000035954 - Configuring different challenge questions in RSA Adaptive Authentication (On-Premise) for separate organizations

Document created by RSA Customer Support Employee on Feb 7, 2018Last modified by RSA Customer Support Employee on Feb 7, 2018
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000035954
Applies ToRSA Product Set: Adaptive Authentication (On-Premise)
RSA Product/Service Type: Adaptive Authentication (On-Premise)
IssueThe c-config-challenge.xml file contains a list of the RSA Adaptive Authentication challenge questions. Is that one XML file for all different orgs configured in Adaptive Authentication or can there be different sets of challenge questions to choose from for each separate org? 
 
ResolutionThe c-config-challenge.xml file can be configured per organization. 
 
Whatever is in /RSA/configs (-root config) governs sub-Orgs UNLESS there is a sub-Org config; for example, /RSA/configs/Org_ABC/c-config-challenge.xml would only work for Org_ABC in place of the default/root Org challenge questions.
NotesThis is an example of how to set up different questions for three different organizations.  Let’s say we have three organizations:
  • Org_ABC
  • Org_XYZ
  • Org_EFG
We want to create separate questions for ABC and XYZ.  To do this, follow the steps below:

  1. First, create two new folders inside /RSA/configs/ with the names of the organizations and copy the c-config-challenge.xml inside each folder.  For example:

/RSA/configs/Org_ABC/
                c-config-challenge.xml
 
/RSA/configs/Org_XYZ/
                c-config-challenge.xml


  1. Change the contents of the questions in each c-config-challenge.xml file according to what is needed in each organization.
  2. When a new user is added, she will receive the questions for the right organization according to the configuration file.  For example, these are the three organizations we need to create:

 



User-added image 



 



  1. Add a folder for organizations ABC and XYZ inside the RSA/configs/ folder:

User-added image



  1. The c-config-challenge.xml file in /RSA/configs remains untouched and Org_EFG will get the questions from it since there is neither a folder nor file specifically designated for Org_EFG.
  2. Copy the /RSA/configs/c-config-challenge.xml file to the correct organization's folders:

User-added image



 



  1. Apply steps 4 through 6 for ABC and XYZ.
  2. Finally move the contents of each file, appending something to the <property name><value> tag that would indicate the question belongs to that organization:

User-added image



 



User-added image



 
 



  1. Save the files, restart the server and attempt to enroll three users to get the expected results, as follows:

  • One for Org_ABC:

User-added image


 
 



  • One for Org_XYZ:

User-added image



 



  • One for Org_EFG:

User-added image

Attachments

    Outcomes