This article explains how to implement chain login for users when trying to access the RSA Authentication Manager Prime Kit Self-Service Portal (SSP).
In this instance, chain login means that users are asked for their Active Directory password followed by their Security Questions answers to be logged into SSP.
Confirm that the Chain Login bean is configured.
Enable the Chain Login bean for Home Page.
Disable any old Active Directory bean for the home page.
To achieve this result,
Go to the file <Prime_installation_directory>/configs/ssp/config.
Open authentication.xml in a text editor.
Look for the following snippet in the file and ensure that it is not commented out:
<bean id="chainADplusSQ" class="com.rsa.pso.services.ChainAuthenticatorService">
<property name="serviceName" value="ChainAuthenticator" />
<property name="authenticationServiceHelper" ref="authServiceHelper" />
<!--There should be exactly two authenticators.
Portal will throw exception if the authenticator count is
not equal to two(2)-->
Restart the SSP service for the changes to take effect.
The RSA Authentication Manager Prime Kit installation directory differs from one environment to the other. The admin should be aware of the installation directory. However, the subdirectories and file names will not change.
Steps to restart the service differ from one environment to the other. The admin should know how to restart a certain service in their environment.