Ubisecure Password application is included in the Ubisecure SSO installation package. During a standard installation the software is partially installed. The application is not ready for use without explicit activation and further configuration.
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
<context-param> <param-name>mail.smtp.host</param-name> <param-value>smtp-gw.example.com</param-value> </context-param> <context-param> <param-name>mail.smtp.from</param-name> <param-value>password@example.com</param-value> </context-param> |
OR
If the SMTP server requires further values, such as authentication credentials, configure tomcat server mail/Session ( ubilogin -sso\ubilogin\config\tomcat\conf\context.xml ) like below. (In this case, the configuration instruction above can be ignored).
| Code Block | ||||
|---|---|---|---|---|
| ||||
<?xml version='1.0' encoding='utf-8'?> <Context reloadable="false" useHttpOnly="true" swallowOutput="true"> <Manager pathname="" /> <Resource name="mail/Session" auth="Container" type="javax.mail.Session" mail.smtp.host="host" mail.from="example@example.com" mail.user="example" mail.smtp.port="465" mail.smtp.auth="true" mail.smtp.user="example" password="password" mail.smtp.starttls.enable="true" mail.smtp.socketFactory.class="javax.net.ssl.SSLSocketFactory"/> </Context> |
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
<context-param>
<param-name>mail-session</param-name>
<param-value>mail/Session</param-value>
</context-param>
<resource-ref>
<res-ref-name>mail/Session</res-ref-name>
<res-type>javax.mail.Session</res-type>
<res-auth>Container</res-auth>
</resource-ref> |
As an optional step, you can enable debug logging following the instructions in Password application logging.
Let user define password during password reset
...
The password change application is found at the address: https://idp.example.com/password/change
NOTE that if a returnurl is provided as a query parameter, a Cancel button redirecting to that URL is displayed on the page like illustrated in Figure 5.
|
|---|
| Figure 5. Password reset |
Selecting the authentication method
...
The password application uses the same CSS style templates that are defined in SSO Server. If the user transfers to the password application during logon, the template selection will be handled by SSO, but if it's required to transfer the user from another application, it is necessary to provide the used template as a query string parameter, called template. Refer to Templates - SSO for details of how to define and create user interface templates.
...
Use the above links within user applications, or include links to these activities from the login UI. Instructions for adding links to the login UI are found in Login screens - SSO .
| Figure 6. Example links added to login UI help box |
...
LDAPS should always be used for the connection to the user repository where a password reset is done.
See Configuring the connection for basic LDAP integration - SSO for LDAP connection configuration.