When creating an HTML file using the Configuration server-based
model in the Deployment Wizard, the next window after the Configuration
Model window is the Logon Type window. On this window, you are presented
with the following three options:
- Prompt users to enter Z and I Emulator for Web user ID:
Select this option only if you want users to be challenged for their
credentials. This is the default option.
- Use Web Express Logon: Select this option
to map the user's network ID to the Z and I Emulator for Web ID, which will
log users on to the Z and I Emulator for Web server.
|
Note that
you must have your user profiles already set
up on your Z and I Emulator for Web configuration server. If you do not have
your user profiles set up and you attempt to launch the HTML file,
you will get the following error message:
WELM051 User name returned from Web Express Logon
is not a known Z and I Emulator for Web user
|
Selecting this option also requires that you add an additional
Vault credential mapper and all of its parameters to your web.xml
file. For example, take the following steps:
- In the web.xml file, update the following INIT parameter with
the new Vault credential mapper name, for example,
CMPIConfigServer_
:
<init-param>
<param-name>CMPICredentialMappers</param-name>
<param-value>CMPIDCASPlugin, CMPIVaultPlugin,
CMPIConfigServer_ </param-value>
</init-param>
Add the parameter name for the new parameter
value specified above, and change the AUTH type to AuthType_ConfigServer
:
<init-param>
<param-name>CMPIConfigServer_</param-name>
<param-value>com.ibm.eNetwork.security.sso.cms.CMPIVault,
AuthType_ConfigServer, *</param-value>
</init-param>
- In the web.xml file, configure the remaining Vault parameters except these two parameters:
- CMPI_VAULT_DB_HOSTADDR_COL_NAME
- CMPI_VAULT_DB_HOSTAPP_COL_NAME
Use the section E. Add the required Vault parameters for the CMPIVaultPlugin. and F. Add the optional Vault parameters (if desired). as references. You will need to prepend the
new credential mapper name to the Vault parameter names, for example,
CMPIConfigServer_CMPI_VAULT_DB_ADDRESS.
- In your Vault credential mapper database, create a new table with
three columns, for example:
Be sure that the NETWORKID contains the network IDs, the ZIEID
column contains the Z and I Emulator for Web user IDs, and the PASSWORD column
contains the Z and I Emulator for Web passwords. Since you did not add parameters
in your XML file for HOSTADDRESS and APPLICATIONID, you do not need
to add the columns for these in your Vault credential database.
- Automatically log users on to Z and I Emulator for Web using
their Windows username: Select this option to allow Z and I Emulator for Web to
use the local system's ID for macro-based automation. You can either
allow Z and I Emulator for Web to use the network ID supplied to the network
security application or the Windows system ID to retrieve the host
credentials. If you use this option, be sure that you select the appropriate
User Identity Type in session properties and that you are using the
WAR file that is intended to be used with Windows Domain (wincms.war).
When using the Configuration server-based model and a network security
application such as Tivoli Access Manager, you may be accessing your
Z and I Emulator for Web pages
via a URL such as https://server_name/junction_name/
ZIEWeb/myziepage.html,
where
server_name is the name of the machine
running Tivoli Access Manager and
junction_name is
the junction that you create to point to your
Z and I Emulator for Web server
machine and your HTTP server's port number. If this is the case,
Z and I Emulator for Web will
try to contact the
Z and I Emulator for Web Service Manager to get your user,
group, and session information at the
server_name rather
than at the
junction_name. To remedy this
situation, edit the config.properties file found in the
ZIEWeb directory
of your
Z and I Emulator for Web install directory (\Program Files\HCL\
Z and I Emulator for Web\
ZIEWeb\config.properties)
by adding this line at the end of the file content:
ConfigServer=myzieserver.hcl.com
where
myzieserver is the machine you are pointing to
with the
junction_name.