Configuration GuideCA SiteMinder Integration › Disable the Native CA IdentityMinder Framework Authentication Filter

Previous Topic: Enable the SiteMinder Policy Server Resource Adapter

Next Topic: Restart the Application Server

Disable the Native CA IdentityMinder Framework Authentication Filter

With the SiteMinder adapter in place, the Framework Authentication Filter is no longer needed.

Follow these steps:

  1. Locate and edit the web.xml file in the \user_console.war\WEB-INF folder under the iam_im.ear.
  2. If you are using a version of CA IdentityMinder earlier than r12.5 SP7, locate the FrameworkAuthFilter and switch the value of the Enable init-param to false.

    If you are using CA IdentityMinder r12.5 SP7 or later, verify that the Java Cryptographic Extension Unlimited Strength Jurisdiction Policy Files (JCE) are downloaded into \<Java_path>\<jdk_version>\jre\lib\security in the CA IdentityMinder environment. These files enable CA IdentityMinder to connect to SiteMinder.

    If the JCE libraries are installed, during IM application startup, Step 2 appears as follows:

    2012-07-06 11:23:56,079 WARN  [ims.default] (main) * Startup Step 2 : Attempting to start PolicyServerService
2012-07-06 11:23:56,081 WARN  [ims.default] (main) Unlimited Strength Java Crypto Extensions enabled: TRUE

    Otherwise, the value is false for "Unlimited Strength Java Crypto Extensions enabled" entry. CA IdentityMinder fails to connect to the Policy server.