Ubisecure Password application is included in the Ubisecure SSO installation package. During a standard installation the software is partially installed. The application is not ready for use without explicit activation and further configuration.
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
<context-param> <param-name>mail.smtp.host</param-name> <param-value>smtp-gw.example.com</param-value> </context-param> <context-param> <param-name>mail.smtp.from</param-name> <param-value>password@example.com</param-value> </context-param> |
OR
If the SMTP server requires further values, such as authentication credentials, configure tomcat server mail/Session ( ubilogin -sso\ubilogin\config\tomcat\conf\context.xml ) like below. (In this case, the configuration instruction above can be ignored).
| Code Block | ||||
|---|---|---|---|---|
| ||||
<?xml version='1.0' encoding='utf-8'?> <Context reloadable="false" useHttpOnly="true" swallowOutput="true"> <Manager pathname="" /> <Resource name="mail/Session" auth="Container" type="javax.mail.Session" mail.smtp.host="host" mail.from="example@example.com" mail.user="example" mail.smtp.port="465" mail.smtp.auth="true" mail.smtp.user="example" password="password" mail.smtp.starttls.enable="true" mail.smtp.socketFactory.class="javax.net.ssl.SSLSocketFactory"/> </Context> |
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
<context-param>
<param-name>mail-session</param-name>
<param-value>mail/Session</param-value>
</context-param>
<resource-ref>
<res-ref-name>mail/Session</res-ref-name>
<res-type>javax.mail.Session</res-type>
<res-auth>Container</res-auth>
</resource-ref> |
As an optional step, you can enable debug logging following the instructions in Password application logging.
Let user define password during password reset
...
Install the service provider metadata of saml.ap.password-reset authentication method by selecting the [Download Metadata] link on the SAML management page of the method. To navigate there select Home → Global Method Settings → saml.ap.password-reset → SAML. Save the metadata file in the directory ubilogin-sso/ubilogin/webapps/password/WEB-INF/saml2/ap/metadata .
Create a href file with a same name as the xml file in the same folder and insert following as its contents with correct values for entityId and url. For example, for metadata.xml the href file must be named metadata.href.
...
In SSO Management, select Home → Global Method Settings → saml.ap.password-reset → SAML → Upload. Then upload the generated ubilogin-sso/saml.ap.password-reset.xml file.
Allow authentication injection on a password method for saml.ap.password-reset
...
The password change application is found at the address: https://idp.example.com/password/change
Additional Information: If a returnurl is provided as a query parameter, a Cancel button redirecting to that URL is displayed on the page like illustrated in Figure 5.
https://idp.example.com/password/reset?returnUrl=https://myApplication/home
|
|---|
| Figure 5. Password reset |
Selecting the authentication method
...
Ubisecure Password application uses email when performing the password reset functionality. Mail settings need to be configured to the ubilogin-sso/ubilogin/webapps/password/WEB-INF/web.xml file. Uncomment the context-param elements that contain mail.smtp.host and mail.smtp.from param-names. Edit the param-values according to your environment.
...