...
Figure 1. Password Reset Application |
Password Properties
The Ubisecure Password web application has some properties that need to be defined to the ubilogin-sso/ubilogin/webapps/password/WEB-INF/password.properties
file.
Code Block | ||||||
---|---|---|---|---|---|---|
| ||||||
# authentication method name com.ubisecure.ubilogin.password.method = password.external.1 # for ldap directory method specifies path to ldap connection properties directory.jndi.properties = C:/Program Files/Ubisecure/ubilogin-sso/ubilogin/custom/jndi1.properties |
Ubisecure Password SP Activation
First install the UAS SAML metadata by selecting the [SAML 2.0] link on the Ubisecure Server Management front page. Save the metadata file in the directory
ubilogin-sso/ubilogin/webapps/password/WEB-INF/saml2/sp/metadata.
...
Figure 3. Select Activate to upload SAML Metadata of the Password application |
Configure Mail Settings
Ubisecure Password uses email when performing the password reset functionality. Mail settings need to be configured to the ubilogin-sso/ubilogin/webapps/password/WEB-INF/web.xml
file. Uncomment the context-param elements that contain mail.smtp.host and mail.smtp.from param-names. Edit the param-values according to your environment.
Code Block | ||||||
---|---|---|---|---|---|---|
| ||||||
<context-param> <param-name>mail.smtp.host</param-name> <param-value>smtp-gw.example.com</param-value> </context-param> <context-param> <param-name>mail.smtp.from</param-name> <param-value>password@example.com</param-value> </context-param> |
Enable Access to Ubisecure Password
- In Ubisecure Server Management, navigate to the Password site:select System → Password
- Add the password.external.1 authentication method to the site: select Site Methods → Add… → password.external.1 → OK
- Add external directory users to the Password Users group by using the dynamic members functionality (The following configuration is just an example. You will probably have a more detailed definition for the included users):
...
- Server: ldaps://pdc.example.com/
- Distinguished Name: dc=example,dc=com
- Attributes: <empty>
- Scope: sub
- Filter: (objectClass=person)
- Extensions: <empty>
- Enable password.external.1 authentication method for the Password web application : select the site Password → Applications → Password → Allowed Methods → password.external.1 → Update
Enable Password Web Application
Remove the file ubilogin-sso/tomcat/conf/Ubilogin/idp.example.com/password.xml
. Then run update the update:
...