How to configure DS-auth SSO?

1reply Oldest first
  • Oldest first
  • Newest first
  • Active threads
  • Popular
  • #DSAuth SSO Configuration.
    ### Configrations:
    1. Enable SSO login using the tmt command: ```./tmt.sh -u <tenant_name> sso-login-enable true```.
    2. Add the following tag to ```<INCORTA_INSTALLATION_PATH>/server/conf/server.xml``` and the begining of ```<Host>``` tag:
    LoggingEnabled = "true"
    ####Set values for the following keys as:
     1. ```appId```: To be used with the “validate” function.
     2. ```appIdKey```: To be used with the “login” function.
     3. ```appAdminPassword```: produced as a result of creating application at DS authentication.
     4. ```redirectUrl```: SSO Url at which user will go through the login scenario.
       1. Absolute Url
       2. Not ended with /
     5. ```validateUrl```: Url of Validating the cookie with DS Authentication Web’s validate function .
     6. ```userLoginKey```: User parameter which will be used as the loginName at incorta.
     7. ```myacinfo```: The kocki key at with DS AUth injects user credentials after user signs in.
     8. ```logoutURL```: absolute url to which user will be resirected after signing out to sign in again.
     9.```LoggingEnabled```:This flag turn on the the valve logging messages. By default it's false which mean the logging is turned off.
     10. ```rv```:
      - For single tenant  add: ```rv = "50"```
      - For multiple tenants, you need to provide rv value for each tenant ```rv = "tenant1=40,tenant2=50"``` and accordingly apple connect team needs to add rv value at apple connect for each tenant.
      - Note that incorta is compatible with both development and production environments you can just remove the rv parameter for server.xml and incorta will send ```baseURL```.
     11. ```skippingAttribute```: If you have another SSO valve befor DSAUth and you had set your remote user and wants the DSAuth to skip and do nothing. User this key to set a request attribute with any value. Accordingly DSAUth will skip and just call nextValve().
    ###Coping libraries:
    1. cd ```<INCORTA_INSTALLATION_PATH>/server/lib```
    2. Remove ```incorta-sso.jar``` file.
    3. Copy ```apple-dsauth.jar``` file from inside the ```apple-code.zip``` which is packged with incorta build into the same path.
    Restart incorta by running ```./stop.sh``` then ```./start.sh``` at the root of incorta instllation path.
    1. Make sure that incorta url which user requests from the brwoser includes the tenant name and ends with a slash: ```/!tenant_name/```, like: ```http://www.server.com/incorta/!tenant/```.
    2. For coping ```apple-dsauth.jar``` into ```server/lib```, you need to do this munually every time you update incorta and there are changes related to SSO.
Like Follow
  • Status Answered
  • 12 days agoLast active
  • 1Replies
  • 163Views
  • 2 Following