tag:blogger.com,1999:blog-16619563.comments2022-11-01T09:30:00.103+00:00Joined Up Thinking In Identity & Access ManagementStephen Swannhttp://www.blogger.com/profile/02171157277282964684noreply@blogger.comBlogger53125tag:blogger.com,1999:blog-16619563.post-2085594362533535912021-01-29T21:31:21.494+00:002021-01-29T21:31:21.494+00:00I hope you will keep a backup of some of your SDI/...I hope you will keep a backup of some of your SDI/TDI postings - they are mostly still relevant and I have enjoyed your insight and findings over the years :-)Franz Wolfhagenhttps://www.blogger.com/profile/17023795205176933494noreply@blogger.comtag:blogger.com,1999:blog-16619563.post-54775209927375333472020-04-27T18:11:23.380+01:002020-04-27T18:11:23.380+01:00Hi Sthephen,
I like your failover considerati...Hi Sthephen,<br /><br /> I like your failover considerations, only a doubt, our customer have a Citrix Netscaler LB, and the idle timeout is configured to 120 seconds. What values do you suggest to ISIM timeouts? another considerations are the customer have 2 master peer replicated each one with SDS Security Suite working.<br /> <br /> Thanks a lot.Anonymoushttps://www.blogger.com/profile/02711373496475573991noreply@blogger.comtag:blogger.com,1999:blog-16619563.post-38338033772113056712020-02-14T14:24:36.812+00:002020-02-14T14:24:36.812+00:00Thanks Stephen for this blog! My question: do you ...Thanks Stephen for this blog! My question: do you have further Queries for Reporting purposes? I would like to build a Report with the list of all the Accounts (any type: Orphans/Unmatched/Matched) with information about the matching in case it was matched to any identity... ah of course i have 0 knowledge about JAVA ;) Ciccohttps://www.blogger.com/profile/07025755576707287788noreply@blogger.comtag:blogger.com,1999:blog-16619563.post-74202577065619430262015-03-03T15:37:23.505+00:002015-03-03T15:37:23.505+00:00I was reading this post and thought, "man, th...I was reading this post and thought, "man, that email sounds familiar," and it was! I work with Tim and recognized his writing.<br /><br />I first came your blog when I needed to to find the TDI java docs and I've been coming back ever since. I think everyone I work with has referenced your blog at one point or another (copy and pasting from ITIM workflows makes its rounds every time someone sets up a new workstation).<br /><br />Thanks again for all the knowledge and experience you've shared!Trace Guyhttps://www.blogger.com/profile/03066467524309789374noreply@blogger.comtag:blogger.com,1999:blog-16619563.post-76599719087628139512014-11-17T19:24:15.074+00:002014-11-17T19:24:15.074+00:00and if new junction needs to be created kindly pro...and if new junction needs to be created kindly provide me with type of junction to be created and the required attributes to be passedAnonymoushttps://www.blogger.com/profile/14825128750950680593noreply@blogger.comtag:blogger.com,1999:blog-16619563.post-31782594604577048792014-11-17T19:20:03.961+00:002014-11-17T19:20:03.961+00:00Thanks a lot Stephen for your clarifying it again....Thanks a lot Stephen for your clarifying it again....<br />I have some querries Kindly provide some pointers to it as I am very new TAM it will be very useful...<br /><br />Assignment is as below:<br />There is a WebSEAL environment with SSO enabled, AD as user registry<br />and IBM websphere portal page is used as landing page (which is<br />displayed after WebSEAL's default login page). The requirement is to<br />replace the Websphere portal landing page by a jsp/servlet page(J2EE application). This jsp/servlet page should display a set of links that the user is authorized to access.<br /><br />Approach for the solution:<br />1. J2EE application (jsp/servlet):<br /> Develop the new J2EE application. This J2EE application has landing(home) page with scripting code(jsp/servlet) to retrieve user<br />and their groups from the http header "iv-user" and "iv-groups"<br />(default header attributes set by the WebSEAL) respectively.<br /> This scripting code checks the group and links mapping and based on<br />the group of the user, it displays only those links that are<br />authorized for the user.<br /> The group and link mapping is hard-coded in the code, or to make it<br />configurable we can store it in the one of the property file or<br />database.<br /><br />2. Deploy J2EE application.<br /> Deploy this newly develop J2EE application to websphere.<br /> Any additional configuration is required to do for websphere ?