1.2 Self Service Password Reset Architecture

Self Service Password Reset is a web-based application that can be deployed to any web server or application server that supports a web archive. The Figure 1-1 depicts the architecture for Self Service Password Reset.

Self Service Password Reset consists of the following components:

  • User Accounts (LDAP): The LDAP directories contain the user accounts Self Service Password Reset manages. The types of LDAP directories that Self Service Password Reset supports are Active Directory, eDirectory, and Oracle Directory Server.

  • Tomcat Server: As you can see in Figure 1-1, the Self Service Password Reset application must run on a web server, such as a Tomcat server.

  • Self Service Password Reset: Self Service Password Reset is a Java-based web application that contains the following items:

    • Administration Console: Self Service Password Reset contains a web-based administration console. Administrators use the administration console to configure Self Service Password Reset, to view recent log events, download the current XML configuration file, manage certificates, and export or import the contents of the local database.

      If you are a help desk administrator, it allows you to manage user accounts, passwords, and reset intruder lockouts.

      You can also programmatically connect to Self Service Password Reset through REST Services. For more information, see the Self Service Password Reset REST Services Reference.

    • Users Web Pages: Self Service Password Reset provides a web interface for users to manage their passwords. The users access the interface through a browser that is supported on a desktop or a mobile device.

  • LDAP Directories and External Database: Self Service Password Reset stores the user challenge-responses in LDAP directories or external databases. Self Service Password Reset provides the local database for testing purposes only. Use an external database or an LDAP directory in production environments to store the users’ challenge-responses.

    Self Service Password Reset supports Microsoft SQL Server, PostgreSQL, and Oracle.

  • Secure Communication: By default, the appliance and Windows deployments communicate over HTTPS. The communications for the WAR file deployment depends on how you have your Tomcat web server configured.

Figure 1-1 Architecture of Self Service Password Reset