Open Source – Tumy

Implementing Fine-Grained Access (#FGA) Control with Relationship-Based Access Control (#ReBAC) in Open Policy Agent (#OPA)

Leave a Comment / CIAM, identity, IdM, Open Source / By Brad Tumy

Open Policy Agent (OPA) is a powerful open source policy engine that can be used to enforce access control policies in cloud-native applications. OPA is highly flexible and extensible, and it can be used to implement a wide range of authorization policies. In this blog post, we will show how to implement fine-grained access control …

Implementing Fine-Grained Access (#FGA) Control with Relationship-Based Access Control (#ReBAC) in Open Policy Agent (#OPA) Read More »

ForgeRock upgrades entire stack today! #OpenAM #OpenIDM #OpenDJ #OpenIG

1 Comment / ForgeRock, IdM, Open Source, OpenAM, OpenIDM / By Brad Tumy

ok guys … ForgeRock released updates across the board today: Access Management – AM 13 Identity Management – IDM 4 Directory Services – DJ 3 Identity Gateway – IG 4 I have only had a chance to go through the OpenAM release notes … and this is a big release for OpenAM. Clearly a ton …

ForgeRock upgrades entire stack today! #OpenAM #OpenIDM #OpenDJ #OpenIG Read More »

OpenAM: Forcing users to reset password on next login.

8 Comments / Directory Services, ForgeRock, IdM, Open Source / By Brad Tumy

Overview A very common use case, when implementing ForgeRock’s OpenAM, is forcing a user to reset their password the next time they login. Seems easy enough right? … next time a particular user authenticates in they should be prompted to change their password before continuing on to the resource (web page) that they had originally …

OpenAM: Forcing users to reset password on next login. Read More »

LDAP Command Line Cheat #OpenDJ

7 Comments / Directory Services, ForgeRock, IdM, Open Source / By Brad Tumy

I use the command line a lot when interfacing with OpenDJ. One of the issues with this is that I often run into an issue with the BindDN user’s password has an “!” (bang) in it. As this is a special character in Unix/Linux command line, it will typically cause unexpected results. With ldapsearch you …

LDAP Command Line Cheat #OpenDJ Read More »

Custom Password Policy Validation in OpenIDM

Leave a Comment / ForgeRock, IdM, Open Source, OpenIDM / By Brad Tumy

A customer needed to ensure that passwords contained at least one ‘special character’ when a new password was created in OpenIDM. I borrowed heavily from the provided samples but had to figure out the correct regexp formatting. Here is the function that I used to implement this: function atLeastXSpecialChars(fullObject, value, params, property) { isRequired = …

Custom Password Policy Validation in OpenIDM Read More »

#FISMA Ready @Ubuntu LTS @18F

Leave a Comment / Government, ICAM, Linux, Open Source / By Brad Tumy

Ubuntu is a very popular operating system (OS) in the cloud space but the Federal government has been reluctant to adopt Ubuntu, preferring to stick with Redhat as their Linux flavor of choice. As the Government moves toward the cloud it makes sense to me that Ubuntu would start to see some more play time. One …

#FISMA Ready @Ubuntu LTS @18F Read More »