ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

How can I encrypt password for Administrative Users in SiteMinder WAM UI?

book

Article ID: 53327

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

Description

We implemented the Set User Password field in our main Query scheme so that it will now allow us to encrypt passwords in our User Store.

But, any WAM UI Admin account which has the password reset via the user admin tool (and thus password encrypted) fails to log in.

I suspect the WAMUI user Authentication is doing a compare of the submitted password to the hashed (and stored in the database) password, which since they are different, causes a login to fail.

How do I set it so WAM UI uses the same basic process of comparing a hash of the submitted password to the hashed value in SQL?

Solution

WAM UI uses a custom authentication module and it cannot be modified.

In order to support encrypted passwords with WAM UI, an EncryptFunction("PasswordSupplied") method must have a Java implementation and use that in the custom authentication module.

Since the product is working as designed therefore this would be an enhancement request.

Environment

Release:
Component: SMPLC