1.2 Self Service Password Reset Architecture

Self Service Password Reset is a web-based application that can be deployed to any web server or application server that supports a web archive. This means you can deploy Self Service Password Reset on-premise or in the Cloud.

The depicts the achitecture for Self Service Password Reset.

Self Service Password Reset consists of the following components depicted in Figure 1-1:

  • User Accounts (LDAP): The LDAP directories contain the user accounts Self Service Password Reset manages. The types of LDAP directories that Self Service Password Reset supports are Active Directory and eDirectory.

  • Tomcat Server: As you can see in Figure 1-1, the Self Service Password Reset application must run on a web server, such as a Tomcat server. If you use the appliance or Windows deployment, Tomcat is included. If you use the WAR file to deploy Self Service Password Reset, you must have a Tomcat web server running.

  • Self Service Password Reset: Self Service Password Reset is a Java-based web application that contains the following items:

    • Administration Console: Self Service Password Reset contains a web-based administration console. Administrators use the administration console to configure Self Service Password Reset, to view recent log events, download the current XML configuration file, manage certificates, and export or import the contents of the local database.

      If you are a help desk administrator, it allows you to manage user accounts, passwords, and reset intruder lockouts.

      You can also programmatically connect to Self Service Password Reset through REST Services. For more information, see the Self Service Password Reset REST Services Reference.

    • Users Web Pages: Self Service Password Reset provides a web interface for users to manage their passwords. Users access the interface through a browser that is supported on a desktop or a mobile device.

  • LDAP Directories and External Database: Self Service Password Reset stores the user challenge-responses in LDAP directories or external databases. Self Service Password Reset provides the local database for testing purposes only. Use an external database or an LDAP directory in production environments to store the users’ challenge-responses.

    Self Service Password Reset supports Microsoft SQL Server and Oracle.

  • Secure Communications: By default, the appliance and Windows deployments communicate over HTTPS. The communications for the WAR file deployment depends on how you have your Tomcat web server configured.

Figure 1-1 Architecture of Self Service Password Reset