Web Express Logon using the Configuration server-based model

When creating an HTML file using the Configuration server-based model in the Deployment Wizard, the next window after the Configuration Model window is the Logon Type window. On this window, you are presented with the following three options:
  • Prompt users to enter Z and I Emulator for Web user ID: Select this option only if you want users to be challenged for their credentials. This is the default option.
  • Use Web Express Logon: Select this option to map the user's network ID to the Z and I Emulator for Web ID, which will log users on to the Z and I Emulator for Web server.

    top Graphic Image
    Note that you must have your user profiles already set up on your Z and I Emulator for Web configuration server. If you do not have your user profiles set up and you attempt to launch the HTML file, you will get the following error message:
    WELM051 User name returned from Web Express Logon 
    is not a known Z and I Emulator for Web user
    Selecting this option also requires that you add an additional Vault credential mapper and all of its parameters to your web.xml file. For example, take the following steps:
    1. In the web.xml file, update the following INIT parameter with the new Vault credential mapper name, for example, CMPIConfigServer_:
      <init-param>
        <param-name>CMPICredentialMappers</param-name> 
        <param-value>CMPIDCASPlugin, CMPIVaultPlugin, 
      		CMPIConfigServer_	</param-value> 
      </init-param>
      Add the parameter name for the new parameter value specified above, and change the AUTH type to AuthType_ConfigServer:
      <init-param>
        <param-name>CMPIConfigServer_</param-name> 
        <param-value>com.ibm.eNetwork.security.sso.cms.CMPIVault, 
      			AuthType_ConfigServer, *</param-value> 
        </init-param>
    2. In the web.xml file, configure the remaining Vault parameters except these two parameters:
      • CMPI_VAULT_DB_HOSTADDR_COL_NAME
      • CMPI_VAULT_DB_HOSTAPP_COL_NAME
      Use the section E. Add the required Vault parameters for the CMPIVaultPlugin. and F. Add the optional Vault parameters (if desired). as references. You will need to prepend the new credential mapper name to the Vault parameter names, for example, CMPIConfigServer_CMPI_VAULT_DB_ADDRESS.
    3. In your Vault credential mapper database, create a new table with three columns, for example:
      • NETWORKID
      • ZIEID
      • PASSWORD
      Be sure that the NETWORKID contains the network IDs, the ZIEID column contains the Z and I Emulator for Web user IDs, and the PASSWORD column contains the Z and I Emulator for Web passwords. Since you did not add parameters in your XML file for HOSTADDRESS and APPLICATIONID, you do not need to add the columns for these in your Vault credential database.
  • Automatically log users on to Z and I Emulator for Web using their Windows username: Select this option to allow Z and I Emulator for Web to use the local system's ID for macro-based automation. You can either allow Z and I Emulator for Web to use the network ID supplied to the network security application or the Windows system ID to retrieve the host credentials. If you use this option, be sure that you select the appropriate User Identity Type in session properties and that you are using the WAR file that is intended to be used with Windows Domain (wincms.war).
When using the Configuration server-based model and a network security application such as Tivoli Access Manager, you may be accessing your Z and I Emulator for Web pages via a URL such as https://server_name/junction_name/ZIEWeb/myziepage.html, where server_name is the name of the machine running Tivoli Access Manager and junction_name is the junction that you create to point to your Z and I Emulator for Web server machine and your HTTP server's port number. If this is the case, Z and I Emulator for Web will try to contact the Z and I Emulator for Web Service Manager to get your user, group, and session information at the server_name rather than at the junction_name. To remedy this situation, edit the config.properties file found in the ZIEWeb directory of your Z and I Emulator for Web install directory (\Program Files\HCL\Z and I Emulator for Web\ZIEWeb\config.properties) by adding this line at the end of the file content:
ConfigServer=myzieserver.hcl.com
where myzieserver is the machine you are pointing to with the junction_name.