Configure LW-SSO

  1. Configure all external applications that integrate with the UCMDB Browser with LW-SSO settings. For details about LW-SSO authentication, see the relevant section in the Universal CMDB Hardening Guide.

    Note If you access the UCMDB Browser by IP address (not by FQDN), you should add the UCMDB Browser IP address to the UCMDB’s trusted hosts. You can do this from the JMX console. Under LW-SSO Configuration Management, locate the addTrustedIPs method and invoke it using the UCMDB Browser IP address value.

  2. Open the ucmdb_browser_lwsso_config.xml file in the \conf folder in an XML editor and make the following changes:

    • For the domain tag, enter the domain name of the UCMDB Browser (for example, net or domain-name.com).
    • For the value of initString, enter the exact value of initString that is defined for the UCMDB server and is retrieved when performing the procedure described in the section Retrieving Current LW-SSO Configuration in Distributed Environment in the relevant document listed in step 1.

Note  

  • In the case of an embedded UCMDB Browser, configure LW-SSO by going to Administration > Infrastructure Settings Manager > General Settings and configure settings that start with LW-SSO.

  • The UCMDB server name in the ucmdb_browser_config.xml file (under the <host_name> tag) should be the full DNS name (for example ucmdb-server.com).
  • When working with LW-SSO, the URL of the UCMDB Browser should also contain the domain name (for example http://UCMDB-SERVER.com:8088/ucmdb-browser/).
  • When upgrading from an older version to UCMDB Browser 4.05 or later, open the ucmdb_browser_lwsso_config.xml file in the \conf folder, and replace the following lines:

    <logoutURLs>
    <url>.*/logout.jsp.*</url>
    </logoutURLs>

    with:

    <logoutURLs>
    <url>.*/logout*</url>
    </logoutURLs>