How to Integrate DWP Catalog and RSSO with Kerberos/AR UpperCase Transformation?

Version 2
    Share:|

    This document contains official content from the BMC Software Knowledge Base. It is automatically updated when the knowledge article is modified.


    PRODUCT:

    BMC Digital Workplace Advanced


    COMPONENT:

    MyIT Service Broker


    APPLIES TO:

    BMC Digital Workplace Advanced 18.x



    QUESTION:

    How to Integrate DWP Catalog and RSSO with Kerberos/AR with Upper Case Transformation?


    ANSWER:

    RSSO Admin Console
     
    1.- Removed AR Realm from the RSSO Realm list.

    On this specific case, customer was using Kerberos  with the 'Enable AR Authentication for bypass' option checked
    'User ID Transformation'  -'To UpperCase', in place. 

    On that same 'Kerberos' Realm
    Customer had 'User ID Transformation'  -'To UpperCase', in place, too.

    2.- Edited the Kerberos Realm, as follows:

    • Under Realm-General, added 'DWP Catalog hostname' in the 'application' list field.
    • Under Realm-General-Tenant, added domain.com domain in the 'tenant' field, .

    3.- Edited the 'hannah_admin' user record on both ends (DWP Catalog and ITSM).

    • Changed the 'loginID' value from 'Lower Case' to 'Upper Case' on both 'user' form record, since they had that 'LoginID Transformation' option in the RSSO Realm enabled.
     Came to that conclusion after setting the RSSO logging to debug mode, the application was expecting HANNAH_ADMIN, not hannah_admin.
    • NOTE: Had to use bypass URL for several parts of the configuration.

    4.- Set the ignore-tenant=true option for DWP and Midtier. After that,  restarted all Tomcats instances.
     

       
    • MyIT - Edited the below file
      
               /tomcat8.5/external-conf/sso-sdk.properties 
       
       
    •  Midtier - Edited the below file
       /midtierinstallation/WEB-INF/classes/  rsso-authenticator.properties  (had to create this file)  
       
    •   Open the config.properties file in a text editor.
            Add the following line to reference the   rsso-authenticator.properties file: 
            arsystem.authenticator.config.file=rsso-authenticator.properties 


    5. -Configured the Enhanced Catalog under the DWP Admin Console using hannah_admin (upper case) –   https://dwpserver:port/dwp/admin

    • Additionally, edited 3 user records on the DWP Catalog side so they were able to log onto the DWP Catalog without using the by-pass URL: Added the Administrator sbe-catalog-admins, removed sbe-myit-users from those user’s Group List. 

    6.- After that, confirmed that the connection between DWP and DWP Catalog was successful and that users were able to log into all the applications via RSSO. 
      
      

     


    Article Number:

    000163989


    Article Type:

    FAQ/Procedural



      Looking for additional information?    Search BMC Support  or  Browse Knowledge Articles