search cancel

How to Configure Service Catalog for NTLM (SSO)?

book

Article ID: 54065

calendar_today

Updated On:

Products

CA IT Asset Manager CA Software Asset Manager (CA SAM) ASSET PORTFOLIO MGMT- SERVER Service Accounting SERVICE ASSURE CA Service Catalog CA Service Management - Service Desk Manager CA Unicenter NSM

Issue/Introduction

Description:

This technical document outlines the procedure to configure Service Catalog for NTLM (single sign-on).

Solution:

In order to configure Catalog and Tomcat for NTLM:

  1. Confirm the EEM server has joined the appropriate Windows domain.

  2. Confirm the appropriate users exist in the active directory as well as in Service Catalog.

  3. Confirm Inernet Explorer Enhanced Security Configuration is not checked within Add/Remove Windows Components.

    <Please see attached file for image>

    Figure 1

  4. Change any shortcuts to utilize http://<hostname>:<port> instead of http://<hostname>:<port>/usm/wpf

  5. On each View server, edit %USM_HOME%\view\webapps\ROOT\index.html

    <Please see attached file for image>

    Figure 2

  6. Edit %USM_HOME%\view\webapps\usm\WEB-INF\web.xml
    <!-- USM NtlmAuthFilter  --> <!--  Uncomment <filter>  <filter-name>NtlmAuthFilter</filter-name>  <filter-class>com.ca.usm.httpfilter.NtlmAuthenticationFilter</filter-class>  <init-param>   <param-name>eiamBackendHost</param-name>   <param-value>lod0026</param-value>  </init-param>  <init-param>   <param-name>eiamApplication</param-name>   <param-value>Service Delivery</param-value>  </init-param>  <init-param>   <param-name>eiamCertFile</param-name>   <param-value>C:/Program Files/CA/Unicenter Service Delivery/USMcertfile.p12</param-value>  </init-param>  <init-param>   <param-name>eiamMaskedPassword</param-name>   <param-value>BQ5waHJzXjgJHAUDeGMBCgYAfQV9JhUOZ3FzcBYYM3VTAFIVDndXZnt0JBc=</param-value>  </init-param>  <init-param>   <param-name>bypassNodes</param-name>   <param-value>icguinode.login,icguinode.logout,iclaunchpad.launch,   icguinode.changepwdlockout,icguinode.lockout</param-value>  </init-param>  <init-param>   <param-name>failbackLoginPage</param-name>   <param-value>wpf?Node=icguinode.login</param-value>  </init-param>  <init-param>   <param-name>defaultLaunchNode</param-name>   <param-value>iclaunchpad.launch</param-value>  </init-param> </filter> -->  Uncomment  <!-- USM NtlmAuthFilter - mapping --> <!-- Uncomment <filter-mapping>  <filter-name>NtlmAuthFilter</filter-name>  <url-pattern>/wpf/*</url-pattern> </filter-mapping> <filter-mapping>  <filter-name>NtlmAuthFilter</filter-name>  <url-pattern>/uslm/*</url-pattern> </filter-mapping> <filter-mapping>  <filter-name>NtlmAuthFilter</filter-name>  <url-pattern>/assure/*</url-pattern> </filter-mapping> <filter-mapping>  <filter-name>NtlmAuthFilter</filter-name>  <url-pattern>/documents/*</url-pattern> </filter-mapping> -->  Uncomment
  7. Recycle Unicenter Service View service.

Environment

Release:
Component: USVCT

Attachments

1558713879965000054065_sktwi1f5rjvs16t8i.gif get_app
1558713877714000054065_sktwi1f5rjvs16t8h.gif get_app
Powered by Wolken Software