Layer 7 Access Management

Tech Tip: How to setup a login form on the CA Access Gateway ?

  • 1.  Tech Tip: How to setup a login form on the CA Access Gateway ?

    Posted 03-29-2017 04:46 AM

    Introduction

    In CA Access Gateway environment, it could be useful to setup a login page directly on the Apache Proxy.

    As there are some rules in the httpd.conf we should be careful on where to put the files to prevent the mod_jk to send information to tomcat for proxying requests.

     

    Instructions

    Root cause :

    in httpd.conf we have the following

    JkUnMount /*/siteminderagent/forms/images/* ajp13

    AliasMatch /*/siteminderagent/forms/images/(.*) "C:/Program Files (x86)/CA/secure-proxy/proxy-engine/examples/siteminderagent/forms/images/$1" 

     

    1. Copy CUSTOM_POST.fcc to C:\Program Files (x86)\CA\secure-proxy\proxy-engine\examples\siteminderagent\forms

    2. Copy custom_image.png and custom_style.ccs to C:\Program Files (x86)\CA\secure-proxy\proxy-engine\examples\siteminderagent\forms\images

    3. Modify the CUSTOM_POST.fcc to reference correctly the custom_image.png and custom_style.ccs files

    <link rel="stylesheet" href="/siteminderagent/forms/images/custom_style.css" />

    ...

    <img id="bordergradient" src="/siteminderagent/forms/images/custom_image.png" />

     

    4. Form authentication scheme :

    webservername : server.domain.com

    port : apache port (88)

    target : /siteminderagent/forms/custom_post.fcc

     

    Once these instructions applied, you'll get the custom_post.fcc served by the Apache from CA Access Gateway.

    Additional Information

    How to fix the deployment location of login pages on CA Access Gateway (formerly SPS Secure Proxy Server) :

    https://www.ca.com/us/services-support/ca-support/ca-support-online/knowledge-base-articles.tec1977406.html

     

     

    KD : TEC1476517