HP Asset Manager. Implementing Single Sign On for Asset Manager Web 5.x. Legal Notices... 2. Introduction... 3. Using AM 5.20... 3



Similar documents
Customizing Asset Manager for Managed Services Providers (MSP) Software Asset Management

Managing Scalability of Web services

HP Business Service Management

HP Software as a Service

Legal Notices Introduction... 3

HP Business Service Management

HP Real User Monitor. Release Notes. For the Windows and Linux operating systems Software Version: Document Release Date: November 2012

HP Software as a Service. Federated SSO Guide

HP Project and Portfolio Management Center

HP SiteScope. HP Vertica Solution Template Best Practices. For the Windows, Solaris, and Linux operating systems. Software Version: 11.

HP Business Service Management

HP Business Service Management

HP Service Manager. Collaboration Guide. For the Supported Windows and UNIX operating systems. Software Version: 9.31

HP Universal CMDB. Software Version: Data Flow Management Best Practices

HP OpenView Smart Plug-in for Microsoft Exchange Server

HP Asset Manager. Software version: Integration with software distribution and configuration management tools

HP Device Manager 4.7

HP Service Manager. Software Version: 9.40 For the supported Windows and Linux operating systems. Collaboration Guide

HP Device Manager 4.7

HP Business Process Monitor

Web Integration between AssetCenter 5.0 and ServiceCenter 6.2 Using Single Sign-on

HP SiteScope. Hadoop Cluster Monitoring Solution Template Best Practices. For the Windows, Solaris, and Linux operating systems

HP OpenView AssetCenter

HP Asset Manager. Software version: Asset Tracking Solution

HP Quality Center. Software Version: Microsoft Word Add-in Guide

HP Device Manager 4.6

HP Business Availability Center

Legal Notices Introduction... 3

Synchronizing ProCurve IDM and Windows Active Directory

How to configure 802.1X authentication with a Windows XP or Vista supplicant

HP Service Manager. Software Version: 9.40 For the supported Windows and Linux operating systems. Application Setup help topics for printing

HP Operations Orchestration Software

HP Operations Orchestration Software

HP Server Automation Enterprise Edition

HP Business Service Management

HP Access Control Express Installation Guide

HP Application Lifecycle Management

HP 3PAR Recovery Manager Software for Microsoft Exchange Server 2007, 2010, and 2013

Vertica OnDemand Getting Started Guide HPE Vertica Analytic Database. Software Version: 7.2.x

HP Records Manager. Release Notes. Software Version: 8.1. Document Release Date: June 2014

HP Quality Center. Software Version: Microsoft Excel Add-in Guide

HP AppPulse Active. Software Version: 2.2. Real Device Monitoring For AppPulse Active

HP Enterprise Integration module for SAP applications

P4000 SAN/iQ software upgrade user guide

HP Quality Center. Upgrade Preparation Guide

HP Service Manager. Software Version: 9.34 For the supported Windows and UNIX operating systems. Incident Management help topics for printing

HP Device Manager 4.6

HP OpenView AssetCenter

Bluetooth Pairing. User Guide

HP Service Manager. Software Version: 9.34 For the supported Windows and UNIX operating systems. Service Desk help topics for printing

HP Vertica Integration with SAP Business Objects: Tips and Techniques. HP Vertica Analytic Database

HP Quality Center. Software Version: Microsoft Excel Add-in Guide

HP ALM. Software Version: Tutorial

HP ThinPro. Table of contents. Connection Configuration for RDP Farm Deployments. Technical white paper

CA Nimsoft Service Desk

How Service Manager 7 Licensing works

HP Change Configuration and Release Management (CCRM) Solution

HP Service Manager. Software Version: 9.40 For the supported Windows and Linux operating systems. Processes and Best Practices Guide (Codeless Mode)

HP LeftHand SAN Solutions

Using SAP Logon Tickets for Single Sign on to Microsoft based web applications

HP ALM Best Practices Series

Sharing Pictures, Music, and Videos on Windows Media Center Extender

Legal Notices Introduction Definitions... 3

HP OpenView Performance Insight Report Pack for Databases

HP Operations Orchestration Software

HP Service Manager. Service Desk help topics for printing. For the supported Windows and UNIX operating systems. Software Version: 9.

HP Service Manager. Software Version: 9.40 For the supported Windows and Linux operating systems. Request Management help topics for printing

HP Business Service Management

HP Cloud Service Automation

HP BladeSystem Management Pack version 1.0 for Microsoft System Center Essentials Troubleshooting Assistant

SSO Plugin. Release notes. J System Solutions. Version 3.6

HP Windows 7 Onsite Upgrade Service

HP Application Lifecycle Management

HP Quality Center. Software Version: Version Control Add-in Guide

HP Device Manager 4.6

HP ProLiant Essentials Vulnerability and Patch Management Pack Release Notes

HP Operations Orchestration Software

Plug-In for Informatica Guide

HP IMC User Behavior Auditor

Installing Microsoft Windows

Integration of SAP Netweaver User Management with LDAP

HP-UX Support Tools Manager (STM) Release Notes

CA Spectrum and CA Embedded Entitlements Manager

Enabling Single Signon with IBM Cognos ReportNet and SAP Enterprise Portal

Radia Cloud. User Guide. For the Windows operating systems Software Version: Document Release Date: June 2014

