Skip to main content
Skip table of contents

ForgeRock, inWebo ForgeRock AM Custom Module integration

These plugins support the OTP and Push functions of inWebo authentication only.

With regard to the Helium and VA authentication modes, it is also possible to integrate other authentication modes, but further developments are needed for this integration.

Requirements

  1. ForgeRock AM 5.5.1 or 6.0.0

  2. Tomcat 8

  3. OpenJDK 1.8

Building from Source

BASH 
$ git clone https://github.com/inwebo-tech/plugin-forgerock-am.git
$ cd plugin-forgerock-am 
$ ./mvnw clean package

Installation:

  1. Installation inWebo Otp Authenticator Plugin

  2. Installation inWebo Push Authenticator Plugin

⚠️ If you want to install both plugins, be sure to use the same version for the plugins.


1. Installation inWebo Otp Authenticator Plugin

inWebo service configuration:

  1. Log in to the inWebo administration console.

  2. Navigate to the appropriate service view.

  3. Go to Secure Sites and click on the Download a new certificate for the API button.

  4. Remember to set the Certificate Authentication option to Yes

    myInWeboConfig

  5. Synchronize your forgerock-am login with inWebo login.

Installation:

  1. Copy resource:

    BASH 
    $ sudo unzip iw-forgerock-am-otp-*.zip -d /tmp/forgerock-am-opt
$ sudo cp /tmp/forgerock-am-opt/edit-webapp/WEB-INF/lib/iw-forgerock-am-otp-*.jar /path/to/tomcat/webapps/openam/WEB-INF/lib/
$ sudo cp /tmp/forgerock-am-opt/edit-webapp/WEB-INF/lib/idp-connector-auth-repackage-1.0.0.jar /path/to/tomcat/webapps/openam/WEB-INF/lib/
    CODE 
    $body

  2. restart tomcat.

Configuration:

  1. Go to Admin Console and log in as amadmin.

  2. Navigate to {REALM}->Authentification->Modules.

  3. Add new module with inWebo OTP Authenticator Type. 

    add new module

    config new module

    To test config go to http(s)://{OPENAM_HOST}/openam/XUI/#login/&module=inWeboOtpTest 
    XUI Login Page

2. Installation inWebo Push Authenticator Plugin

inWebo service configuration:

  1. Log in to the inWebo administration console.

  2. Navigate to the appropriate service view.

  3. Go to Secure Sites and click on the Download a new certificate for the API button.

  4. Remember to set the Certificate Authentication option to Yes.

    myInWeboConfig

  5. Synchronize your forgerock-am login with inWebo login.

Installation:

  1. Copy resource:

    BASH 
    $ sudo unzip iw-forgerock-am-push-*.zip -d /tmp/forgerock-am-push
$ sudo cp /tmp/forgerock-am-push/edit-webapp/WEB-INF/lib/iw-forgerock-am-push-*.jar /path/to/tomcat/webapps/openam/WEB-INF/lib/
$ sudo cp /tmp/forgerock-am-push/edit-webapp/WEB-INF/lib/idp-connector-auth-repackage-1.0.0.jar /path/to/tomcat/webapps/openam/WEB-INF/lib/
    CODE 
    $body

  2. restart tomcat.

Configuration:

  1. Go to Admin Console and log in as amadmin.

  2. Navigate to {REALM}->Authentification->Modules.

  3. Add new module with inWebo OTP Authenticator Type. 

    add new module

    config new module

  4. To test config go to http(s)://{OPENAM_HOST}/openam/XUI/#login/&module=inWeboPushTest 

    XUI Login Page

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close