Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Ubisecure CustomerID uses the same Ubisecure Directory as Ubisecure SSO. For this reason, Ubisecure CustomerID needs some of the configuration details from the Ubisecure SSO setup. This chapter describes how this information can be added to the Ubisecure CustomerID configuration.

The other properties can be adjusted according to the needs of the specific installation environment.

Create a copy of the Ubisecure CustomerID configuration template:

cd /D "%PROGRAMFILES%\Ubisecure\customerid\application"
copy config\win32.config 

Copy entries from Ubisecure SSO configuration file to Ubisecure CustomerID configuration file:

  1. Open the Ubisecure CustomerID win32.config file for editing: 

    notepad %PROGRAMFILES%\Ubisecure\customerid\application\win32.config
  2. Open the Ubisecure SSO win32.config file: 

    notepad %PROGRAMFILES%\Ubisecure\ubilogin-sso\ubilogin\win32.config
  3. Copy the following values from Ubisecure SSO win32.config file to the Ubisecure CustomerID win32.config file:

    From: Ubisecure SSO

    To: Ubisecure CustomerID

    master.secret

    master.secret

    uas.url

    uas.url

    ldap.url

    ldap.url

    suffix

    ldap.suffix

    Check that there are no unintentional characters at the end of uas.url value. In fact, always check that there are no extra spaces at ends of any of the lines!

    You can now close the Ubisecure SSO win32.config file

  4. Rest of the fields in the Ubisecure CustomerID win32.config file can be defined independently from Ubisecure SSO.

    Edit win32.config

    Field Name

    Field Description

    ubilogin.homeThis is the path to the location where Ubisecure SSO has been installed. Backslashes must be escaped with a backslash. ubilogin.home=C:\\Program Files\\Ubisecure\\ubilogin-sso\\ubilogin
    eidm.urlThis is the publicly visible URL address of your Ubisecure CustomerID installation. The value must not include a path component and must not end with a '/' character. This address must be accessible for all users of this installation. In an installation with front-end reverse proxy servers this address refers to the first front-end server that is accessible from the public network. In production systems, no port number should be used. eidm.url=https://cid.example.com
    proxy.local.url (if proxy is used)In case there is a reverse proxy server acting in front of the Ubisecure CustomerID, proxy.local.url specifies the URL that will be used by the reverse proxy when accessing the Ubisecure CustomerID. In example below, you must configure proxy to listen to eidm.url and forward requests to port 7443 on host1.local
    proxy.local.url=https://host1.local:7443
    rest.usernameThe username used with REST calls.
    rest.passwordThe password used with REST calls.
    ldap.principalThe object in LDAP that is used as login object for LDAP connections from Ubisecure CustomerID.
    ldap.passwordThe password used when connecting to LDAP from Ubisecure CustomerID.
    database.hostDefines the host where PostgreSQL is installed. This can be an IP address or DNS host name.
    database.portDefines the public TCP port of the PostgreSQL server. Default is 5432.
    database.nameDefines the name of the database that Ubisecure CustomerID should use from the PostgreSQL server.
    database.userDefines a user name that Ubisecure CustomerID should use to connect to PostgreSQL.
    database.passwordDefines the connection password for the Ubisecure CustomerID database user.
    wildfly.homeDefines the folder where WildFly is installed.
    wildfly.http.portDefines the TCP port where WildFly listens for unencrypted HTTP connections.
    wildfly.https.portDefines the TCP port where WildFly listens for encrypted HTTP connections.
    database.driver.pathDefines the path where scripts can find the PostgreSQL JDBC driver. (If you have followed instructions to the letter, this must be defined to point to %USERPROFILE%\Desktop\customerid.) Note, that in the configuration file, all paths must be escaped by duplicating each "\"-separator, so the actual path %USERPROFILE%\Desktop\customerid would have to be defined as %USERPROFILE\\Desktop
    customerid.
    database.driver.fileDefines the file name of the actual JDBC database driver library.
    keystore.aliasDefines a custom alias for the server's SSL key pair in the certificate key store.
    keystore.passwordDefines a password for the key store.
    mail.hostThe DNS name or IP address of the mail server.
    mail.portThe TCP port of the mail server. Usually 25 for unencrypted SMTP, 465 for encrypted SMTP.
    mail.usernameThe user account name used to log on to the mail server. This is an optional property.
    mail.passwordThe password of the user account name used to log on to the mail server. This is configured only in conjunction with mail.username.
    mail.fromThe email address to insert in the from field of the email messages. You need to escape the "@" character with another "@" character. Example: john.doe@@example.com
    mail.sslDefine if SSL should be used when contacting the mail server. Value is either true or empty.

To run Ubisecure CustomerID setup script:
Take the setup configurations in use by issuing the following commands:

cd /D "%PROGRAMFILES%\Ubisecure\customerid\application\"
setup.cmd
  • No labels