IDM Blog-Oracle/Sun/Passlogix: SUN IDM Pass Through Authentication

Tuesday, November 3, 2009

SUN IDM Pass Through Authentication

TEST CASE _ 1

Some Time One Account have "N" of Virtual Account, and each Virtual Accounts have the same password after provision, But at the same Time If Virtual Account User have changed the password of Target Resource and Want to re-SET the password from other or existing Acccount ID and password. from Admin Module or End User Module then We use the concept of PASS THROUGH AUTHENTICATION CONCEPT

TEST CASE_2

If User has accesing N Number of resource and All user have diffrent password, and May be End user will lost the password, so that through PASSTHROUGH AUTHENTICATION TECHNIQUE end User can RESET THE PASSWORD.

Here In the video i have Explained Same Thing..

In this Video First i am opening the Oracle repository to check that WAVESET- REPOSITORY is working or not???? then i start the Glass Fish Application server. after that i start the Sun Identity manager 8.1

Then is start the Sun One Directory Server to Create One User in LDAP and RECONCILE the USer into Identity Manager. after that I Provison into AD and Other Resource.

Due to some LDAP PROBLEM i again create one user (test.passauth) then i assigned AD as Target Resource for Provisioning. after that i chage the password from one of the Virtual User, either from IDentity Manager or from Active Directory target Resource. so that the both password will be diffrent..

Then i assigned (test.passauth) as Account Administrator so that we can check the passthrough Authentication on both End User Login Page and Admin page also

Then click on Security Tab of Identity Manager Admin Login SCREEN. Then CLICK ON LOGIN Sub TAB.. Here actually Some Existing Login Module is presant so that i delete that one
and will create New Login Module.

Click on MANAGE LOGIN MODULE >>>

then It will open One New Form where you can put the name of the Passthrough Authentication Module (test.pass_AUTHENTICATION) >>>> Select the Resource where you want PASS THROUGH AUTHENTICATION .. here i want through Active Directory and Identity Manager user . so first i select the Active Directory then select the AD - Sub List. >>>>>> Next i select one more Account ID Group that Identity Manager. we can add Any number It depends on where you want this functionality.

>>> Select Login Sucess requirement = sufficent >>> SAVE --- Will do for Both or any number of resource same process like in Video.

Now click on Return Login Application >>>> Sleect where yopu want to mapp this component so here i have mapped with End User and Admin Login BOTH. >>>> Click on USER INTERFACE >>> SELECT THE NEWLY CREATED LOGIN MODULE GROUP NAME >>> check the session Time out and Organization also.

Same process here you can find with Administrative Login Screen also.

Now TEST THE COMPONENT >>> Logout from Admin Login.. and open the End USer Screen and put the Existing user ID and put the cross Resource password like what password you have put into IDM use in AD password and VICE VERSA.. so that you can reset the password from both end user and Admin Login Module.

This process is called PASS THROUGH AUTHENTICATION