{"id":24649125,"url":"https://github.com/ow2-proactive/iam","last_synced_at":"2026-04-17T19:02:13.428Z","repository":{"id":127986658,"uuid":"128741240","full_name":"ow2-proactive/iam","owner":"ow2-proactive","description":null,"archived":false,"fork":false,"pushed_at":"2019-02-06T18:50:31.000Z","size":185,"stargazers_count":0,"open_issues_count":0,"forks_count":1,"subscribers_count":18,"default_branch":"master","last_synced_at":"2025-03-20T19:09:55.521Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ow2-proactive.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-04-09T08:42:33.000Z","updated_at":"2019-02-06T18:50:34.000Z","dependencies_parsed_at":null,"dependency_job_id":"fb6956cb-5823-4d50-886e-e65673db572c","html_url":"https://github.com/ow2-proactive/iam","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/ow2-proactive/iam","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ow2-proactive%2Fiam","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ow2-proactive%2Fiam/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ow2-proactive%2Fiam/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ow2-proactive%2Fiam/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ow2-proactive","download_url":"https://codeload.github.com/ow2-proactive/iam/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ow2-proactive%2Fiam/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31941845,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-17T17:29:20.459Z","status":"ssl_error","status_checked_at":"2026-04-17T17:28:47.801Z","response_time":62,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-01-25T17:15:52.053Z","updated_at":"2026-04-17T19:02:13.416Z","avatar_url":"https://github.com/ow2-proactive.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"IAM\n============================\n![N|Solid](https://try.activeeon.com/assets/image/proactive-arrow-150.png)\n\nProActive IAM (Identitiy and Access Management) microservice, built on top of CAS (Centralized Authentication Service).\n(see https://www.apereo.org/projects/cas and https://github.com/apereo/cas).\n\n## Versions\n* IAM `8.3.0-SNAPSHOT`\n* CAS `5.3.2`\n\n## Requirements\n\n* JDK 1.8+\n\n## Configuration\n\nIAM is built as a Spring boot application (using the CAS gradle overlay). The main configuration file `application.properties` is located under the `cas` module, in `src/main/resources`. Further configuration files are located under the directory `src/main/resources/config/iam` .\n\n## Extra packages\n\nIn addition to CAS, IAM microservice implements an embedded LDAP server based on Apache Directory Server (http://directory.apache.org/apacheds/). This LDAP server is used as the default identity backend of CAS. The configuration properties of the embedded LDAP server are in the configuration file `application.properties`, whereas the identities are stored in  `src/main/resources/config/iam/ldap/identities.ldif`.\n\n## Build\nTo build the IAM application:\n```bash\n./gradlew clean build\n```\n\n## Run\nRun IAM in the dev environment using gradle:\n```bash\n./gradlew run\n```\n\nOr:\n\n## Executable WAR\nIAM uses the notion of Spring Boot profiles to run (as an executable WAR) in different environments:\n\n* Get the executable war file built under `cas/build/libs/iam-xx.war`\n* Run IAM using the default profile:\n```bash\njava -jar iam-xx.war\n```\nWhen using the default profile, IAM uses the configuration file `WEB-INF/classes/application-default.properties` located in the jar archive.  The remaining configuration files are provided under `WEB-INF/classes/config/iam/`\n\n\n* Run IAM using ProActive profile:\n```bash\njava -Dpa.scheduler.home=${path_to_scheduler_home} -jar iam-xx.war --spring.profiles.active=proactive  --spring.config.location=${path_to_scheduler_home}/config/iam/application-proactive.properties\n```\nWhen using the proactive profile, IAM uses the configuration file indicated by the parameter `--spring.config.location`.  The remaining configuration files are provided under `${path_to_scheduler_home}/config/iam/`.\n\n\n* On a successful execution of the above methods, IAM will be available at the address defined by the property `cas.server.prefix` in the configuration file `application.properties`, by default it starts at:\n  * `https://localhost:8444/iam`\n\n* Access the IAM microservice using the credentials :\n  * login: admin\n  * password: admin\n\n* Further credentials can be found in the file `src/main/resources/config/iam/identities.ldif` (under the `cas` module).\n\n## Customize the configuration properties\n\nYou can edit and change one or more properties of your choice, For instance:\n\n* iam.ldap.host=localhost_or_$hostname\n* iam.ldap.port=11389_or_another_port\n* iam.ldap.identities.file= some_absolute_path_to_identities.ldif\n* In the ldif file you can add another user by adding the corresponding block. For instance:\n```\ndn: uid=toto,ou=users,dc=activeeon,dc=com\ncn: toto\ngivenName: toto\nsn: toto\nuid: toto\nuserpassword: {SHA}N/omUzCtg+qoee+x4ttjgIls9jk=\nrole: user\nobjectClass: inetOrgPerson\nobjectClass: organizationalPerson\nobjectClass: extensibleObject\n```\nN.B. keep a blank line before and after this block (as for the other users)\n\n* server.context-path=/iam_or_another_context\n* server.port=8444_or_another_port\n* cas.host.name: localhost_or_$hostname\n* Check that the ports you chosen are not used. In linux, you can use 'lsof -i :port' and in Windows 'netstat -a -n -o | findstr :port'. These commands return nothing when the port is not used.\n\n## Change the SSL Certificate\n\nIAM uses a SSL certificate to secure its communications. The default certificate is located under `src/main/resources/config/iam/cas/keystore` (under the `cas` module). To generate a new certificate, use this command:\n\n```bash\nsudo keytool -genkeypair -keysize 2048 -alias ${keyStoreAlias} -keyalg RSA -keypass ${keyPass} -keystore ${keyStoreName} -storepass ${keyStorePass}`\n```\nN.B.: The CN of the generated certificate (the first param asked for) MUST be the same as the parameter `cas.host.name`, which means: localhost or the hostname.\n\n*   Put the new certificate in some accessible location of your choice\n*   Edit the following properties with respect to the generated SSL certificate:\n *   server.ssl.key-store=$absolute_path/keyStoreName\n *   server.ssl.key-store-password=$keyStorePass\n *   server.ssl.key-password=$keyPass\n *   cas.authn.pac4j.saml[0].keystorePath=$absolute_path/keyStoreName\n *   cas.authn.pac4j.saml[0].keystorePassword=$keyStorePass\n *   cas.authn.pac4j.saml[0].privateKeyPassword=$keyPass\n\nN.B.: IAM must be restarted to load the new certificate.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fow2-proactive%2Fiam","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fow2-proactive%2Fiam","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fow2-proactive%2Fiam/lists"}