How to protect the Identity Portal admin UI with Siteminder form based authentication.
Release : 14.2
Component : SIGMA-Identity Suite
To configure the protection of the IP admin console, the jboss security constraint needs to be disabled in the sigma.war file.
Edit the file sigma.war/WEB-INF/web.xml.At the bottom of the file comment out the entire security constraint.
<!--
<security-constraint>
<web-resource-collection>
<web-resource-name>SIGMAAdminUI</web-resource-name>
<url-pattern>/admin/*</url-pattern>
<url-pattern>/rest/admin/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>SigmaAdministrators</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>SIGMA</realm-name>
</login-config>
<security-role>
<role-name>SigmaAdministrators</role-name>
</security-role>
-->
After making the above change, make sure you have the /sigma realm defined in the siteminder domain.
Next, make sure you defined a form for the sigma/app realm.
Basically, once you have the realms for /sigma and the form configured
Once the above is configured, trying to access the /sigma/admin will provide your specified form for authentication.