APS configuration for Apache web servers.

Document ID : KB000054238
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

Advanced password services (APS) v5.5 sp1 and later supports Apache as a web server. This document supplements the current APS documentation which does not include Apache configuration steps. This document will include the necessary additions that are needed in the httpd.conf file for APS to function on Apache.

Three Environment Variables must be created within the Web Server's CGI process space. These are SMPORTAL (which contains the full path to the SmPortal.cfg file), APS_LANG_PATH (which contains the path to the Language directory) and an update to the LD_LIBRARY_PATH so that SmCPW can find the SmPortal library. It is usually not sufficient to put these definitions into a user profile; they must usually be placed into special configuration files used by your Web Server.

If these variables are not set in the Web Server's CGI process space you may receive the following error when trying to submit a password change:

"Unable to locate SmPortal configuration File"

Apache also needs the addition of the directive ScriptAlias or all APS binaries may be displayed instead of executed.

Solution:

Apache environmental variables can be set in many ways here is one method. Add these lines to the Global Environment section of the httpd.conf file:

SetEnv LD_LIBRARY_PATH {CA web agent install directory}/webagent/bin
SetEnv SMPORTAL {CA web agent install directory}/webagent/bin/SmPortal.cfg
SetEnv APS_LANG_PATH {CA web agent install directory}/webagent/bin/Language

{CA web agent install directory} is the actual path not a variable such as /usr/local/netegrity

For the APS services add the following sections to the httpd.conf file:

ScriptAlias /CPW/ "{CA web agent install directory}/webagent/bin/web/CPW/"
<Directory "{CA web agent install directory}/webagent/bin/web/CPW/">
Options +ExecCGI
AllowOverride None
Order allow,deny
Allow from all
</Directory>

ScriptAlias /FPS/ "{CA web agent install directory}/webagent/bin/web/FPS/"
<Directory "{CA web agent install directory}/webagent/bin/web/FPS/">
Options +ExecCGI
AllowOverride None
Order allow,deny
Allow from all
</Directory>

ScriptAlias /APSAdmin/ "{CA web agent install directory}/webagent/bin/web/APSAdmin/"
<Directory "{CA web agent install directory}/webagent/bin/web/APSAdmin/">
Options +ExecCGI
AllowOverride None
Order allow,deny
Allow from all
</Directory>