Policy Server Guides › Policy Server Configuration Guide › Authentication Schemes › SafeWord Server and HTML Forms Authentication Schemes

SafeWord Server and HTML Forms Authentication Schemes

This Authentication Scheme authenticates users against a SafeWord Server in conjunction with a custom HTML form, including users who are logging in via the SafeWord hardware tokens. You can define multiple instances of this scheme. The exact configuration parameters of the SafeWord Server are specified by the SafeWord configuration file.

SafeWord Server and HTML Forms Scheme Prerequisites

Ensure the following prerequisites are met before configuring a SafeWord Server and HTML Forms authentication scheme:

• The SafeWord Server is installed on a network accessible by the Policy Server.
• The exact location of the SafeWord Server is specified in the SafeWord configuration file.
• A customized .fcc file resides on a Web Agent server in the cookie domain in which you want to implement HTML Forms authentication. CA provides sample .fcc files under the Samples/Forms subdirectory, where you installed your Web Agent.
• A customized .unauth file resides on the Web Agent server

  Note: The .unauth file is not required if the .fcc file uses smerrorpage directive.

• A directory connection exists between the Policy Server and the user directory.
• The default HTML forms library is installed. The HTML forms library handles HTML Forms authentication processing:
  • SmAuthHTML.dll on Windows
  • smauthhtml.so on Solaris

  These files are installed automatically when you configure a Web Agent.

• (Sun Java Systems) If you are using a Sun Java Systems web server, increase the value of the StackSize parameter in the magnus.conf file to a value greater than 131072. Failing to change the value causes the web server to dump its core and restart each time CA SiteMinder® makes an authentication request using forms.

More information:

User Directories

Configure a SafeWord Server and HTML Forms Authentication Scheme

You can use a SafeWord Server and HTML Forms authentication scheme when you need to authenticate users against a SafeWord Server and a custom HTML form, including users who are logging in via SafeWord hardware tokens.

Note: The following procedure assumes that you are creating an object. You can also copy the properties of an existing object to create an object. For more information, see Duplicate Policy Server Objects.

Follow these steps:

1. Click Infrastructure, Authentication.
2. Click Authentication Schemes.

   The Authentication Schemes page appears.

3. Click Create Authentication Scheme.

   Verify that the Create a new object of type Authentication Scheme is selected.

4. Click OK

   The Create Authentication Scheme page appears.

   Note: Click Help for descriptions of settings and controls, including their respective requirements and limits.

5. Enter a name and protection level.
6. Select SafeWord HTML Form Template from the Authentication Scheme Type list.

   Scheme-specific fields and controls appear.

7. Enter the server name, the location of the SafeWord configuration file, and server and target information.
8. Click Submit.

   The authentication scheme is saved and can be assigned to a realm.