Ubisecure Password is a web application that provides a user interface for changing and resetting a password. It is included in the Ubisecure SSO Server installation package and needs to be activated. Ubisecure Password uses the same database configuration as the SQL authentication method above. Please make sure that the SQL authentication method works before proceeding to Ubisecure Password installation.

Ubisecure Password SP Activation

First install the UAS SAML metadata by selecting the [SAML 2.0] link on the Ubisecure Server Management front page. Save the metadata file in the directory
ubilogin-sso/ubilogin/webapps/password/WEB-INF/saml2/sp/metadata.

...

ubilogin-sso> java/bin/java -jar ubilogin/webapps/password/WEB-INF/lib/ubisaml2.jar Generate https://idp.example.com/password/spsso -y -o ubilogin/webapps/password/WEB-INF/saml2/sp
ubilogin-sso> java/bin/java -jar ubilogin/webapps/password/WEB-INF/lib/ubisaml2.jar Metadata ubilogin/webapps/password/WEB-INF/saml2/sp -f password.xml

...

In Ubisecure Server Management, select System → Password → Applications → Password → Activate. Then upload the generated ubilogin-sso/password.xml file.

Configure Mail Settings

Ubisecure Password uses email when performing the password reset functionality. Mail settings need to be configured to the ubilogin-sso/ubilogin/webapps/password/WEB-INF/web.xml file. Uncomment the context-param elements that contain mail.smtp.host and mail.smtp.from param-names. Edit the param-values according to your environment.

    <context-param>
        <param-name>mail.smtp.host</param-name>
        <param-value>smtp-gw.example.com</param-value>
    </context-param>
    <context-param>
        <param-name>mail.smtp.from</param-name>
        <param-value>password@example.com</param-value>
    </context-param>

Enable Access to Ubisecure Password

• In Ubisecure Server Management, navigate to Password site:select System → Password
• Add the password.sql.1 authentication method to the site: select Site Methods → Add… → password.sql.1 → OK
• Add password.sql.1 to the Password Users group:select Groups → Password Users → Allowed Methods → password.sql.1 → Update
• Enable password.sql.1 authentication method for Password web application: select the site Password → Applications → Password → Allowed Methods → password.sql.1 → Update

Enable Password Web Application

The Password application is disabled by default. To enable it, edit ubilogin-sso\ubilogin\config\tomcat\conf\server.xml

copy C:\Program Files\Ubisecure\ubilogin-sso\ubilogin\config\tomcat\conf\server.xml C:\Program Files\Ubisecure\ubilogin-sso\ubilogin\custom\tomcat
C:\Program Files\Ubisecure\ubilogin-sso\ubilogin\custom\tomcat>notepad server.xml 
Uncomment <Context path="/password" docBase="${catalina.base}/webapps/password"/> by copying it above <!-- sign
as its in the list of not used applications by default
<!--
<Context path="/cdc" docBase="${catalina.base}/webapps/cdc"/>
<Context path="/password" docBase="${catalina.base}/webapps/password"/>
<Context path="/otpserver" docBase="${catalina.base}/webapps/otpserver"/>
-->

...

cp /usr/local/ubisecure/ubilogin-sso/ubilogin/config/tomcat/conf/server.xml /usr/local/ubisecure/ubilogin-sso/ubilogin/custom/tomcat 
/usr/local/ubisecure/ubilogin-sso/ubilogin/custom/tomcat/>vi server.xml 
Uncomment <Context path="/password" docBase="${catalina.base}/webapps/password"/> by copying it above <!-- sign
as its in the list of not used applications by default
<!--
<Context path="/cdc" docBase="${catalina.base}/webapps/cdc"/>
<Context path="/password" docBase="${catalina.base}/webapps/password"/>
<Context path="/otpserver" docBase="${catalina.base}/webapps/otpserver"/>
-->

...

C:\Program Files\Ubisecure\ubilogin-sso\ubilogin> config\tomcat\update.cmd

...

/usr/local/ubisecure/ubilogin-sso/ubilogin# /etc/init.d/ubilogin-server stop
/usr/local/ubisecure/ubilogin-sso/ubilogin# ./config/tomcat/update.sh
/usr/local/ubisecure/ubilogin-sso/ubilogin# /etc/init.d/ubilogin-server start

...