000028152 - KB-1311 - How to configure the Test Auth provider

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000028152
Applies ToAffected Versions: 4.X; 3.6.X
Resolution

This kbase refers to older V3 nd V4 ACM versions. The latest ACM V5 and V6 product documentation for all server types, Jboss, WebSphere and WebLogic now include instructions on how to setup test authentication. This 'documented' set of instructions supercedes the information presented here.


 


 


 


The TestAuth will allow any user collected by the specified IDC to access the appliance using any password or a common global password.


 


The TestAuth is not to be used in production but for testing only.


 


1. Determine the ID of the IDC that will be used for the TestAuth, it can be any IDC that has already run and successfully collected users.


 


sqlplus avuser/secret


select ID, NAME from T_DATA_COLLECTORS;


 


2, Add the TestAuth configuration to the Aveksa database.


sqlplus avuser/secret


 


(Note: the SQL is all on one line and replace the "1" in red with the correct IDC for the environment from step #1)


 


INSERT INTO T_AUTH_CONFIGURATIONS

(ID, IDC_ID, AUTH_PROVIDER_NAME, AUTH_CONFIGURED_PROPERTIES,AUTH_PROVIDER_TYPE,AUTH_PROVIDER_CLASS)

VALUES(AUTH_CONFIGURATION_SEQUENCE.nextval, 1, 'TestAuthProvider',

'<?xml version="1.0" encoding="UTF-8"?><properties></properties>',

'TestAuthProviderType', 'com.aveksa.server.authentication.TestLoginModule');


 


3. Configure the TestAuthProvider for the target application server.


 


For Tomcat (with Aveksa 3.X)


 


cp /home/oracle/database/SampleData/TestAuthProvider.config

/usr/bin/tomcat/webapps/aveksa/WEB-INF/config/

 


For jboss (with Aveksa 4.x)


 


cp /home/oracle/database/SampleData/TestAuthProvider.config

/home/oracle/jboss/server/default/deploy/aveksa.ear/aveksa.war/WEB-INF/config

 


For Weblogic (with Aveksa 4.1)


 


a. Edit or create a jaas.config file and place the following lines in it


 


TestAuthProvider {



com.aveksa.server.authentication.TestLoginModule

required debug=false;

};
 

b. Edit the setDomainEnv.sh (typically found in $WL_HOME/user_projects/domains/base_domain/bin
c, Add the following to the JAVA_PROPERTIES, where <path> is the full path name to the jaas.config file used.


-Djava.security.auth.login.config=<path>/jaas.config"

 


For Websphere (with Aveksa 4.1)


 


Refer to existing Aveksa WebSphere Installation documentation.


 


 



4. Restart the application server


 


For Tomcat or Jboss


 

$ sudo service aveksa_agent stop 3.X only
$ sudo service aveksa_server stop


 

$ sudo service aveksa_server start

$ sudo service aveksa_agent start 3.X only
For Weblogic
stopWebLogic.sh

startWebLogic.sh

 


5. Optional - Configure a 'common' password for all users:


 


a. Go to Admin/System Tab


b. Click on Edit


c. Add a Property "TestAuthProviderUserPassword" and desired password value


d. Hit Save


 


Users should now be able to log in with their standard User ID and any password of you configured a common password all users must now use that common password.





 
NotesYou can configure multiple TestAuth providers for multiple IDCs the would then be called TestAuth TestAuth2 etc.

Attachments

    Outcomes