PingFederate, Custom Authentication Module

Requirements

Installation

$ sudo <<HOME_PING_FEDERATE>>/pingfederate/sbin/pingfederate-shutdown.sh
$ sudo unzip pf.plugins.inwebo-authenticator.zip -d /tmp/pf-inwebo/
$ sudo cp /tmp/pf-inwebo/pingfederate/server/default/conf/template/assets/scripts/inWeboBrowser-*.js <<HOME_PING_FEDERATE>>/pingfederate/server/default/conf/template/assets/scripts/
$ sudo cp /tmp/pf-inwebo/pingfederate/server/default/conf/template/assets/images/* <<HOME_PING_FEDERATE>>/pingfederate/server/default/conf/template/assets/images/
$ sudo cp /tmp/pf-inwebo/pingfederate/server/default/conf/template/assets/css/inwebo.css <<HOME_PING_FEDERATE>>/pingfederate/server/default/conf/template/assets/css/
$ sudo cp /tmp/pf-inwebo/pingfederate/server/default/conf/template/inwebo.form.login.template.html <<HOME_PING_FEDERATE>>/pingfederate/server/default/conf/template/
$ sudo cp /tmp/pf-inwebo/pingfederate/server/default/deploy/pf.plugins.inwebo-authenticator.jar <<HOME_PING_FEDERATE>>/pingfederate/server/default/deploy/
$ sudo <<HOME_PING_FEDERATE>>/pingfederate/sbin/pingfederate-run.sh

inWebo - Secure Site

Mandatory values : 

  • Called URL: https://<yourdomain>.com:9031/
  • Authentication page ://<yourdomain>.com:9031/*
  • Wildcard used in path: Yes
  • Form name: Login
  • Login field name: username
  • Password field name: password

PingFederate - Server Configuration

  1. go to Admin Console and Login as 'Administrator'
  2. navigate to Server Configuration->Password Credential Validators
  3. create New Instance:

"Type" tab configuration

  • Name your instance and create an instance ID
  • Select the following type in the drop-down list : "PingFederate inWebo Authenticator"
  • click "Next"

"Instance Configuration" tab configuration 

Fill the "instance configuration" tab with your inWebo service information

  • inWebo Service ID → this ID is shown in the inWebo administration console.
  • inWebo Certificate File → a valid inWebo API certificate with authentication rights generated/downloaded in the inWebo administration console, under "Secure Sites" tab
  • inWebo Certificate Password → the corresponding password entered at certificate generation
  • click "Next"

"Extended Contract" tab configuration 

  • Leave unchanged.
  • click "Next"

"Summary" tab configuration 

  • Leave unchanged.
  • click "SAVE"

File Modification "inwebo.form.login.template.html"

  • Edit the file: <<HOME_PING_FEDERATE>>/pingfederate/server/default/conf/template/inwebo.form.login.template.html 
  • replace tag <<BOOKMARK_ALIAS>> by your inWebo BookMark Alias

PingFederate - Idp Configuration

  1. go to Admin console and Login as 'Administrator'
  2. navigate to Idp Configuration->Adapters
  3. create New Instance with `login template page` inwebo.form.login.template.html and inWebo Credential Validator Instance:

Adapter Instance "type" tab configuration

  • Name your instance and create an instance ID
  • Select the following type in the drop-down list : "HTML Form IdP Adapter"
  • click "Next"

Adapter Instance "IdP Adapter" tab configuration

  • For LOGIN TEMPLATE → enter " inwebo.form.login.template.html"
  • Click "Save"