Client configuration
17.7.2.2.3. Configuration of Airlock IAM client
  • Open the Config Editor
    • Make sure that the demo Airlock IAM configuration is loaded and active
    • Go to: Loginapp >> OAuth 2.0/OIDC Client (create if missing)
    • Add a new OAuth 2.0 Client Settings to the JSP Clients list.
      • Enter the "Client ID" and the shared secret into the respective fields
      • Set the "Authorization Endpoint URL" property from the determined values above
      • Set the "Token Endpoint URL" property from the determined values above
      • Set the "External Base URL" property from the determined values above
      • Enable the "Show Start Login Page" if you wish that the user needs to confirm the start of the OAuth 2.0 authentication process.
      • Add a new "OAuth 2.0 SSO Resource Request" plugin to the "Resource Requests" property list
        • Set the "Resource URL" to the Specific Username Resource Endpoint URL from above
        • Add a new "OAuth 2.0 Remote Username Resource" plugin to the "Contained Resources" list
          • Add a new "OAuth 2.0 Simple Resource Selector " plugin as the "Resource Selector" property
            • Set the "Key" property to "username"
        • Add a new "OAuth 2.0 Header Access Token Config" plugin as the "Access Token Config" property
          • Set the "Header Prefix" to "Bearer"
        • Add "authenticated" to the "Scopes To Request" property list (or any required roles/scopes)
        • Add a new "HTTP Client Config" to the "HTTP Client" property, leave its values on the defaults
  • Set the Loginapp >> Authentication Settings >> Login Page Type property to "OAuth 2.0 SSO"
  • Optional: Remove the "Data Sources" in the MAIN SETTINGS and remove any plugin dependent on the (now removed) persister to get a more realistic scenario.
  • Activate Configuration