HP Operations Orchestration Software

FTP Server Configuration

Copyright

Single Sign-On between SAP Portal and SuccessFactors

HP Application Lifecycle Management

HP Server Integrations with Microsoft System Center Products Support Matrix

SAP Business Intelligence Suite Patch 10.x Update Guide

HP Service Manager. Software Version: 9.34 For the supported Windows and UNIX operating systems. Processes and Best Practices Guide

Closed Loop Incident Process (CLIP) Solution

HP OpenView Service Desk Process Insight 2.10 software

Send to Network Folder. Embedded Digital Sending

CA Performance Center

Transcription:

HP Asset Manager Implementing Single Sign On for Asset Manager Web 5.x Legal Notices... 2 Introduction... 3 Using AM 5.20... 3 Using AM 5.12... 3 Design Blueprint... 3 Technical Design... 3 Requirements, Guidelines and Considerations... 3 Minimum Requirements... 3 Workflow and Tasks... 4 Old piece of code... 4 New piece of code... 5 JavaBean Example:... 5 JavaBean Requirements... 5 Sample code... 5 Compiling JavaBeans:... 6 Synchronizing Windows and Web client authentications... 6 For more information... 7

Legal Notices Copyright 1994-2008 Hewlett-Packard Development Company, L.P. Confidential computer software. Valid license from HP required for possession, use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. The information contained herein is subject to change without notice. Adobe, Adobe logo, Acrobat and Acrobat Logo are trademarks of Adobe Systems Incorporated. Corel and Corel logo are trademarks or registered trademarks of Corel Corporation or Corel Corporation Limited. Java is a US trademark of Sun Microsystems, Inc. Microsoft, Windows, Windows NT, Windows XP, Windows Mobile and Windows Vista are U.S. registered trademarks of Microsoft Corporation. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. UNIX is a registered trademark of The Open Group. 2

Introduction To implement Single Sign-On (SSO), Identity Management tools such as Netegrity s Siteminder or Webseal can be used with HP Asset Manager 5.x Web application (5.12 and later). This document can be used as a blueprint to install and configure SSO with the HP Asset Manager 5.x Web application (5.12 and later). It describes the requirements and necessary steps to carry out this implementation. Using AM 5.20 SSO is now handled out of the box and customization is described in the product documentation, manual Administration, section Sharing user authentication using Lightweight Single Sign-On (LW- SSO) Using AM 5.12 Design Blueprint Technical Design Identity Management tools provide authentication and authorization for a particular user. When a Web application (such as Asset Manager Web) is protected by SSO, the user is redirected to an authentication server where they are presented with a logon page. Once the user has logged on, the authentication server verifies that the user has access to the Web application. If the user does have access, the authentication server will redirect the user back to the initial Web application. In addition to the redirect, the authentication server will append information about the user within the HTTP header data. This header data can then be used as needed by the Web application. Although the SSO authentication server can authenticate and authorize a user for a particular Web application, Asset Manager has its own unique logon process. The use of SSO as the logon method requires the following: Working Single Sign-on tool with established accounts and access to the Asset Manager Web application. (The process to protect a particular Web application will vary depending on the tool. Please see your SSO administrator for information on what is required.) Creation of a new JavaBean that Asset Manager Web will use to pull HTTP header information supplied by SSO. This will be used by Asset Manager Web to allow a user to automatically log in. Modification of Asset Manager Web configuration files to use this sign-on process. Employee s username within Asset Manager (Table SQLName: amempldept, Field SQLName: UserLogin) must match the username used within SSO. Requirements, Guidelines and Considerations Minimum Requirements Experience with Asset Manager, Asset Manager Web Familiarity with Web development and related technologies (e.g. Tomcat) Java development experience (will require creating and compiling custom Java classes) 3

Workflow and Tasks This section describes the tasks involved for setting up SSO with Asset Manager 5.12 Web. Step Action/Process Action Description Required Input 1 Setup SSO to protect the Asset Manager Web URL 2 Establish SSO accounts for users that will require access to Asset Manager Web. 3 Create SSO authentication JavaBean 4 Modify the Asset Manager Web applicationcontext.xml configuration file, in particular to add the newly created JavaBean class to the. SSO must be configured to protect the Asset Manager Web. Contact the SSO administration team. All users that will access Asset Manager Web will require SSO accounts. These accounts must have usernames that match the employee s username within Asset Manager. Develop custom JavaBean that will pull HTTP header information passed from SSO. The JavaBean should pull the validated username and return that value to the Asset Manager Web logon process. Open the following file for editing: TOMCAT\webapps\AssetManag er\web-inf\classes\applicationcontext.xml Verify SSO accounts exist and the username of the SSO account matches the value stored in the employees Asset Manager account (value is stored in the amempldept table in field UserLogin for the particular user). The requirements for the JavaBean will depend on how the HTTP header information is passed from SSO. See section 5 below for examples. Once the JavaBean has been developed, it will need to be compiled via the Java SDK. To compile successfully, the classpath must include several references to the Asset Manager Web APIs. See section 5 for examples. Verify the JavaBean compiled successfully with no errors. Replace old piece of code with new piece of code (see below). 6 Restart Tomcat After all changes have been made, restart the Tomcat service. Old piece of code <bean id="acwc:preauthenticationfilter" class="com.hp.ov.ac.web.security.sso.ssopreauthenticationfilter"> <property name="authenticationmanager"> <ref bean="acwc:authenticationmanager"/> <property name="defaultrole"> <value>role_pre</value> <property name="keepdomain"> <value>false</value> To use a custom sso provider, put you bean ref here and uncomment the following. --> <property name="ssoprovider"> <ref bean="acwc:ntssoprovider"/> 4

