Posts

Showing posts from July, 2014

Will it blend? Configure OpenAM to use Ping's OIDC RP module

OpenAM can be configured as an OpenID Connect provider.  Ping provides an open source relying party (RP) module for Apache that supports OIDC. This module is an an Apache filter that protects pages and requires the user to authenticate with an OIDC provider. The module asserts the user's identity to proxied applications by setting HTTP headers.
Prerequisites: A recent OpenAM 12 build. Subscription customers can contact ForgeRock to get the required functionality in OpenAM 11.xThe Ping OIDC module from here https://github.com/pingidentity/mod_auth_openidcConfigure OpenAM as an OIDC providerCreate an Agent for the Ping module (Realm -> Agents -> OAuth2 -> new agent)
The Apache configuration details will depend on your O/S distribution. Create an Apache .conf file for the OIDC module and include it your configuration . Here is an example: From: https://gist.github.com/wstrange/a2ae13124e94a880e2b0
OIDCProviderIssuer https://openam.example.com:8443/openam OIDCProviderAuthorizati…