Symantec Access Management

 View Only
  • 1.  How to Configure and Use the JWT Authentication Scheme

    Broadcom Employee
    Posted Oct 11, 2019 09:34 AM
    How to Use the JWT Authentication Scheme


    [1] Configure JWT Authentication Scheme as per below documentation:

    https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/single-sign-on/12-8-03/configuring/policy-server-configuration/authentication-schemes/json-web-token-jwt-authentication-scheme/how-to-use-the-jwt-authentication-scheme.html



    [2] Protect a Resource with an Access Gateway agent using JWT Authentication Scheme:

    Assign the JWT authentication scheme to the realm that you prepared for protection as part of prerequisites. Note the URL of the protected resource for the next configuration step.



    [3] Configure proxy rules to forward request to backend target server:

    <nete:proxyrules xmlns:nete="http://www.ca.com/">
    <nete:forward>http://abc146.xyz.ca.com:88$0</nete:forward>
    </nete:proxyrules>

    Note:

    My backend server did not have any agent configured on it and it is listening on port 88.



    [4] Install and Configure Tomcat

    Follow these steps:

    Download the Tomcat installer from https://tomcat.apache.org/download-90.cgi.

    Run the installer and install Tomcat.

    Copy the entire jwt application folder to the Tomcat web apps folder.

    Restart Tomcat.

    Verify that you can access the sample web application at http://abc145.xyz.ca.com:8080/jwt/

    Note:

    In my case, i renamed the JWT_Sample_Application i downloaded to a simpler name like jwt. Hence the jwt path in the above Tomcat application link.



    [5] Configure Sample Web Application in Tomcat

    Follow these steps:

    Stop Tomcat.
    Navigate to \webapps\JWT_SAMPLEAPP\WEB-INF\classes and open the config.properties file.

    Set the CA_SSO_TARGET_URL field in the file to the URL of the resource that you protected with the JWT authentication scheme in the following format:

    CA_SSO_TARGET_URL=http://abc146.xyz.ca.com/test/

    Restart Tomcat.



    [6] Test Access to Sample Web Application

    Follow these steps:

    Access the following URL to test access to the same web application:

    http://abc145.xyz.ca.com:8080/jwt/

    Enter the login credentials of the user who is present in the user store that is configured with CA Single Sign-on.

    Log in to the web application.

    If the authentication is successful, user is given access to the protected resource.


  • 2.  RE: How to Configure and Use the JWT Authentication Scheme
    Best Answer

     
    Posted Oct 11, 2019 04:27 PM
    Thank you for sharing this with the community Osarobo!

    ------------------------------
    Chris Hackett
    Community Manager, Broadcom Enterprise Software Division
    Broadcom Inc.
    ------------------------------