> RequestURL : null
> RequestHelper:
> null
>
> Data:
> null
>
> -----------------------------------------------------------
>
> thanks and regards
> tarun
>
>
>
> _______________________________________________
> OpenAM mailing list
> OpenAM@forgerock.org
> https://lists.forgerock.org/mailman/listinfo/openam
hi peter and bernhard
please i need help on this problem.
thanks
tarun
[Attachment #5 (text/html)]
<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">On Monday 20 October 2014 08:22 PM,
tarun.kumar wrote:<br>
</div>
<blockquote cite="mid:544521A1.80901@orkash.com" type="cite">
<meta http-equiv="content-type" content="text/html;
charset=ISO-8859-1">
hello guys<br>
<br>
I have a query on subject creation in openam console and users
created in ldap.<br>
i created a new user "user1" in openam console as a new subject
and i have data store for that<br>
realm as dc=orkash,dc=com.<br>
so i believe universal id for "user1" <br>
<br>
id=user1,ou=people,dc=orkash,dc=com <br>
<br>
thats how i see that entry in external opendj location.<br>
But in openam console i see "user1" uid as
<meta http-equiv="content-type" content="text/html;
charset=ISO-8859-1">
<b><span style="color: rgb(51, 51, 51); font-family: sans-serif;
font-size: 12px; font-style: normal; font-variant: normal;
font-weight: normal; letter-spacing: normal; line-height:
normal; orphans: auto; text-align: start; text-indent: 0px;
text-transform: none; white-space: normal; widows: auto;
word-spacing: 0px; -webkit-text-size-adjust: auto;
-webkit-text-stroke-width: 0px; background-color: rgb(255,
255, 255); display: inline !important; float: \
none;">id=user1,ou=user,dc=config,dc=com</span></b><b><br> </b>so i have tried with \
defferent repository locations :<br> config data store : dc=config,dc=com<br>
and <br>
user data store : dc=orkash,dc=com <br>
importantly both at same backend : userRoot<br>
and i feel due to this reason i get agent logs as<br>
<br>
<br>
amPolicy:10/20/2014 06:40:40:102 PM IST:
Thread[http-bio-18080-exec-8,5,main]<br>
HttpURLResourceName.compare: after canonicalization: request
resource=<a moz-do-not-send="true" class="moz-txt-link-freetext"
href="http://taruns.orkash.com:18080/socialcluster/WEB-INF/jsp/dashboard.jsp">http://taruns.orkash.com:18080/socialcluster/WEB-INF/jsp/dashboard.jsp</a>;
policy
resource=<a moz-do-not-send="true" class="moz-txt-link-freetext"
href="http://taruns.orkash.com:18080/socialcluster/WEB-INF/jsp/dashboard.jsp">http://taruns.orkash.com:18080/socialcluster/WEB-INF/jsp/dashboard.jsp</a><br>
amRemotePolicy:10/20/2014 06:40:40:103 PM IST:
Thread[http-bio-18080-exec-8,5,main]<br>
ResourceResultCache.getPolicyDecision()::serviceName=iPlanetAMWebAgentService:token=id=andy,ou=user,dc=config,dc=com:resourceName=<a
moz-do-not-send="true" class="moz-txt-link-freetext"
href="http://taruns.orkash.com:18080/socialcluster/WEB-INF/jsp/dashboard.jsp:actionNam \
es=">http://taruns.orkash.com:18080/socialcluster/WEB-INF/jsp/dashboard.jsp:actionNames=</a>[GET]:env:cacehMode=self:useCache=true:returning
policyDecision:<br>
amRemotePolicy:10/20/2014 06:40:40:103 PM IST:
Thread[http-bio-18080-exec-8,5,main]<br>
PolicyEvaluator:getPolicyDecision():token=id=andy,ou=user,dc=config,dc=com:resourceName=<a
moz-do-not-send="true" class="moz-txt-link-freetext"
href="http://taruns.orkash.com:18080/socialcluster/WEB-INF/jsp/dashboard.jsp:actionNam \
es=">http://taruns.orkash.com:18080/socialcluster/WEB-INF/jsp/dashboard.jsp:actionNames=</a>[GET]:returning
policyDecision:<PolicyDecision>
<br>
<ResponseAttributes>
<br>
</ResponseAttributes>
<br>
</PolicyDecision>
<br>
<br>
amWebPolicy:10/20/2014 06:40:40:103 PM IST:
Thread[http-bio-18080-exec-8,5,main]<br>
AmWebPolicy: XML policy decision for <a moz-do-not-send="true"
class="moz-txt-link-freetext"
href="resource:http://taruns.orkash.com:18080/socialcluster/WEB-INF/jsp/dashboard.jsp" \
>resource:http://taruns.orkash.com:18080/socialcluster/WEB-INF/jsp/dashboard.jsp</a>, \
> action=GET, XML=<PolicyDecision>
<br>
<ResponseAttributes>
<br>
</ResponseAttributes>
<br>
</PolicyDecision>
<br>
<br>
amWebPolicy:10/20/2014 06:40:40:103 PM IST:
Thread[http-bio-18080-exec-8,5,main]<br>
WARNING: AmWebPolicy: empty action decision for <a
moz-do-not-send="true" class="moz-txt-link-freetext"
href="resource:http://taruns.orkash.com:18080/socialcluster/WEB-INF/jsp/dashboard.jsp" \
>resource:http://taruns.orkash.com:18080/socialcluster/WEB-INF/jsp/dashboard.jsp</a>, \
> action=GET<br>
amFilter:10/20/2014 06:40:40:103 PM IST:
Thread[http-bio-18080-exec-8,5,main]<br>
URLPolicyTaskHandler: access denied by AmWebPolicy<br>
amFilter:10/20/2014 06:40:40:103 PM IST:
Thread[http-bio-18080-exec-8,5,main]<br>
AmFilter: result => <br>
<br>
-----------------------------------------------------------<br>
FilterResult:<br>
Status : FORBIDDEN<br>
ProcessResponse : \
false<br> RedirectURL : null<br>
RequestURL : null<br>
RequestHelper: <br>
null<br>
<br>
Data: <br>
null<br>
<br>
-----------------------------------------------------------<br>
<br>
thanks and regards<br>
tarun<br>
<br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
OpenAM mailing list
<a class="moz-txt-link-abbreviated" \
href="mailto:OpenAM@forgerock.org">OpenAM@forgerock.org</a> <a \
class="moz-txt-link-freetext" \
href="https://lists.forgerock.org/mailman/listinfo/openam">https://lists.forgerock.org/mailman/listinfo/openam</a>
</pre>
</blockquote>
hi peter and bernhard<br>
please i need help on this problem.<br>
thanks <br>
tarun<br>
</body>
</html>
_______________________________________________
OpenAM mailing list
OpenAM@forgerock.org
https://lists.forgerock.org/mailman/listinfo/openam
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic