Two clients in a row now... where I had to go back and manually edit
ism-configuration.properties after using configupdate, to fix things
configupdate broke.

First has to do with trying to NOT set a port on the OAuth URL. If you
are using https://someurl.somename.com:443/sspr, every browser worth
anything will strip out the :443 before sending the URL. So, you have to
tell OAuth to respond to what the browser sends, not what the user
types. i.e. no port. Ok folks, I know 443 is below 1024... we are
redirecting 443 to 8443 via iptables, which does not modify the URL, so
I know 443 is not actually the way into UA, but it is the URL sent by
the browser. Problem is, configupdate will NOT allow you to leave the
port blank, you must enter a port number. So I do, then go back and
remove it from the 3 settings based on that entry by manually editing
ism-configuration.properties.

Second has to do with not using /IDMProv for your application context.
You can set your path when you install it. Nobody says you MUST use
/IDMProv. Problem is, there are quite a few places where IDMProv is
hardcoded inside WAR files (thou shalt not edit WAR files lest ye
invalidate your support). Also, configupdate always rewrites the
portal.context value to IDMProv. What happens if you decide to run UA
at /timbuktu instead of /IDMProv?

These, and other issues, are in Bug #1002013, in case anybody is
interested.

Me, for now, I have to say I cannot use configupdate. Since I have to
edit the file manually after using it, might as well just edit the file.


--
tse7147
------------------------------------------------------------------------
tse7147's Profile: https://forums.netiq.com/member.php?userid=466
View this thread: https://forums.netiq.com/showthread.php?t=57382