Deploying PAM Federated Sign-In Post Installation

 

Pre-requisites

Deploying PAM Federated Sign-In Post Installation

  1. Download the PAM Federated Sign-In component to your PAM host machine (PAM Federated Sign-In Download)
  2. When the download is complete, unpack the downloaded archive and copy its containing file cas.war to $PAM_HOME/web/webapps.
  3. Edit the file $PAM_HOME/web/conf/catalina.properties and make the following modifications (if these any of these lines are not present, please add them):

    1. Set the property cas.managed.path to PAM’s managed path (secured URI) so it will look something like this cas.managed.path=https://pam.company.com:6443

      2.  

    2. Set the property cas.server.name to PAM’s managed path (secured URI) so it will look something like this cas.server.name=https://pam.company.com:6443

      3.  

    3. Set the property cas.server.prefix to PAM’s federated sign-in path (secured URI) so it will look something like this cas.server.prefix=https://pam.company.com:6443/cas

      4.  

    4. Set the property cas.view.defaultRedirectUrl to PAM’s GUI URL (secured URI) so it will look something like this cas.view.defaultRedirectUrl=https://pam.company.com:6443/xtam/

     

    Please take note of the port (:6443) in the above example. If you are using a port other than the default 6443, update this line to reflect the port number being used. If you are using a reverse proxy which is using port 443 then a possible, working value may be https://pam.company.com.

  4. Download and then unpack the web archive located here.
  5. Consider making a copy of the existing web.xml file in $PAM_HOME/web/webapps/xtam/WEB-INF in case of issues.
  6. Copy the downloaded web.xml file to $PAM_HOME/web/webapps/xtam/WEB-INF replacing the file with the same name which already exists.
  7. Restart the PamManagement (Windows) or pammanager (Linux) service.
  8. When the deployment is complete, the federated sign-in page will be available at the Managed Path entered in step 3a followed by /xtam.

Instruction for update Federated Sign-In component from CAS v5.2 to CAS v6.5 is here.

To Deploy PAM Federated Sign-In During Installation