To Deploy PAM Federated Sign-In Post Installation

  1. Download the PAM Federated Sign-In component to your PAM host machine (PAM Federated Sign-In Download)
  2.  

  3. When the download is complete, unpack the downloaded archive and copy its containing file cas.war to $PAM_HOME/web/webapps.
  4.  

  5. Edit the file $PAM_HOME/web/conf/catalina.properties and make the following modifications (if these any of these lines are not present, please add them):
    1. Set the property cas.managed.path to PAM’s managed path (secured URI) so it will look something like this cas.managed.path=https://pam.company.com:6443

    2.  

    3. Set the property cas.server.name to PAM’s managed path (secured URI) so it will look something like this cas.server.name=https://pam.company.com:6443

    4.  

    5. Set the property cas.server.prefix to PAM’s federated sign-in path (secured URI) so it will look something like this cas.server.prefix=https://pam.company.com:6443/cas

    6.  

    7. Set the property cas.view.defaultRedirectUrl to PAM’s GUI URL (secured URI) so it will look something like this cas.view.defaultRedirectUrl=https://pam.company.com:6443/xtam/

     

    Please take note of the port (:6443) in the above example. If you are using a port other than the default 6443, update this line to reflect the port number being used. If you are using a reverse proxy which is using port 443 then a possible, working value may be https://pam.company.com.

  6. Download and then unpack the web archive located here.
  7. Consider making a copy of the existing web.xml file in $PAM_HOME/web/webapps/xtam/WEB-INF in case of issues.
  8. Copy the downloaded web.xml file to $PAM_HOME/web/webapps/xtam/WEB-INF replacing the file with the same name which already exists.
  9. Restart the PamManagement (Windows) or pammanager (Linux) service.
  10. When the deployment is complete, the federated sign-in page will be available at the Managed Path entered in step 3a followed by /xtam.

To Deploy PAM Federated Sign-In During Installation