How to change Basic Authentication to forms authentication
search cancel

How to change Basic Authentication to forms authentication

book

Article ID: 140194

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal CA Identity Suite

Issue/Introduction

How to protect the Identity Portal admin UI with Siteminder form based authentication.

Environment

Release : 14.2

Component : SIGMA-Identity Suite

Resolution

To configure the protection of the IP admin console, the jboss security constraint needs to be disabled in the sigma.war file.

Edit the file sigma.war/WEB-INF/web.xml.At the bottom of the file comment out the entire security constraint.

 

 <!--

  <security-constraint>

    <web-resource-collection>

      <web-resource-name>SIGMAAdminUI</web-resource-name>

      <url-pattern>/admin/*</url-pattern>

      <url-pattern>/rest/admin/*</url-pattern>

    </web-resource-collection>

    <auth-constraint>

      <role-name>SigmaAdministrators</role-name>

    </auth-constraint>

    <user-data-constraint>

      <transport-guarantee>NONE</transport-guarantee>

    </user-data-constraint>

  </security-constraint>

  <login-config>

    <auth-method>BASIC</auth-method>

    <realm-name>SIGMA</realm-name>

  </login-config>

  <security-role>

    <role-name>SigmaAdministrators</role-name>

  </security-role>

 -->

 

After making the above change, make sure you have the /sigma realm defined in the siteminder domain. 

Next, make sure you defined a form for the sigma/app realm. 

Basically, once you have the realms for /sigma and the form configured

Once the above is configured, trying to access the /sigma/admin will provide your specified form for authentication.