2.6 Deploying Your Authentication Class

  1. Create a jar file for your authentication class and any associated classes.

  2. Copy the jar file to the following location in the Identity Server:

    • Linux: /opt/novell/nam/idp/webapps/nidp/WEB-INF/lib

    • Windows: C:\Program Files (x86)\Novell\Tomcat\webapps\nidp\WEB-INF\lib

    If the Identity Server is in a cluster, the file needs to be copied to all members of the cluster.

  3. (Conditional) If you created a custom JSP page for your authentication class, copy it to the /opt/novell/nids/lib/webapp/jsp directory of the Identity Server.

    If the Identity Server is in a cluster, the file needs to be copied to all members of the cluster.

  4. In the Administration Console, click Access Manager > Identity Servers > Edit > Local > Classes.

    Authentication Classes

  5. From this page, click New.

    Creating a New Class

  6. Fill in the following fields:

    Display name: Specify a name that the Administration Console can use to identity this class.

    Java class: For a new class, select Other. This allows you to specify the path name of your Java class.

    Java class path: Specify the name of your Java class.

  7. Click Next, and specify any needed properties of your class.

    This is dependent upon your class. You need to specify properties only if your class requires them.

    This information is returned to your class in the props parameter when your class is called.

  8. Click Finish.

  9. To configure a method for your class, click Methods > New, and select your class for the Class field.

    When you configure a method, you specify which user stores can be used for authentication. This information is returned to your class in the uStores parameter when your class is called.

    For more information, see “Configuring Authentication Methods” in the NetIQ Access Manager 3.2 Identity Server Guide.

  10. Click Finish.

  11. To configure a contract for your class, click Contracts > New, and move your class to be a value in the Methods list.

    For more information, see “Configuring Authentication Contracts” in the NetIQ Access Manager 3.2 Identity Server Guide.

  12. (Optional) Default contracts can be specified for each authentication type that might be required by a service provider. These contracts are executed when a request for a specific authentication type comes from a service provider.

    For more information, see Supported Authentication Class Types and “Specifying Authentication Defaults” in the NetIQ Access Manager 3.2 Identity Server Guide.

  13. Click Finish > OK.

  14. On the Identity Servers page, click Update.

  15. Update any associated devices (Access Gateways, SSL VPN servers, or J2EE* Agents) that are using this Identity Server configuration.