--> </bean> register your custom sso provider here and uncomment following --> <bean id="acwc:ntssoprovider" class="com.hp.ov.ac.web.security.sso.ntssoprovider"/> --> New piece of code <bean id="acwc:preauthenticationfilter" class="com.hp.ov.ac.web.security.sso.ssopreauthenticationfilter"> <property name="authenticationmanager"> <ref bean="acwc:authenticationmanager"/> <property name="defaultrole"> <value>role_pre</value> <property name="keepdomain"> <value>false</value> To use a custom sso provider, put you bean ref here and uncomment the following. --> <property name="ssoprovider"> <ref bean="acwc:sampleheaderssoprovider"/> </bean> <bean id="acwc:sampleheaderssoprovider" class="com.hp.ov.ac.web.security.sso.sampleheaderssoprovider"/> JavaBean Example: JavaBean Requirements During the log on process, Asset Manager will call the newly created JavaBean and verify the user was authenticated by a SSO process. This is done via a call to a method named getusername. The JavaBean must implement this method returning the username of the authenticated user (from the HTTP header). If the HTTP header value does not exist (the user entered the logon page outside of the SSO process) the JavaBean should return NULL. For the authentication process to work, the username passed from the getusername method must match the username stored in the employee table (amempldept) of the Asset Manager database. Sample code package com.hp.ov.ac.web.security.sso; import javax.servlet.http.httpservletrequest; public class SampleHeaderSSOProvider implements ISsoProvider { public String getusername( HttpServletRequest request ) { // Suppose that the user login is store in http header under the key "My_User" return request.getheader( "My_User" ); } 5

} Compiling JavaBeans: To compile the example above, the class path to Tomcat and Asset Manager Libraries must be referenced. Example: JSDKHOME\bin\javac.exe classpath C:\TOMCAT_HOME\common\lib\servletapi.jar;C:\TOMCAT_HOME\webapps\AssetManager\WEB-INF\classes SampleHeaderSSOProvider.java After compiling, SampleHeaderSSOProvider.class must be placed in the C:\TOMCAT_HOME\common\lib\servlet- api.jar;c:\tomcat_home\webapps\assetmanager\web- INF\classes\com\hp\ov\ac\web\security\sso folder (where the lssoprovider.class file already took place). Synchronizing Windows and Web client authentications Asset Manager can be customized to request LDAP credentials to a user that logs in with the Windows client. If the identity tool used when implementing SSO for Asset Manager Web points on the same LDAP source, both AM and Windows authentications will then be synchronized. 6

For more information Please visit the HP Software support Web site at: http://www.hp.com/managementsoftware/support This web site provides contact information and details about the products, services, and support that HP Software offers. HP Software online support provides customer self-solve capabilities. It provides a fast and efficient way to access interactive technical support tools needed to manage your business. As a valuable support customer, you can benefit by being able to: Search for knowledge documents of interest Submit and track progress on support cases Submit enhancement requests online Download software patches Manage a support contract Look up HP support contacts Review information about available services Enter discussions with other software customers Research and register for software training Note: Most of the support areas require that you register as an HP Passport user and sign in. Many also require an active support contract. To find more information about support access levels, go to the following URL: http://www.hp.com/managementsoftware/access_level To register for an HP Passport ID, go to the following URL: http://www.managementsoftware.hp.com/passport-registration.html Limited responsibility clause Asset Manager is integrated with several third-party applications. Examples: Database engines, Web servers, single sign-on software, load-balancing and clustering hardware and software solutions, reporting software such as Crystal Reports, etc. Support for these applications is limited to their interface with Asset Manager. Support does not cover installation problems, setup and customization problems nor malfunctioning of the third-party application. White papers contain examples of implementations that may work in your environment with or without customization. There is no guarantee that this will be the case. It could also be that some of the solutions covered by white papers appear as standard features in a future release of the software. When this is the case, there is no guarantee that you will be able to upgrade the solution you implemented based on the white paper to the equivalent standard feature. 2008 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. Itanium is a trademark or registered trademark of Intel Corporation in the U.S. and other countries and is used under license. Implementing SSO for AssetManager Web 5.x.doc 7

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information