Authenticating Users from 3DPassport

To authenticate users from the 3DPassport SSO mechanism, you must first configure the security source in Mashup Builder and then add the 3DPassport SSL certificate to the Exalead CloudView trusted keystore.

This task shows you how to:

Configure the security source

  1. In 3DPassport, select Edit "issue" application at the top right of the screen.


  2. Click Application from the top left menu bar.
  3. Select General > Security.
  4. Remove the existing security provider.
  5. Add a CAS security provider.
    1. Click Add a security provider.
    2. Select CAS Security Provider and click OK.
    3. In the CAS Security Provider section, set the following parameters:

      Parameter Set to
      Authenticate to None
      CAS ticket validation filter Cas20
      Allow proxy ticket validation false
      CAS Server login URL https://HOST:PORT/iam/login
      CAS Server URL Prefix https://HOST:PORT/iam
      CAS Server logout URL https://HOST:PORT/iam/logout
      Server Name https://HOST:PROXY_PORT
      CAS attribute(s) for displayName name



  6. In the Mashup pages section, select all pages. You must typically secure all pages, except the login page.
  7. Save and apply configuration.

Trust 3DPassport SSL certificate

Exalead CloudView must be able to communicate with the 3DPassport (CAS authentication server). As communication with 3DPassport is done using an HTTPS connection, the SSL certificate of the 3DPassport must be known by Exalead CloudView.

This procedure uses the following variables:

  • PASSPORT_URL: the URL where 3DPassport has been installed, including port and path, i.e. https://passport.my-company.com:453/iam

  • ROOTDIR: the root directory where Exalead CloudView is installed

  • DATADIR: the directory specified at installation time, to store the index and configuration data for your Exalead CloudView instance.
  • INSTALLDIR: the directory containing the Exalead CloudView archive extraction

  1. Open PASSPORT_URL in a browser.
  2. Save the server certificate to ROOTDIR\DATADIR\security.
  3. Use keytool utility to import certificate to Exalead CloudView keystore:
    1. cd to ROOTDIR\datadir\security folder
    2. run INSTALLDIR\amd64-win64\java-jre\bin\keytool.exe -importcert -alias passport -file passport.cert -keystore trusted.servers.ks
    3. When prompted for the keystore password, type exalead.
  4. Restart Exalead CloudView.