Searching the Help
To search for information in the Help, type a word or phrase in the Search box. When you enter a group of words, OR is inferred. You can use Boolean operators to refine your search.
Results returned are case insensitive. However, results ranking takes case into account and assigns higher scores to case matches. Therefore, a search for "cats" followed by a search for "Cats" would return the same number of Help topics, but the order in which the topics are listed would be different.
Search for | Example | Results |
---|---|---|
A single word | cat
|
Topics that contain the word "cat". You will also find its grammatical variations, such as "cats". |
A phrase. You can specify that the search results contain a specific phrase. |
"cat food" (quotation marks) |
Topics that contain the literal phrase "cat food" and all its grammatical variations. Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase. |
Search for | Operator | Example |
---|---|---|
Two or more words in the same topic |
|
|
Either word in a topic |
|
|
Topics that do not contain a specific word or phrase |
|
|
Topics that contain one string and do not contain another | ^ (caret) |
cat ^ mouse
|
A combination of search types | ( ) parentheses |
|
- Administer
- Grant Access to CMS UI
- Create a UCMDB Integration User
- Change the UCMDB Integration User Credentials
- Configure the UCMDB Server URL
- Configure LW-SSO
- Enable SAML Authentication
- Configure SSL
- Enable SSL with a Certificate from a Certification Authority
- Configure High Availability Mode
- Configure CAC Support
- Configure Multiple UCMDB Servers
- Change the Default Port of the Tomcat Server
- Configure to Use Encrypted Parameters on the Tomcat Server
- Deploy the CMS UI with a Different Root Context
- Disable the Embedded CMS UI
- Configure Reverse Proxy for Apache Tomcat and IIS Servers
- Configure an Environment to Use Multiple Reverse Proxies
- Configure a One-Time Authentication Token
- Configuration Mechanism
- Specify the Number of Concurrent Sessions
- Enable/Disable Timeout of a CMS UI Session
- Disable the Turn off Data URI Support Setting
- Authorize Access to CIs
- Logging User Statistics
- Set CMS UI Session to Expire
- Solr Auto Commit
- Best Practices for Working with the UCMDB Browser module
- Configure Browser Internal Priorities
- Re-brand the UCMDB Browser module
- How to View the Java Metrics for the UCMDB Browser module
- Initial Setup for Working with the UCMDB Bowser module
Configure a One-Time Authentication Token
The one-time authentication token is an additional means for the user to access CMS UI by a direct link (URL with parameters). With such a URL, the user does not need input credentials. The advantage of this method is that:
- The URL does not contain user credentials.
- The URL is for one time use only (after initial use, the URL cannot be used again).
Note You must have administrator rights in order to generate an authentication token for another user.
To configure and use the one-time authentication token:
-
Create a URL for obtaining the one time authentication token as follows:
http://<server-name>:<port>/ucmdb-browser/generate-authentication-token.jsp?username=<your_user_name>&password=<your-encrypted_password>&server=<ucmdb-server>&logged-in-user=<logged_in_user_name>
where the parameters server and logged-in-user are optional.
The following is an example of a URL for obtaining one time authentication token:
http://server-name:8088/ucmdb-browser/generate-authentication-token.jsp?username=johndoe&password=12345678&server=ucmdb-server
To generate the encrypted password:
- Go to JMX console > UCMDB-UI:name=UCMDB Integration > getEncryptedPasswordForURL.
- In the user name field, enter the user name.
- In the password field, enter the user's password.
-
Click Invoke.
Note
- Parameter names are case sensitive and should be used exactly as they appear in this documentation.
- When an optional parameter (such as server) is omitted, the first server from the configuration is used.
-
The server name in the [server] parameter should be taken from one of the <host_name> fields in CMS UI configuration file. If the [server] parameter is defined but it’s value does not correspond to any of the values of the <host_name> field in CMS UI configuration file, the authentication token will be not generated.
-
When you want to access CMS UI in a multi-customer environment, the following URL should be used:
http://<server-name>:<port>/ucmdb-browser/generate-authentication-token.jsp?username=<your_user_name>&password=<your-encrypted_password>&server=<ucmdb-server>&customer-id=<id>&logged-in-user=<logged_in_user_name>
-
Execute the URL prepared in the previous step. After successful execution, the Authentication-Token field in the response http-header contains the authentication token value created for the parameters you entered in the previous step. The http field is used here for a return value to enlarge security strength.
Note
- The response http-header fields can be viewed by using any external request interceptor (such as Fiddler) or tools embedded into a web browser (for example, in Chrome: Developer Tools > Network tab).
- If the credentials provided in the previous step are not valid, the authentication-token field is empty or not present at all.
Build the URL for the CMS UI by using the parameter authentication-token and the token value obtained in the previous step. For example:
http://server-name:8088/ucmdb-browser/?authentication-token=<token-value>
where token-value is the authentication token string obtained in the previous step.
After executing the URL, you are redirected to the CMS UI without having to enter user credentials.
Important For the one-time authentication token to work, you need to enable the LW-SSO framework. To do this, in the ucmdb_browser_lwsso_config.xml file, make sure that the value for enableLWSSOFramework, enableCookieCreation, and enableAutoCookieCreation is True.
<?xml version="1.0" encoding="UTF-8"?> <lwsso-config xmlns="http://www.hp.com/astsecurity/idmenablmentfw/lwsso/2.0"> <enableLWSSO enableLWSSOFramework="true" enableCookieCreation="true" enableAutoCookieCreation="true" cookieCreationType="LWSSO" enableSAML2Support="false"/>
Note After restarting the server of the CMS UI, all prepared authentication tokens are no longer valid.
We welcome your comments!
To open the configured email client on this computer, open an email window.
Otherwise, copy the information below to a web mail client, and send this email to cms-doc@microfocus.com.
Help Topic ID:
Product:
Topic Title:
Feedback: