Layer7 Privileged Access Management

Expand all | Collapse all

Password management in Web application (https) integration with CA PAM

Jump to Best Answer
  • 1.  Password management in Web application (https) integration with CA PAM

    Posted 07-19-2018 05:13 AM

    Hello All,

    We have integrated, web application (https://my_domain.com) with CA PAM and the end user is successfully able to access the application using privilege account from PAM.

    Our query is can we manage the privileged account password of the web application from CA PAM ? If yes could you please let us know the configuration for the same.

    Thank you..!



  • 2.  Re: Password management in Web application (https) integration with CA PAM

    Posted 07-19-2018 10:06 AM

    Hello Shyam, That depends on what the credential source of the account is. Is this a built-in web application account whose credentials are stored in some configuration file? Or does it come from an external credential source that PAM could be integrated with? If it is an application account, please check the integration documentation at https://docops.ca.com/ca-privileged-access-manager/3-2/EN/integrating. Topics "Integrate a Java Application or Application Server” and "Integrate A2A Applications” would be of most interest here.



  • 3.  Re: Password management in Web application (https) integration with CA PAM

    Posted 07-19-2018 12:02 PM

    Hello Ralf,

     

    We are integrating CA PAM with splunk, rapid 7 Nexpose, AppSpider and Metasploit and few other web applications using databases and directory servers.

    And for few applications, we are not sure what's the credentials store. But we have got only the password change page, where it has old password and new password fields on the page.


    In these scenarios how do we do password management ?



  • 4.  Re: Password management in Web application (https) integration with CA PAM
    Best Answer

    Posted 07-19-2018 12:48 PM

    Hi Shyam, At this time PAM has no target connector that could interact with old and new password fields on a web page to change account credentials. PAM would have to be integrated with the credential source (file, DB, AD, LDAP etc) using one of the available target applications (see e.g. list at https://docops.ca.com/ca-privileged-access-manager/3-2/EN/reference/credential-manager-target-connector-settings/), or the A2A client.



  • 5.  Re: Password management in Web application (https) integration with CA PAM

    Posted 10-03-2018 11:53 PM

    Hello,

    We are not able to access the above mentioned URL. it is giving 404 error.