NetIQ Documentation: NetIQ Access Manager 3.2 SP2 J2EE Agent Guide - Preparing the Sample Application for the Agent

7.2 Preparing the Sample Application for the Agent

Each Web application that you want to use with the J2EE Agent must be able to log in and log out of the Identity Server that you have configured the J2EE Agent to trust. You do this by configuring the web.xml file of the application.

The following sections describe the procedure to configure the web.xml file of the sample application (PayrollApp.ear):

7.2.1 Configuring for Login

In order to configure the login, you must specify in the web.xml file that the Web application uses FORM authentication. This is specified in the <login-config> section of the application descriptor in the WEB-INF/web.xml file as follows:

    <login-config>
        <auth-method>FORM</auth-method>
        <form-login-config>
            <form-login-page>/login</form-login-page>
            <form-error-page>/login</form-error-page>
        </form-login-config>
    </login-config>

The <form-login-page> and <form-error-page> elements need to be set to a URL that is mapped to the following servlet class:

com.novell.nids.agent.auth.LoginServlet

The <login-config> element in the example above specifies /login as the login page and the error page. The /login URL needs a servlet mapping within the application's web.xml file:

    <servlet>
        <servlet-name>LoginServlet</servlet-name>
           <servlet-class>
              com.novell.nids.agent.auth.LoginServlet
           </servlet-class>
    </servlet>

    <servlet-mapping>
        <servlet-name>LoginServlet</servlet-name>
        <url-pattern>/login</url-pattern>
    </servlet-mapping>

7.2.2 Configuring for Logout

To add a logout servlet and its servlet mapping to the web.xml file, modify the contents of web.xml as follows:

    <servlet>
        <servlet-name>LogoutServlet</servlet-name>
        <servlet-class>
            com.novell.nids.agent.auth.LogoutServlet
        </servlet-class>
          <init-param>
            <param-name>postLogoutURL</param-name>
            <param-value>/loggedOut</param-value>
         </init-param>
         <init-param>
             <param-name>websphereLTPAMechanism</param-name>
             <param-value>false</param-value>
        <description>
         This should be set to true in order to clear LTAP cookies and tokens in                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    case of websphere with LTPA as authentication mechanism
        </description> 
             </init-param>
    </servlet>

    <servlet-mapping>
        <servlet-name>LogoutServlet</servlet-name>
        <url-pattern>/logout</url-pattern>
    </servlet-mapping>