Building OpenAM with Maven (Quick Note)

Just a quick note from my past self to my future self …

Set up:
Apple MacBook Pro (Late 2013)
2.3 Ghz Intel Core i7
16 GB 1600 Mhz

java version “1.8.0_51”
Java(TM) SE Runtime Environment (build 1.8.0_51-b16)
Java HotSpot(TM) 64-Bit Server VM (build 25.51-b03, mixed mode)

mvn -version
Apache Maven 3.3.3

Check out from the trunk:
svn co

Set the Maven Environment Variables:

OpenAM: Forcing user to reset password on next login.


A very common use case, when implementing ForgeRock’s OpenAM, is forcing a user to reset their password the next time they login. Seems easy enough right? … next time a particular user authenticates in they should be prompted to change their password before continuing on to the resource (web page) that they had originally requested.

The documentation does mention a setting, in section 8.3, to enable this:

Force Change Password on Next (more...)

#ForgeRock: Using #OpenIDM to sync Account Lockout Status #IDM

Use Case:

In an enterprise setup you would likely want to know when a user has locked their account (e.g. too many failed password attempts) and more than likely want to distribute that information to other systems in your environment. One solution would be to enable OpenIDM to monitor the user identity repository for changes to the user’s status.

This post will demonstrate one possible configuration for this use case.

Starting out with a (more...)

Resetting Forgotten Passwords with @ForgeRock #OpenAM

Implementing the “Resetting Forgotten Passwords” functionality as described in the OpenAM Developer’s Guide requires some additional custom code.

It’s pretty straight forward to implement this functionality and can be done in 4 steps (per the Developer’s Guide):

  1. Configure the Email Service
  2. Perform an HTTP Post with the user’s id
  3. OpenAM looks up email address (based on user id) and sends an email with a link to reset the password
  4. Intercept the HTTP GET request to (more...)