As of V8.0.1.0 of ISAM for Mobile, there is a helper class in the Javascript mapping rule for Resource Owner Password Validation against the configured LDAP server. There are a few steps required to configure it though. If you haven't configured it, you will receive the following error on attempting an ROPC flow: {"error":"mapping_error", "error_description":"com.tivoli.am.rba.exception.RBARuntimeException:... Continue Reading →
Since 8.0.0.3 ISAM for Mobile has had the ability to call a Javascript Policy Information Point (PIP) during context based access (CBA, formerly risk based access - RBA) decisions for attribute enrichment. This capability is very flexible and can be used for many different purposes. Some examples include: Manipulating and extracting attributes from request headers.... Continue Reading →
Edit (13/1/15): There is another example of trace statements which references a different class in the article: ISAM for Mobile: Javascript Policy Information Points Debugging IBM Security Access Manager (ISAM) for Mobile Mapping rules can be challenging. One of the things that makes it much easier is having regular trace statements. In developing the... Continue Reading →
If you'd like to do Authorization in a mapping rule for OAuth, there are a couple of options as to how you do this. On the IBM Security Access Manager (ISAM) for Mobile appliance, API protection exposes two Mapping rules: A) A Pre Token Generation mapping rule named: <API Definition Name>PreTokenGeneration. This mapping rule fires... Continue Reading →
Philip Nye 