SSO adapter installation on Linux - CustomerID

Ubisecure CustomerID package includes the Ubisecure CustomerID SSO Adapter extension to the Ubisecure SSO (it was previously called Ubisecure CustomerID Authorizer). It needs to be installed so that role based policies can be utilized in Ubisecure CustomerID. It also includes functionality related to user driven federations.

NOTE: The installation instructions concerning Ubisecure CustomerID SSO Adapter are written for a single Ubisecure SSO node. If you have more nodes then these steps should be done on all of them.


To install the Ubisecure CustomerID SSO Adapter extension to Ubisecure SSO:

  1. Define UBILOGIN_HOME environment variable for the Ubisecure SSO server so that it points to the Ubisecure SSO installation path: /usr/local/ubisecure/ubilogin-sso/ubilogin

    export UBILOGIN_HOME=/usr/local/ubisecure/ubilogin-sso/ubilogin
  2. Transfer the cid-sso-adapter-package-x.x.x-linux.tar.gz file to the Ubisecure SSO server and extract it for example under the following folder: /usr/local/ubisecure
  3. Run the Ubisecure CustomerID SSO Adapter installation script: 

    cd /usr/local/ubisecure/cid-sso-adapter
    ./install.sh

The Ubisecure CustomerID SSO Adapter package files will be integrated to the Ubisecure SSO installation.

  1. Ensure that all files in ubilogin-sso folder have correct owner and group. 

    chown -R ubilogin. /usr/local/ubisecure/ubilogin-sso

There are now two new configuration files in the following folder: /usr/local/ubisecure/ubilogin-sso/ubilogin/webapps/uas/WEB-INF
The new configuration files are:

  • attribute-prefix.index
  • eidm2-authorizer.properties

Also some new library files have now been added to the /usr/local/ubisecure/ubilogin-sso/ubilogin/webapps/uas/WEB-INF/lib folder.

  1. You may now need to make some changes to the eidm2-authorizer.properties according to your installation configuration. For more details, refer to the page Authorization configuration - CustomerID. After the properties have been checked, you need to run update on Ubisecure SSO in order to finalize the installation of the Ubisecure CustomerID SSO Adapter. Update script will restart SSO.

    cd /usr/local/ubisecure/ubilogin-sso/ubilogin
    ./config/tomcat/update.sh
    
  2. Ensure that the SSO diagnostic log (sso_diag.yyyy-mm-dd.log, which is by default located at /usr/local/ubisecure/ubilogin-sso/ubilogin/logs) contains the following rows (with the current time): 

    2022-10-06 07:25:25,711 uas init INFO CustomerID Authorizer started 
    2022-10-06 07:25:25,711 uas authz INFO eidm.authorizer: CidAuthorizer init started. 
    2022-10-06 07:25:26,083 uas init INFO CustomerID SQL: customeriddb PostgreSQL 12.8 
    2022-10-06 07:25:26,130 uas authz INFO eidm.authorizer: CidAuthorizer init done. 
    2022-10-06 07:25:26,130 uas init INFO eidm: com.ubisecure.customerid.authorizer.CidAuthorizer: started

This web page (including any attachments) may contain confidential, proprietary, or privileged information – not for disclosure without authorization from Ubisecure Inc. Copyright © 2024. All Rights Reserved.