We recently setup our CAPC to authenticate with SAML to meet government 2-factor signon requirements.
CAPC user interface is listening on 8181, but uses 8381 to authenticate with external source.
My problem is specific to the querybuilder:8581 "karaf" service running on the aggregator.
I use CURL to submit a URL that was generated by querybuilder, and specify -u <username:password> and -H <fake header to look like a windows/firefox browser> then -X "http:URL".
I have looked at a tcpdump and see that my aggregator is trying to authenticate on port 8382 when my CAPC is listening for authentication requests on 8381.
What I need is to know how to configure the apache karaf web application to talk to my CAPC using 8381 rather than 8382.
* tcpdump shows the communication attempt.
* logs show authentication fails and returns a 403-Forbidden html response.
* I can't find any documentation on CA that shows how to add a configuration line to change this.
* I this would be the file ???? "apache-karaf/etc/com.ca.im.odata.authservice.impl.AuthenticationService.cfg"
* I searched the hard drive and ran a grep for 8382 and can't find that value stored in any configuration files.
* karaf.log shows :
ERROR | 75773321-2168382 | 2017-07-18 20:11:11,261 | AuthenticationServiceImpl | e.impl.AuthenticationServiceImpl 1176 | -services.authentication | | Basic authorization error - failed to contact sso service. The sso service may be down.
./data/log/karaf.log
Any thoughts or ideas? Has anyone else encountered this issue? Is there a way to set the webapp configuration to attempt authentication to CAPC on 8381 instead of 8382 ?