Submit a ticketCall us

Have You Auto Renewed? If not, you're missing out.
The SolarWinds Renewal Program comes with a host of benefits including the most recent product updates, 24/7 technical support, virtual instructor-led training and more. Experience all of this with the convenience of Auto Renewal, and never worry about missing any of these great benefits. Learn More.

Home > Success Center > Web Help Desk (WHD) > WHD SSO - WAFFLE authentication - Tomcat 6.x

WHD SSO - WAFFLE authentication - Tomcat 6.x

Table of contents

Overview

This article provides steps to WAFFLE authentication for Tomcat 6.x

Environment

All WHD versions

Steps

I. - Configure WAFFLE for Tomcat 6.0.

 

1. Download Waffle 1.5 from http://code.dblock.org/downloads/waffle/Waffle.1.5.zip

2. Copy the following files from the WAFFLE bin folder into <WHD>\bin\tomcat\lib:

  • guava-13.0.1.jar
  • jna-3.5.0.jar
  • platform-3.5.0.jar
  • slf4j-api-1.7.2.jar
  • waffle-jna.jar


3. Add the following before the closing </web-app> tag in <WHD>\conf\tomcat_web_template.xml:

    <filter>
          <filter-name>SecurityFilter</filter-name>
          <filter-class>waffle.servlet.NegotiateSecurityFilter</filter-class>   
          <init-param>
              <param-name>principalFormat</param-name>
              <param-value>fqn</param-value>
          </init-param>
          <init-param>
              <param-name>roleFormat</param-name>
              <param-value>both</param-value>
          </init-param>
          <init-param>
              <param-name>allowGuestLogin</param-name>
              <param-value>false</param-value>
          </init-param>
          <init-param>
              <param-name>impersonate</param-name>
              <param-value>false</param-value>
          </init-param>
          <init-param>
              <param-name>securityFilterProviders</param-name>
              <param-value>
                  waffle.servlet.spi.BasicSecurityFilterProvider
                  waffle.servlet.spi.NegotiateSecurityFilterProvider
              </param-value>
          </init-param>
          <init-param>
              <param-name>waffle.servlet.spi.NegotiateSecurityFilterProvider/protocols</param-name>
              <param-value>
                  Negotiate
                  NTLM
              </param-value>
          </init-param>
          <init-param>    
              <param-name>waffle.servlet.spi.BasicSecurityFilterProvider/realm</param-name>
              <param-value>WaffleFilterDemo</param-value>
          </init-param>
        </filter>
        <filter-mapping>
            <filter-name>SecurityFilter</filter-name>
            <url-pattern>/*</url-pattern>
        </filter-mapping>

 

II. - Configure Web Help Desk For Servlet Authentication

 

1. In Windows, click Start > All Programs.
2. Select the Web Help Desk folder.
3. Select Web Help Desk from the listing of Web Help Desk shortcuts.
Note: The Web Help Desk application is opened in a new browser window.
4. Log on as an administrator or as a user with administrator privileges.
5. Click the Setup icon from the toolbar.
6. Click the General menu.
7. Click the Authentication sub-menu.
8. In the Authentication Method field, select Servlet Authentication from the drop-down menu.
9. In the Logout URL field, type the URL the Web Help Desk should redirect to when the user logs out.
Note: If this field is left blank, then Web Help Desk will use the default logout page.
10. In the Tech Session Timeout (min) field, type a value, for example, 60.
Note: This field indicates the length in minutes a Tech or Administrator's session will remain active without receiving any application requests.
11. In the Client Session Timeout (min) field, type a value, for example 15.
Note: This field indicates the length in minutes a Client’s session will remain active without receiving any application requests.
12. In the Disable Tech Session Timeouts for Open Windows field, select the check box to enable.
13. In the Require Authentication on External Hyperlinks field, deselect the check box to disable the option.
14. In the Application API Keys field, confirm that no API Keys have been configured.
15. Click Save.
16. Click Close to exit the browser window.

III. - Stop The Web Help Desk Service

1. In Windows, click Start > All Programs.
2. Select the Web Help Desk folder.
3. Right-click the Stop Web Help Desk shortcut.
4. Select Run As Administrator from the menu.
Note: The DOS Prompt Window displays. When the command is complete, move on to next step.

IV. - Start The Web Help Desk Service

1. Click Start > All Programs.
2. Select the Web Help Desk folder.
3. Right-click the Start Web Help Desk shortcut.
4. Select Run as administrator from the menu.

(Optional) V. -  Configure A GPO To Push Internet Explorer Settings

1. Log on to the domain with the Domain Administrator account.
2. Click Start, click Run, type mmc, and then click OK.
3. On the File menu, click Add/Remove Snap-In, and then click Add.
NOTE: The Add or Remove Snap-Ins dialog box opens.
4. In Available snap-ins, scroll down to and double-click Group Policy Management Editor, and then click OK.
Note:  The Group Policy Wizard opens.
5. In Select Group Policy Object, click Browse. The Browse for a Group Policy Object dialog box opens.
6. In Domains, OUs, and linked Group Policy Objects, click Default Domain Policy, and then click OK.
7. Click Finish, and then click OK.
8. In the Default Domain [yourdomain.com] Policy console tree, expand the following path: User Configuration, Policies, Windows Settings, Internet Explorer Maintenance, Connection.
9. Double-click Automatic Browser Configuration, clear the Automatically Detect Configuration Settings check box, and then click OK.
10. In the Default Domain [yourdomain.com] Policy console tree, expand the following path: User Configuration, Policies, Windows Settings, Internet Explorer Maintenance, Security.
11. Double-click Security Zones and Content Ratings, click Import the current security zones and privacy settings, click Continue when prompted, and then click Modify Settings.
12. In the Internet Properties dialog box, click the Security tab, click Local Intranet icon, and then click Sites.
13. In the Local Internet dialog box, in Add this website to the zone type*.yourdomain.com, click Add, select the Require server verification (https) for all sites in this zone, click Close, and then click OK

 

VI. - Open Web Help Desk In Internet Explorer

1. Navigate to https://webhelpdesk.yourdomain.com
Note: Windows Security prompts for a User name and Password.
2. In the User name and Password fields, type your domain username or email and password, select the check box for Remember my credentials and click OK.

Last modified

Tags

Classifications

Public