I developed a custom authentication module in OpenAM, and when user logins with this module.
I have to set "User Profile" to be ignored
for a successful login. Otherwise it fails with error User Requires Profile to Login
OpenAM is correct because the logged-user does not exist in its OpenDJ datastore.
My question is:
How to create the profile dynamically on login?
It should be done in auth module or post-auth module? Do I need write to OpenDJ datastore directly? or is there some helper class to do this?
Thanks in advance
It's possible to let OpenAM dynamically create user accounts if the user profile doesn't already exist in the configured data stores. To do so, you'll need to change the User Profile mode to Dynamic (see picture above).
If you want to control the attributes used to populate the freshly created user, then you will need to call #setUserAttributes with a Map<String, Set<String>> in AMLoginModule, and those values will be obeyed. The username used by OpenAM will be the name that you return in the #getPrincipal method.