The authentication_service module provides a framework for integrating remote authentication services into Drupal. When a user attempts to log in they are authenticated against the remote service; if they do not yet have a local user account one is created for them.
OpenAM and Drupal plugins are included, but it is extensible to other authentication mechanisms (OpenId, Oauth, etc.)
This module was developed by Capgemini UK, and is a work in progress.
Configuration settings are available at Configuration >> System >> Authentication service.
Here you can activate the plugins you want to use. If more than one plugin is active, the system will fall through them until it finds a successful login.
Each plugin has a separate tab with plugin-specific settings.
Cache expiry is the maximum length of time attributes pulled from the server are cached. (Only the user's email address is currently used by this module, but all available attributes are cached.)
OpenAM plugin settings are available at Configuration >> System >> Authentication service >> OpenAM.
Enter the base URI for connecting to the OpenAM server. (The trailing slash is REQUIRED.)
Communication with the server is done via JSON.
Ignore SSL certificate errors
Do not enable this unless you are absolutely sure you know what you are doing.