XTAM Federated Sign-In; Benefits and Configuration
XTAM provides a federated sign-in experience that can be deployed during or after installation. The benefits of the XTAM Federated Sign-In:
- A more easily recognizable enterprise web login page supporting single sign-on.
- Provides integration opportunities with many commonly used multi-factor authorization (MFA) and two-factor authorization (2FA) providers.
- Requires the use of a non-self signed SSL Certificate ensuring web client connectivity is secured.
To Deploy XTAM Federated Sign-In During Installation
During the installation, check the option to include the Federated Sign-In component in the wizard.
On the Federated Connection page, check the Enable SSO option and enter your secured URL into the Managed Path field.
Complete the XTAM installation as required.
When the installation is complete, the federated sign-in page will be available at the Managed Path entered in step 2 followed by /xtam.
To Deploy XTAM Federated Sign-In Post Installation
Download the XTAM Federated Sign-In component to your XTAM host machine (XTAM Federated Sign-In Download)
When the download is complete, unpack the downloaded archive and copy its containing file cas.war to $XTAM_HOME/web/webapps.
Edit the file $XTAM_HOME/web/conf/catalina.properties and make the following modification:
Set the property cas.managed.path to XTAM’s managed path (secured URI) so it will look something like this cas.managed.path=https://xtam.company.com:6443
Set the property cas.server.name to XTAM’s managed path (secured URI) so it will look something like this cas.server.name=https://xtam.company.com:6443
Set the property cas.server.prefix to XTAM’s federated sign-in path (secured URI) so it will look something like this cas.server.prefix=https://xtam.company.com:6443/cas
Download and then unpack the web archive located here
Copy the web.xml file to $XTAM_HOME/web/webapps/xtam/WEB-INF replacing the file which already exists. (Consider making a copy of the existing web.xml file in case of issues.)
Restart the PamManagement (Windows) or pammanager (Linux) service.
When the deployment is complete, the federated sign-in page will be available at the Managed Path entered in step 3a followed by /xtam.