ISAM OAuth Inactivity

Its not immediately obvious, and commonly misconstrued as an problem of disappearing tokens, but the OAuth grants in ISAM have a "Maximum" Grant lifetime, as opposed to an inactivity in a default API Definition. This means that when you request a Token - say via ROPC and you are using the default settings of an... Continue Reading →

Simpler ISAM Authentication Service URLs

This article is no longer necessary, thanks to OOTB behavior available in ISAM 9.0.6 and later. See details here. In order to clean up the instantiation URLs generated by the authentication service, you can use a ISAM HTTP transformation rule. I've just completed two examples of this. Remove PolicyId static prefix: No static Prefix This... Continue Reading →

Redirect after login from InfoMap or AuthSvc Policy

If you'd like to redirect after the completion of the login process from an InfoMap, you can set the equivalent of the EAI redirect header: eai-redir-url-header = am-eai-redir-url This can be done through the setting of the response token attribute: context.set(Scope.SESSION, “urn:ibm:security:asf:response:token:attributes”, “itfim_override_targeturl_attr”, "/someURL"); There is a technote showing this in other mapping rules here:... Continue Reading →

ISAM – Infomap – Any alias authentication

A number of customers like to use various alias's to authenticate into ISAM, up until recently, the primary way of achieving this, is via a Custom EAI, or some elaborate LDAP hackery. Infomap, and the UserHelper capabilities, makes this a much easier affair. Here is an example, where we use the infomap to authenticate based... Continue Reading →

Website Built with WordPress.com.

Up ↑