Submit a ticketCall us

Get a crash course on Network Monitoring delivered right to your inbox
This free 7-day email course provides a primer to the philosophy, theory, and fundamental concepts involved in IT monitoring. Lessons will explain not only how to perform various monitoring tasks, but why and when you should use them. Sign up now.

Home > Success Center > Web Help Desk (WHD) > Configure Web Help Desk 12.2 for Common Access Card (CAC) systems

Configure Web Help Desk 12.2 for Common Access Card (CAC) systems

Overview

This article describes how to configure systems in a secure location running Web Help Desk 12.2 to use a common access card (CAC). 

Web Help Desk version 12.2 requires additional configuration to work in conjunction with an on-site CAC authentication system.

Environment

WHD version 12.2

Steps

Configure Windows Authentication Functional Framework Light Edition (WAFFLE) and Apache Tomcat 7.0 for WAFFLE servlet authentication.

This procedure must be completed after each Web Help Desk update because the related binary and configuration files must reflect updates incorporated in the latest Web Help Desk release for CAC integration.

Configure WAFFLE and Web Help Desk 12.2 for CAC systems

  1. Configure Web Help Desk 12.2 for WAFFLE 1.7 and Tomcat 7.0.
  2. Configure Web Help Desk for servlet authentication.
  3. (Optional) Configure a Group Policy Object (GPO) to propagate the appropriate security settings to your Microsoft® Internet Explorer® web browser.
  4. Verify your security settings by having all approved users open Web Help Desk in Internet Explorer.

    Web Help Desk supports Internet Explorer version 9 and later.

Configure Web Help Desk 12.2 for WAFFLE 1.7 and Tomcat 7.0

  1. Download the code.txt file attached to this KB article. 
  2. Download and install Web Help Desk 12.2.
  3. Download Waffle 1.7 from the following website:
    https://github.com/dblock/waffle/releases/download/Waffle-1.7.3/Waffle.1.7.3.zip
  4. In the downloaded file, open the waffle\bin folder.
  5. Copy the following files to your <WebHelpDesk>\bin\tomcat\lib directory:
    - guava-13.0.1.jar
    - jna-3.5.0.jara
    - platform-3.5.0.jar
    - slf4j-api-1.7.2.jar
    - waffle-jna.jar</web_help_desk>
  6. Open the following file in a text editor:
    <web_help_desk>\conf\tomcat_web_template.xml
  7. Open the code.txt file.
  8. In the file, copy the XML code to your clipboard.
  9. Close the file.
  10. In the tomcat_web_template.xml file, paste the code before the closing < /web-app > tag.
  11. Save and close the file.

Configure Web Help Desk for Servlet Authentication

  1. In Windows 7, click Start > All Programs.
    In Windows 8, navigate to the Apps screen.
  2. Locate the Web Help Desk folder.
  3. Double-click Web Help Desk.
    Web Help Desk opens in a new browser window.
  4. Log in as the administrator or a user with administrator privileges.
  5. In the toolbar, click Setup.
  6. In the General menu, click Authentication.
    The Authentication Settings window displays.
  7. Click the Authentication Method drop-down menu and select Servlet Authentication.
  8. In the Logout URL field, type the URL that redirects Web Help Desk to another webpage when the user logs out.
    If this field is left blank, Web Help Desk uses the default logout page.
  9. In the Tech Session Timeout (min) field, enter a value (for example, 60).
    This value indicates the time in minutes a tech or administrator session remains active.  
  10. In the Client Session Timeout (min) field, enter a value (for example, 15). 
    This field indicates the length in minutes a client session remains active without receiving any application requests.
  11. Select the Disable Tech Session Timeouts for Open Windows check box.
  12. Deselect the Require Authentication on External Hyperlinks check box to disable this option.
  13. In the Application API Keys field, ensure that no API keys are configured. 
  14. Click Save.  

Configure a GPO to Propagate Security Settings to Internet Explorer

In the Default Domain [yourdomain.com] Policy console tree, expand the following path:
User Configuration/Policies/Windows Settings/Internet Explorer Maintenance/Security

Click Import the current security zones and privacy settings.

When prompted, click Continue, and then click Modify Settings.
The Internet Properties dialog box appears.

Click the Security tab.
The Security tab window appears.

Click the Local Intranet icon, and then click Sites.
The Local Internet dialog box appears.

Click Close.

  1. Log in to the domain as a Domain Administrator.
  2. Click Start and select Run.
  3. In the Run window, execute the following command:
    mmc
    The Microsoft Management Console window appears.
  4. In the File menu, click Add/Remove Snap-in > Add.
    The Add or Remove Snap-ins dialog box appears. 
  5. In Available Snap-ins, scroll down and double-click Group Policy Management Editor, and then click OK.
    The Group Policy Wizard appears.
  6. In the Select Group Policy Object, click Browse.
    The Browse for a Group Policy Object dialog box appears.
  7. In Domains, OUs, and Linked Group Policy Objects, click Default Domain Policy, and then click OK.
  8. Click Finish, and then click OK.
  9. In the Default Domain [yourdomain.com] Policy console tree, expand the following path:
    User Configuration/Policies/Windows Settings/Internet Explorer Maintenance/Connection
  10. Double-click Automatic Browser Configuration. 
  11. Clear the Automatically Detect Configuration Settings check box, and then click OK.
  12. Double-click Security Zones and Content Ratings.
  13. In Add this website to the zone type*.yourdomain.com field, click Add.
  14. Select Require server verification (https) for all sites in this zone.
  15. Click OK.

Open Web Help Desk in Internet Explorer

  1. Open Internet Explorer and navigate to the following URL:
    https://webhelpdesk.yourdomain.com

    Windows Security dialog box displays.
  2. In the User Name and Password fields, enter your domain user name or email and password. 
  3. Select the Remember my credentials check box.
  4. Click OK.
    The Web Help Desk interface displays.  
Last modified
08:56, 12 May 2017

Tags

Classifications

Public