Previous Topic: Enable the SiteMinder Policy Server Resource AdapterNext Topic: Restart the Application Server

Configuration GuideCA SiteMinder IntegrationDisable the Native CA Identity Manager Framework Authentication Filter

Disable the Native CA Identity Manager Framework Authentication Filter

With the SiteMinder adapter in place, the Framework Authentication Filter is no longer needed. The identity administrator can disable the filter.

Follow these steps:

  1. Locate and edit the web.xml file in the \user_console.war\WEB-INF folder under the iam_im.ear.
  2. Locate the FrameworkAuthFilter and switch the value of the Enable init-param to false.

    If you are using CA Identity Manager r12.5 SP7 or later, verify that the Java Cryptographic Extension Unlimited Strength Jurisdiction Policy Files (JCE) are downloaded into \<Java_path>\<jdk_version>\jre\lib\security in the CA Identity Manager environment. These files enable CA Identity Manager to connect to SiteMinder.

    If the JCE libraries are installed, you see the following messages during CA Identity Manager application startup:

    2012-07-06 11:23:56,079 WARN  [ims.default] (main) * Startup Step 2 : Attempting to start PolicyServerService
2012-07-06 11:23:56,081 WARN  [ims.default] (main) Unlimited Strength Java Crypto Extensions enabled: TRUE

    Otherwise, the value is false for the "Unlimited Strength Java Crypto Extensions enabled" entry. CA Identity Manager fails to connect to the Policy Server.