Ubisecure Password application is included in the Ubisecure SSO installation package. During a standard installation the software is partially installed. The application is not ready for use without explicit activation and further configuration.
...
Code Block | ||||
---|---|---|---|---|
| ||||
<context-param> <param-name>mail.smtp.host</param-name> <param-value>smtp-gw.example.com</param-value> </context-param> <context-param> <param-name>mail.smtp.from</param-name> <param-value>password@example.com</param-value> </context-param> |
OR
If the SMTP server requires further values, such as authentication credentials, configure tomcat server mail/Session ( ubilogin -sso\ubilogin\config\tomcat\conf\context.xml
) like below. (In this case, the configuration instruction above can be ignored).
Code Block | ||||
---|---|---|---|---|
| ||||
<?xml version='1.0' encoding='utf-8'?> <Context reloadable="false" useHttpOnly="true" swallowOutput="true"> <Manager pathname="" /> <Resource name="mail/Session" auth="Container" type="javax.mail.Session" mail.smtp.host="host" mail.from="example@example.com" mail.user="example" mail.smtp.port="465" mail.smtp.auth="true" mail.smtp.user="example" password="password" mail.smtp.starttls.enable="true" mail.smtp.socketFactory.class="javax.net.ssl.SSLSocketFactory"/> </Context> |
...
Code Block | ||||
---|---|---|---|---|
| ||||
<context-param> <param-name>mail-session</param-name> <param-value>mail/Session</param-value> </context-param> <resource-ref> <res-ref-name>mail/Session</res-ref-name> <res-type>javax.mail.Session</res-type> <res-auth>Container</res-auth> </resource-ref> |
As an optional step, you can enable debug logging following the instructions in Password application logging.
Let user define password during password reset
...
Install the service provider metadata of saml.ap.password-reset
authentication method by selecting the [Download Metadata] link on the SAML management page of the method. To navigate there select Home → Global Method Settings → saml.ap.password-reset → SAML. Save the metadata file in the directory ubilogin-sso/ubilogin/webapps/password/WEB-INF/saml2/ap/metadata .
Create a href file with a same name as the xml file in the same folder and insert following as its contents with correct values for entityId
and url
. For example, for metadata.xml
the href file must be named metadata.href
.
...
In SSO Management, select Home → Global Method Settings → saml.ap.password-reset → SAML → Upload. Then upload the generated ubilogin-sso/saml.ap.password-reset.xml file.
Allow authentication injection on a password method for saml.ap.password-reset
...
The password change application is found at the address: https://idp.example.com/password/change
Additional Information: If a returnurl
is provided as a query parameter, a Cancel button redirecting to that URL is displayed on the page like illustrated in Figure 5.
https://idp.example.com/password/reset?returnUrl=https://myApplication/home
Figure 5. Password reset |
Selecting the authentication method
...
Ubisecure Password application uses email when performing the password reset functionality. Mail settings need to be configured to the ubilogin-sso/ubilogin/webapps/password/WEB-INF/web.xml file. Uncomment the context-param elements that contain mail.smtp.host and mail.smtp.from param-names. Edit the param-values according to your environment.
...