When creating an HTML file using the Configuration server-based
model in the Deployment Wizard, the next window after the Configuration
Model window is the Logon Type window. On this window, you are presented
with the following three options:
- Prompt users to enter Host On-Demand user ID:
Select this option only if you want users to be challenged for their
credentials. This is the default option.
- Use Web Express Logon: Select this option
to map the user's network ID to the Host On-Demand ID, which will
log users on to the Host On-Demand server.
|
Note that
you must have your user profiles already set
up on your Host On-Demand configuration server. If you do not have
your user profiles set up and you attempt to launch the HTML file,
you will get the following error message:
WELM051 User name returned from Web Express Logon
is not a known Host On-Demand user
|
- In the web.xml file, update the following INIT parameter with
the new Vault credential mapper name, for example,
CMPIConfigServer_:
<init-param>
<param-name>CMPICredentialMappers</param-name>
<param-value>CMPIDCASPlugin, CMPIVaultPlugin,
CMPIConfigServer_ </param-value>
</init-param>
Add the parameter name for the new parameter
value specified above, and change the AUTH type to AuthType_ConfigServer:
<init-param>
<param-name>CMPIConfigServer_</param-name>
<param-value>com.ibm.eNetwork.security.sso.cms.CMPIVault,
AuthType_ConfigServer, *</param-value>
</init-param>
- In the web.xml file, configure the remaining Vault parameters except these two parameters:
- CMPI_VAULT_DB_HOSTADDR_COL_NAME
- CMPI_VAULT_DB_HOSTAPP_COL_NAME
Use the section E. Add the required Vault parameters for the CMPIVaultPlugin. and F. Add the optional Vault parameters (if desired). as references. You will need to prepend the
new credential mapper name to the Vault parameter names, for example,
CMPIConfigServer_CMPI_VAULT_DB_ADDRESS.
- In your Vault credential mapper database, create a new table with
three columns, for example:
Be sure that the NETWORKID contains the network IDs, the HODID
column contains the Host On-Demand user IDs, and the PASSWORD column
contains the Host On-Demand passwords. Since you did not add parameters
in your XML file for HOSTADDRESS and APPLICATIONID, you do not need
to add the columns for these in your Vault credential database.
- Automatically log users on to Host On-Demand using
their Windows username: Select this option to allow Host On-Demand to
use the local system's ID for macro-based automation. You can either
allow Host On-Demand to use the network ID supplied to the network
security application or the Windows system ID to retrieve the host
credentials. If you use this option, be sure that you select the appropriate
User Identity Type in session properties and that you are using the
WAR file that is intended to be used with Windows Domain (wincms.war).
When using the Configuration server-based model and a network security
application such as Tivoli Access Manager, you may be accessing your
Host On-Demand pages
via a URL such as https://server_name/junction_name/
HOD/myhodpage.html,
where
server_name is the name of the machine
running Tivoli Access Manager and
junction_name is
the junction that you create to point to your
Host On-Demand server
machine and your HTTP server's port number. If this is the case,
Host On-Demand will
try to contact the
Host On-Demand Service Manager to get your user,
group, and session information at the
server_name rather
than at the
junction_name. To remedy this
situation, edit the config.properties file found in the
HOD directory
of your
Host On-Demand install directory (\Program Files\IBM\
Host On-Demand\
HOD\config.properties)
by adding this line at the end of the file content:
ConfigServer=myhodserver.ibm.com
where
myhodserver is the machine you are pointing to
with the
junction_name.