<br /><br />3. WebSeal and junction configuration:<br /> Update the existing junction or create the new junction on the<br />WebSEAL for directing the request to the new URL of the J2EE application-landing page. I think<br />the update the existing junction will be good as the required ACLs and<br />POPs are already attached to it. pls provid ur inputs.<br /><br /> ** Can we update the existing junction for this ? Or creating new<br />junction will be better approach?<br />** Any additional configurations are required at junction or WebSEAL end?Anonymoushttps://www.blogger.com/profile/14825128750950680593noreply@blogger.comtag:blogger.com,1999:blog-16619563.post-90702410565186288382014-11-17T11:43:14.050+00:002014-11-17T11:43:14.050+00:00I think you'll find that all the information y...I think you'll find that all the information you need to achieve what you are trying to do is already detailed in the blog post.<br /><br />The blog post suggests that your "home page" is a non-static HTML page hosted using some application server. The blog post also shows the exact code you need if you want to base links on IV-GROUP memberships:<br /><br />String groups = request.getHeader("iv-groups");<br />if (groups.indexOf("administrators") >-1) {<br /> // Show a link to the administrator's application<br />}<br />if (groups.indexOf("auditors") >-1) {<br /> // Show a link to the auditor's application<br />}<br /><br />I've highlighted where you would need to place your link with the comments above. Using pseudo code, it would look like this:<br /><br />if (groups.indexOf("auditors") >-1) {<br /> print "<a href="xxxx" rel="nofollow">Auditor Link</a>";<br />}<br /><br />NOTE: Ordinarily, I wouldn't reply to comments asking me to "reply asap" as I do have a day job to attend to and I don't like the idea of doing other people's work for them. There was more than enough information in this blog post as it stood.Stephen Swannhttps://www.blogger.com/profile/02171157277282964684noreply@blogger.comtag:blogger.com,1999:blog-16619563.post-73535858225958745742014-11-17T11:30:43.841+00:002014-11-17T11:30:43.841+00:00Hello Stephen,
This is issue needs a very urgent r...Hello Stephen,<br />This is issue needs a very urgent resolution Could you please reply asap ?Anonymoushttps://www.blogger.com/profile/14825128750950680593noreply@blogger.comtag:blogger.com,1999:blog-16619563.post-57786066391368664032014-11-14T10:23:31.645+00:002014-11-14T10:23:31.645+00:00Thanks for very informative blog abt the landing p...Thanks for very informative blog abt the landing page.<br />I have one question here...<br />personalised landing page that you created, if we want to display some set of links the user particular is suppoe to access how do we achieve that ??<br />please replyAnonymoushttps://www.blogger.com/profile/14825128750950680593noreply@blogger.comtag:blogger.com,1999:blog-16619563.post-45476678862165850462014-06-11T08:55:19.259+01:002014-06-11T08:55:19.259+01:00Hi Mr. Stephen,
Thank you very much for sharing t...Hi Mr. Stephen,<br /><br />Thank you very much for sharing the content.<br /><br />I am also trying to use "ComplexTypesGenerator" Function Component in TDI. I provided the WSDL URL, Jar file name and JDK path (using jdk1.6.0_18). When I click on "Generate complex types", it is giving the following error.<br /><br />com.ibm.jscript.InterpretException: Scrip interpreter error, line=23, col=22: Reference error: 'util' not found<br /><br />I would really appreciate for your help.<br /><br />Thanks,<br />AmitAnonymoushttps://www.blogger.com/profile/14043404100699042755noreply@blogger.comtag:blogger.com,1999:blog-16619563.post-9714966558520292282014-06-11T08:46:30.116+01:002014-06-11T08:46:30.116+01:00Hi Mr. Stephen,
Thank you very much for sharing t...Hi Mr. Stephen,<br /><br />Thank you very much for sharing the content.<br /><br />I am also trying to use "ComplexTypesGenerator" Function Component in TDI. I provided the WSDL URL, Jar file name and JDK path (using jdk1.6.0_18). When I click on "Generate complex types", it is giving the following error.<br /><br />com.ibm.jscript.InterpretException: Scrip interpreter error, line=23, col=22: Reference error: 'util' not found<br /><br />I would really appreciate for your help.<br /><br />Thanks,<br />AmitAnonymoushttps://www.blogger.com/profile/14043404100699042755noreply@blogger.comtag:blogger.com,1999:blog-16619563.post-15544394781864818562014-04-28T08:12:25.583+01:002014-04-28T08:12:25.583+01:00Did you find it worked the second time?
