Previous Topic: Enable the CA SiteMinder® Policy Server Resource AdapterNext Topic: Restart the Application Server

CA Identity Manager Configuration GuideCA CA SiteMinder® IntegrationDisable the Native CA Identity Manager Framework Authentication Filter

Disable the Native CA Identity Manager Framework Authentication Filter

With the CA SiteMinder® adapter in place, the Framework Authentication Filter is no longer needed. The identity administrator can disable the filter.

Follow these steps:

  1. Locate and edit the web.xml file in the \user_console.war\WEB-INF folder under the iam_im.ear.
  2. Locate the FrameworkAuthFilter and switch the value of the Enable init-param to false.

    If you are using CA Identity Manager r12.5 SP7 or later, verify that the Java Cryptographic Extension Unlimited Strength Jurisdiction Policy Files (JCE) are downloaded into \<Java_path>\<jdk_version>\jre\lib\security in the CA Identity Manager environment. These files enable CA Identity Manager to connect to CA SiteMinder®.

    If the JCE libraries are installed, you see the following messages during CA Identity Manager application startup:

    2012-07-06 11:23:56,079 WARN  [ims.default] (main) * Startup Step 2 : Attempting to start PolicyServerService
2012-07-06 11:23:56,081 WARN  [ims.default] (main) Unlimited Strength Java Crypto Extensions enabled: TRUE

    Otherwise, the value is false for the "Unlimited Strength Java Crypto Extensions enabled" entry. CA Identity Manager fails to connect to the Policy Server.