Previous Topic: Enable the SiteMinder Policy Server Resource AdapterNext Topic: Restart the Application Server

Configuration GuideCA SiteMinder IntegrationDisable the Native CA IdentityMinder Framework Authentication Filter

Disable the Native CA IdentityMinder Framework Authentication Filter

With the SiteMinder adapter in place, the Framework Authentication Filter is no longer needed. The identity administrator can disable the filter.

Follow these steps:

  1. Locate and edit the web.xml file in the \user_console.war\WEB-INF folder under the iam_im.ear.
  2. Locate the FrameworkAuthFilter and switch the value of the Enable init-param to false.

    If you are using CA IdentityMinder r12.5 SP7 or later, verify that the Java Cryptographic Extension Unlimited Strength Jurisdiction Policy Files (JCE) are downloaded into \<Java_path>\<jdk_version>\jre\lib\security in the CA IdentityMinder environment. These files enable CA IdentityMinder to connect to SiteMinder.

    If the JCE libraries are installed, you see the following messages during CA IdentityMinder application startup:

    2012-07-06 11:23:56,079 WARN  [ims.default] (main) * Startup Step 2 : Attempting to start PolicyServerService
2012-07-06 11:23:56,081 WARN  [ims.default] (main) Unlimited Strength Java Crypto Extensions enabled: TRUE

    Otherwise, the value is false for the "Unlimited Strength Java Crypto Extensions enabled" entry. CA IdentityMinder fails to connect to the Policy Server.