IBM Security & IBM Collaboration Solutions Notes

Tips & tricks for installing and running IBM products
Tom Bosmans Tags 32bit 9.0.5.0 ansible apache applet autostart bash basic-authentication caching ccm centos centos6 centos7 certbot certbot-auto certificates chartjs chat cognos communities community connections connections-4.0 connections-4.5 connections-5.0 connections-5.5 connections-6 connections-Pink connections container crypto-mining customization datapower db2 distinguished name dkim dmgr dns dnsmasq docker domino dynamic dns edgerouter encrypt ethereum exporter federation filebeat free ibm icp ids ihs impress installation-manager interservice-url isam java javascript jquery jvm jython kubernetes kudos ldap letsencrypt Liberty linux logging meetings metrics multidisplay netinstall nodeagent non-root notepad++ notes formula oauth oidc openid openoffice oracle OrientMe password performance perl profiles proxy puppet pxe python quickr recording regex renderer renew rest reverse-proxy rhel6 router sametime sametime-9 sametime-meetings screen-sharing search setup ssc ssl stellent stiab stmobile stproxy synology tam tdi tds themes tip tls ttfp ubiquity ubuntu Ubuntu_1210 ubuntu_1304 Ubuntu_1404 udev vmrun vmware was855 wasservice.sh webseal websphere windows xml xquery	IBM Security & IBM Collaboration Solutions Notes federation isam oauth oidc openid webseal OAuth and OpenID Connect provider configuration for reverse proxy instances - reuse acl option Tom Bosmans 10 October 2018 10:12:04 I have multiple reverse proxy instances configured on an appliance, and recently added a new one. I performed the "Oauth and OpenID Connect Provider configuration", and did not select the options "Reuse ACL" nor "Reuse Certificates" . After that, I noticed that my OpenID authentication no longer worked correctly on the other instances. The reason was that the ACL's for the objects in /mga/sps/oauth/oauth20/ disappeared . So if you already have configured other instances on your appliance for "Oauth and OpenID connect", always enable "Reuse ACL" ! What actually happens is easy to follow in the autocfg__oauth.log file in the Reverse Proxy log files: If reuse acl is not checked, it will first detach the ACL's from all objects , delete the ACL and then add it again, but only for the reverse proxy where your run the configuration ..... So you loose all configuration that uses the isam_oauth_* ACL's in the other instances . Moral of the story : always enable "Reuse ACL" when running the "Oauth and OpenID Connect Provider configuration" Comments [0]	Feeds Content Feed Comment Feed Recent Entries OAuth and OpenID Connect Add a header X-LConn-User IBM Cloud Private install Synology TFTP server for Letsencrypt certificates Recent Comments Orient-Me pods Domino 9 setup for Sameti Server ID stored in Domin Let’s encrypt TLS c Let’s encrypt TLS c Archives October 2018 (1) August 2018 (1) July 2018 (3) June 2018 (3) May 2018 (1) January 2018 (2) December 2017 (1) November 2017 (1) June 2017 (2) April 2017 (2) October 2016 (1) September 2016 (1) June 2016 (2) May 2016 (1) April 2016 (1) December 2015 (1) September 2015 (1) May 2015 (1) March 2015 (2) December 2014 (2) August 2014 (3) March 2014 (1) February 2014 (3) January 2014 (15) December 2013 (1) September 2013 (2) June 2013 (1) May 2013 (2) April 2013 (1) January 2013 (3) December 2012 (4) November 2012 (1) More information Socialize Me The Sametime Blog Thoughts on Web Content Manager from Level 2 Support Social Collaboration by Vincent Perrin A fortune in tuppence A Portal to a Portal Ora et Collabora Urs-o--Log Michael Urspringer’s wiki on connections Roberto Boccadoro’s blog Social IBM’er