Altair® Panopticon

 

Using OAuth 2.0 Through OpenAM

To enable roles mapping and username retrieval with OpenAM, perform the following configuration in the IdP:

1.     Add value isMemberOf to the LDAP User Attributes list in your Data Store.

2.     Add values uid|Username and isMemberOf|Groups to the scopes mapping in your OAuth agent configuration.

Example configuration in Panopticon.properties:

authentication.oauth2.client.id=panopticon authentication.oauth2.client.secret=password123 authentication.oauth2.identity.attribute.roles=isMemberOf authentication.oauth2.identity.attribute.roles.pattern=cn=([^,]+) authentication.oauth2.identity.attribute.username=uid authentication.oauth2.identity.url=http://localhost:9080/openam/oauth2/tokeninfo authentication.oauth2.login.callback.url=http://localhost:8080/panopticon/server/rest/auth/login authentication.oauth2.login.redirect.url= authentication.oauth2.login.response.type=code authentication.oauth2.login.scope=uid isMemberOf authentication.oauth2.login.state= authentication.oauth2.login.url=http://localhost:9080/openam/oauth2/authorize authentication.oauth2.logout.redirect.url=http://localhost:8080/panopticon authentication.oauth2.logout.url=http://localhost:9080/openam/oauth2/token/revoke authentication.oauth2.token.method=query authentication.oauth2.token.url=http://localhost:9080/openam/oauth2/access_token authentication.type=OAUTH2