Appendix B. Web Express Logon using the Configuration server-based model
When creating an HTML file using the Configuration server-based model in
the Deployment Wizard, the next window after the Configuration Model window
is the Logon Type window. On this window, you are presented with the following
three options:
Prompt users to enter Host On-Demand user ID: Select
this option only if you want users to be challenged for their credentials.
This is the default option.
Use Web Express Logon: Select this option to map
the user's network ID to the Host On-Demand ID, which will log users on to
the Host On-Demand server.
Note that you must have your user profiles already set up on your Host
On-Demand configuration server. If you do not have your user profiles set
up and you attempt to launch the HTML file, you will get the following error
message:
WELM051 User name returned from Web Express Logon
is not a known Host On-Demand user
Selecting this option also requires that you add an additional Vault
credential mapper and all of its parameters to your web.xml file. For example,
take the following steps:
In the web.xml file, update the following INIT parameter with the new
Vault credential mapper name, for example, CMPIConfigServer_:
In your Vault credential mapper database, create a new table with three
columns, for example:
NETWORKID
HODID
PASSWORD
Be sure that the NETWORKID contains the network IDs, the HODID column
contains the Host On-Demand user IDs, and the PASSWORD column contains the
Host On-Demand passwords. Since you did not add parameters in your XML file
for HOSTADDRESS and APPLICATIONID, you do not need to add the columns for
these in your Vault credential database.
Automatically log users on to Host On-Demand using their
Windows username: Select this option to allow Host On-Demand to use the
local system's ID for macro-based automation. You can either allow Host On-Demand
to use the network ID supplied to the network security application or the
Windows system ID to retrieve the host credentials. If you use this option,
be sure that you select the appropriate User Identity Type in session properties
and that you are using the WAR file that is intended to be used with Windows
Domain (wincms.war).
When using the Configuration server-based model and a network security
application such as Tivoli Access Manager, you may be accessing your Host
On-Demand pages via a URL such as https://server_name/junction_name/HOD/myhodpage.html,
where server_name is the name of the machine running
Tivoli Access Manager and junction_name is the junction
that you create to point to your Host On-Demand server machine and your HTTP
server's port number. If this is the case, Host On-Demand will try to contact
the Host On-Demand Service Manager to get your user, group, and session information
at the server_name rather than at the junction_name. To remedy this situation, edit the config.properties file
found in the HOD directory of your Host On-Demand install directory (\Program
Files\IBM\HostOnDemand\HOD\config.properties) by adding this line at the end
of the file content:
ConfigServer=myhodserver.ibm.com
where myhodserver is the machine you are pointing
to with the junction_name.