From d41b230a03c4506e21eddeba75cc0f0840d75817 Mon Sep 17 00:00:00 2001
From: Gaetan Boismal <gaetan.boismal@forgerock.com>
Date: Wed, 08 Jun 2016 14:37:08 +0000
Subject: [PATCH] OPENDJ-3068 Make RFC7662 OAuth2 resolver work with OpenAM OOTB

---
 opendj-rest2ldap-servlet/src/main/webapp/WEB-INF/classes/opendj-rest2ldap-config.json |    2 +-
 opendj-server-legacy/resource/config/config.ldif                                      |    2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/opendj-rest2ldap-servlet/src/main/webapp/WEB-INF/classes/opendj-rest2ldap-config.json b/opendj-rest2ldap-servlet/src/main/webapp/WEB-INF/classes/opendj-rest2ldap-config.json
index 0bdfb06..d1b9bbc 100644
--- a/opendj-rest2ldap-servlet/src/main/webapp/WEB-INF/classes/opendj-rest2ldap-config.json
+++ b/opendj-rest2ldap-servlet/src/main/webapp/WEB-INF/classes/opendj-rest2ldap-config.json
@@ -200,7 +200,7 @@
             "rfc7662": {
                 // Defines the token introspection endpoint URL where the request should be sent.
                 // This attribute is required and must have a string syntax.
-                "endpointURL": "http:/example.com/introspect",
+                "endpointURL": "http://openam.example.com:8080/openam/oauth2/myrealm/introspect",
 
 				// Token introspect endpoint requires authentication.
 				// It should support HTTP basic authorization (a base64-encoded string of clientId:clientSecret)
diff --git a/opendj-server-legacy/resource/config/config.ldif b/opendj-server-legacy/resource/config/config.ldif
index a6f4deb..9fe9d3f 100644
--- a/opendj-server-legacy/resource/config/config.ldif
+++ b/opendj-server-legacy/resource/config/config.ldif
@@ -456,7 +456,7 @@
 cn: HTTP OAuth2 Token Introspection (RFC7662)
 ds-cfg-java-class: org.opends.server.protocols.http.authz.HttpOAuth2TokenIntrospectionAuthorizationMechanism
 ds-cfg-enabled: false
-ds-cfg-oauth2-token-introspection-url: http://openam.example.com:8080/oauth2/myrealm/introspect
+ds-cfg-oauth2-token-introspection-url: http://openam.example.com:8080/openam/oauth2/myrealm/introspect
 ds-cfg-oauth2-token-introspection-client-id: directoryserver 
 ds-cfg-oauth2-token-introspection-client-secret: secret
 ds-cfg-oauth2-authzid-json-pointer: sub

--
Gitblit v1.10.0