Configure WebSEAL

 

+

Search Tips   |   Advanced Search

 

We will configure a WebSEAL junction from the WebSEAL Server to the Web server. The step will be performed on the WebSEAL machine.

1. On the WebSEAL machine, use the pdadmin command line to create a WebSEAL junction.

   server task default-webSEAL-<hostname> create -t ssl -h <webserver_host> -p <SSL_port> -j -b supply -c all -f /ssl1

   For TCP junctions use tcp instead of ssl.

   In our scenario we ran the command as follows:

   pdadmin sec_master> server task default-webseald-m23vnx61 create -t ssl -h bc2srv2 -p 80 -j -b supply -c all -f /wastcp

2. Edit webseald.conf to configure the dummy password that will be passed in the HTTP Header and for Forms authentication. Open the file at...

   <Access_Manager_install_root>/PDWeb/etc/webseald-default.conf

3. In the [junction] stanza, change the basic-auth-dummy-password to the user password of the taiuser as shown:

   basicauth-dummy-passwd = taiuser1

4. In the [forms] stanza, enable WebSEAL authentication using forms. If you would like to use only SSL junction then set the forms-auth to https.

   forms-auth = https

5. Because you are using forms-based authentication and not basic authentication, change the ba-auth from https to none:

   ba-auth = none

6. Restart the WebSEAL server, Policy Server and the Authorization Server.

 

---