3.1.  Application Contents

The IDentia-RP-Demo contains web pages such as index.jsp, home.jsp, test1.jsp, test2.jsp, and test3.jsp placed under the RP webapps folder (i.e. /opt/sp2-tomcat7/sp2_webapps/identia-rp-demo). These pages are for demo purposes only and can be replaced by your own application’s web pages. You can also modify the css, js and image files to accommodate your own application.

3.2.  Securing Web Pages

Open the securityContext.xml file and go to the unsecured pages section. Declare pages that do not require any authentication in this section.

Figure 1

Next, go to the secured pages section. Declare pages that requires authentication in this section.

Figure 2

You can add access values such as ROLE_ADMIN and ROLE_USER to identify pages that only ADMIN or USER are allowed to see. You can also add the access value IS_AUTHENTICATED_FULLY to declare pages that any authenticated users are allowed to see.

3.3.  Defining User Roles

In the securityContext.xml file, go to the userDetails section. The default setting maps the title of a user to the user roles.   You can change the value to any attributes in your LDAP, such as departmentNumber or occupationcode. The default setting defines title value manager as role ADMIN and USER; and title value associate as role USER. Replace these values with your own attribute values and roles.

Figure 3

For any authenticated users whose attribute value does not match the values listed in this section, the default setting sets a null for these users and they will not be granted access to the web pages. You can change the setting to other values such as ROLE_USER to default these authenticated users to role USER.

<< SAML RP Demo

Changing Domain Names and Port Numbers >>