Converse agora com nosso suporte
Chat com o suporte

Identity Manager 9.3 - Web Application Configuration Guide

About this guide Managing the API Server Configuring API projects and web applications
General configuration Configuring the Administration Portal Configuring the Application Governance Module Configuring the Password Reset Portal Configuring the Web Portal
Configuring departments Configuring address books Ansichten konfigurieren Configuring application roles Configuring the Application Governance Module Configuring attestation Configuring authentication by accepting the terms of use Configuring request functions Configuring delegation Configuring your own API filter Configuring your own filters Configuring recommendations for adding entitlements to objects Configuring devices Configuring business roles Configuring the help desk module/tickets Configuring hyperviews Configuring identities Configuring password questions Configuring cost centers Configuring service items Program functions for the Web Portal Configuring software Configuring locations Configuring statistics Configuring system roles Skip table sorting Configuring team roles Configuring the four eyes principle for issuing a passcode. Configuring WebAuthn security keys
Configuring the Operations Support Web Portal
Recommendations for secure operation of web applications

Step 3: Configuring the application server

The RSTS call the WebAuthn security key for Active Directory users over an interface. This information is sensitive and must not be called by unauthorized persons, therefore, access must secured through by client certificate login.

In order for this to work, certificates must be valid and client certificate login on IIS must be enabled.

The application server checks the certifcate's thumbprint the client used to login. Only if the thumbprint matches the stored thumbprint, is the information returned.

If the application server is also used as the backend for web applications, grant access rights to the application pool users for the OAuth signing certificate's private key.

To enable client certificate login on IIS

  1. Start the Internet Information Services Manager.

  2. Open the SSL Setting menu for the relevant application server.

  3. In the Client certificates option, change the value to Accept.

Related topics

Step 4: Configuring the Web Portal

NOTE: The web application to be used by WebAuthn, must apply the HTTPS secure communications protocol (see Using HTTPS).

Required configuration keys:

  • Secondary authentication provider ID for Webauthn two-factor authentication (VI_Common_AccessControl_Webauthn_2FAID): Specifies the unique ID of the secondary authentication provider for Webauthn two-factor authentication.

  • Multi-factor authentication (MfaAuthenticationProvider): Specifies which authentication method to use.

  • WebAuthn security keys can be managed (EnableWebauthnKeyManagement): Specifies whether user can manage their WebAuthn security keys.

To configure WebAuthn in the Web Portal

  1. Log in to the Administration Portal (see Logging in to the Administration Portal).

  2. In the navigation, click Configuration.

  3. On the Configuration page, in the Show configuration for the following API project drop-down, select the Web Portal API project.

  4. Expand the Secondary authentication provider ID for Webauthn two-factor authentication configuration key.

  5. In the Value field, enter the unique identifier of the secondary authentication provider for WebAuthn two-factor authentication. You will find this identifier in your RSTS configuration.

    1. In your Internet browser, call the URL of the RSTS administration interface: https://<Webanwendung>/RSTS/admin.

    2. On the main page, click Authentication Providers.

    3. On the Authentication Providers page, click the appropriate entry.

    4. On the Edit page, switch to the Two Factor Authentication tab.

    5. Take the ID from the Provider ID field.

  6. Expand the Multi-factor Authentication configuration key.

  7. In the Value drop-down, select Webauthn.

  8. Exand the WebAuthn security keys can be managed configuration key.

  9. Perform one of the following actions:

    1. To enable management of WebAuthn security keys in the Web Portal, select the WebAuthn security keys can be managed check box.

    2. To disable management of WebAuthn security keys in the Web Portal, clear the WebAuthn security keys can be managed check box.

  10. Click Apply.

  11. Perform one of the following actions:

    • If you want to apply the changes locally only, click Apply locally.

    • If you want to apply the changes globally, click Apply globally.

  12. Click Apply.

Configuring the Operations Support Web Portal

This section describes the configuration steps and parameters that you will require to configure some of the features for the Operations Support Web Portal.

Detailed information about this topic

Configuring editable properties of Job servers

In the Operations Support Web Portal, you can define which properties of a Job server can be edited in the Job server overview.

Required configuration keys:

  • Properties that can be edited / Job servers (QbmOperationsConfig/EditableFields/QBMServer): Specifies which Job server properties can be edited.

To configure the editable properties of Job servers

  1. Log in to the Administration Portal (see Logging in to the Administration Portal).

  2. In the navigation, click Configuration.

  3. On the Configuration page, in the Show configuration for the following API project drop-down, select the Operations Support Web Portal API project.

  4. Expand the Properties that can be edited / Job servers configuration key.

  5. You can perform the following actions:

    • To add a property, click New and select the corresponding property from the drop-down.

    • To change an existing property, select the property in the corresponding drop-down.

    • To remove a property, Next to the corresponding property, click (Delete).

  6. Click Apply.

  7. Perform one of the following actions:

    • If you want to apply the changes locally only, click Apply locally.

    • If you want to apply the changes globally, click Apply globally.

  8. Click Apply.

Documentos relacionados

The document was helpful.

Selecione a classificação

I easily found the information I needed.

Selecione a classificação