Disable the Native CA Identity Manager Framework Authentication Filter

With the CA SSO adapter in place, the Framework Authentication Filter is no longer needed. The identity administrator can disable the filter.
cim140
With the CA SSO adapter in place, the Framework Authentication Filter is no longer needed. The identity administrator can disable the filter.
Follow these steps:
  1. Navigate to
    iam_im.ear/user_console.war/WEB-INF
     and open
    web.xml
    for editing.
  2. Locate the FrameworkAuthFilter and switch the value of the Enable init-param to false.
    If using
    Identity Manager
    release 12.5 SP7 or later, verify that the Java Cryptographic Extension Unlimited Strength Jurisdiction Policy Files (JCE) are downloaded at \<Java_path>\<jdk_version>\jre\lib\security in the
    Identity Manager
    environment. These files enable
    Identity Manager
    to connect to CA SSO.
    If the JCE libraries are installed, you see the following messages during
    Identity Manager
    application startup:
    2012-07-06 11:23:56,079 WARN [ims.default] (main) * Startup Step 2 : Attempting to start PolicyServerService 2012-07-06 11:23:56,081 WARN [ims.default] (main) Unlimited Strength Java Crypto Extensions enabled: TRUE
    Otherwise, the value is false for the
    Unlimited Strength Java Crypto Extensions enabled
     entry. When the value is false,
    Identity Manager
    fails to connect to the Policy Server.
In a Virtual Appliance environment, run
DisableIdmAuthFilterSecurity
command to disable the native 
Identity Manager
 framework authentication filter.