I've ...Did you find it worked the second time?<br /><br />I've had that problem previously for a rather large service.. the object size was just too great for ITIM to manage.Ryanm29https://www.blogger.com/profile/07066378398450284909noreply@blogger.comtag:blogger.com,1999:blog-16619563.post-81855943120172199142014-04-03T06:56:56.489+01:002014-04-03T06:56:56.489+01:00This comment has been removed by a blog administrator.Anonymoushttps://www.blogger.com/profile/05961613557490534793noreply@blogger.comtag:blogger.com,1999:blog-16619563.post-68505129980772063702013-08-26T08:51:31.402+01:002013-08-26T08:51:31.402+01:00hi Stephen, thanks for all your tutorial regarding...hi Stephen, thanks for all your tutorial regarding ibm tivoli identity manager<br /><br />currently i am unable to download the loadous.zip file also,<br /><br />can you send it to me as well?<br />my email:<br />wzeruel@gmail.comWilliam Wonghttps://www.blogger.com/profile/07099200509352505752noreply@blogger.comtag:blogger.com,1999:blog-16619563.post-42805322016113913042013-04-25T15:57:39.280+01:002013-04-25T15:57:39.280+01:00Hi,nice one. I am getting followng exception in TD...Hi,nice one. I am getting followng exception in TDI when i click generate complex type, Please advise<br /><br />java.lang.Exception: java.lang.Exception: warning: [options] bootstrap class path not set in conjunction with -source 1.4 <br />java.lang.Exception: warning: [options] bootstrap class path not set in conjunction with -source 1.4<br /><br /><br /><br /><br />manihttps://www.blogger.com/profile/02110056373542233735noreply@blogger.comtag:blogger.com,1999:blog-16619563.post-85032144129145582722013-04-25T00:13:18.763+01:002013-04-25T00:13:18.763+01:00This comment has been removed by a blog administrator.Annehttps://www.blogger.com/profile/00338996508007420864noreply@blogger.comtag:blogger.com,1999:blog-16619563.post-940391080429542752013-04-16T06:08:35.726+01:002013-04-16T06:08:35.726+01:00Good to see you back online! :-)
I used to be an ...Good to see you back online! :-)<br /><br />I used to be an avid reader of your blog but there hasn't been a lot of activity since October last year...<br /><br />I thought this was another great blog going the "blackhole way"...<br /><br />Anyway, I'm looking forward to see your next article on TDI...<br /><br />Raimana L.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-16619563.post-38129461148625673752012-12-25T18:11:54.699+00:002012-12-25T18:11:54.699+00:00This comment has been removed by a blog administrator.CuteRimihttps://www.blogger.com/profile/14567120204143842681noreply@blogger.comtag:blogger.com,1999:blog-16619563.post-30186166720595737112012-10-16T21:21:54.149+01:002012-10-16T21:21:54.149+01:00The above article was very helpful. I followed it ...The above article was very helpful. I followed it and was able to create "MASSL between WebSEAL and Apache on Linux".Ajayhttps://www.blogger.com/profile/15134734586309313554noreply@blogger.comtag:blogger.com,1999:blog-16619563.post-84574007618965946672012-10-16T09:17:28.762+01:002012-10-16T09:17:28.762+01:00This comment has been removed by the author.Ajayhttps://www.blogger.com/profile/15134734586309313554noreply@blogger.comtag:blogger.com,1999:blog-16619563.post-60894244776868963032012-09-19T10:33:42.801+01:002012-09-19T10:33:42.801+01:00Hi Swannie,
Well done again ... thanks for the ge...Hi Swannie,<br /><br />Well done again ... thanks for the get out of jail card again ....<br /><br />Best Regards<br />NaipaulTricky Harryhttps://www.blogger.com/profile/16736591871278972307noreply@blogger.comtag:blogger.com,1999:blog-16619563.post-77395014816650272502012-09-19T10:32:59.742+01:002012-09-19T10:32:59.742+01:00Hi Swannie,
Well done again ...
NaipaulHi Swannie,<br /><br />Well done again ...<br /><br />NaipaulTricky Harryhttps://www.blogger.com/profile/16736591871278972307noreply@blogger.comtag:blogger.com,1999:blog-16619563.post-74670991413017427182012-07-05T11:41:39.354+01:002012-07-05T11:41:39.354+01:00Interesting, I'm not familiar with TDI. Howeve...Interesting, I'm not familiar with TDI. However, it is probably worth nothing that the wmqtt.jar that you are using is deprecated in favour of the Eclipse Paho Java client, which implements the full MQTT v3.1 specification including e.g. authentication, so you might want to take a look at that instead :-)Andy Piperhttps://www.blogger.com/profile/07666427891464758843noreply@blogger.comtag:blogger.com,1999:blog-16619563.post-18373877718678448152012-06-05T22:20:37.912+01:002012-06-05T22:20:37.912+01:00Nice article, Stephen. And don't put up with s...Nice article, Stephen. And don't put up with stuff that doesn't work as advertised. At least complaint to me :)Eddie Hartmanhttps://www.blogger.com/profile/12264507239868838185noreply@blogger.comtag:blogger.com,1999:blog-16619563.post-76074055105709801072012-05-07T05:49:46.786+01:002012-05-07T05:49:46.786+01:00Tooo good.. :) worked!! Thanks!Tooo good.. :) worked!! Thanks!Ra33https://www.blogger.com/profile/05999251534008917483noreply@blogger.com