Versions Compared

Old Version 1

changes.mady.by.user Madeline Meehan

Saved on

compared with

New Version Current

changes.mady.by.user Madeline Meehan

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from space PD and version 7.6

...

Field

CommentsExample
Base URLThis is the base URL of the Identity Providerhttps://stage.id.trimblecloud.com
Application Name/ScopeThis is the AMS application name (or scope) assigned in the IdpAgileAssets AMS

Client ID

This is the AMS application ID assigned by the Idpabc-def-ghi-jkl-mno

Client Secrete

This is the client secrete assigned by the IDP[Redacted]

OAuth Authorization Endpoint

OpenID Authorization End point
/oauth/authorize
OAuth Token EndpointOpenID Token End point
/oauth/token
OAuth User Info EndpointOpenID User information End point
/oauth/userinfo
Info
Note: Currently, the 3 endpoint URLs used in OpenID configuration must be in relative to the Base URL.


Idp configuration will also need a Redirect URL (or Call Back URL) from AMS. The URL is the application URL appended with /sso at the end. In this example, it will be https://quappv21.agileassets.com/ams-web/sso

AMS Configuration

Encrypt Client Secret

...

Make the following changes in AMS's web.xml file under Tomcat application folder. Note this section in web.xml file is by default commented out. Make sure to un-comment this section.

Code Block
languagexml
titleweb.xml
  <servlet>
      <servlet-name>SsoServlet</servlet-name>
      <servlet-class>com.agileassetsinc.core.servlet.SsoServlet</servlet-class>
      <load-on-startup>1</load-on-startup>
  </servlet>
 
  <servlet-mapping>
      <servlet-name>SsoServlet</servlet-name>
      <url-pattern>/sso</url-pattern>
  </servlet-mapping>
 
  <filter>
      <filter-name>OpenIdSSOFilter</filter-name>
      <filter-class>com.agileassetsinc.core.OpenidSsoFilter</filter-class>
      <init-param>
          <param-name>openIdBaseUrl</param-name>
           <param-value>Base URL (eg: https://stage.id.trimblecloud.com)</param-value>
       </init-param>
 
      <init-param>
          <param-name>openIdAppName<name>openIdScope</param-name>
          <param-value>Application Name (eg: AgileAssets AMS)</param-value>
      </init-param>
 
      <init-param>
          <param-name>openIdClientId</param-name>
          <param-value>Client ID (eg: abc-def-ghi-jkl-mno)</param-value>
      </init-param>
 
      <init-param>
          <param-name>openIdClientSecretEncrypted</param-name>
          <param-value>Encrypted Client Secret (eg: @aaEncrypted@ABCDEFG)</param-value>
      </init-param>

      <init-param>
          <param-name>openIdOauthAuthorizationEndpoint</param-name>
          <param-value>OpenID Authorization End point (eg: /oauth/authorize)</param-value>
      </init-param>

      <init-param>
          <param-name>openIdOauthTokenEndpoint</param-name>
          <param-value>OpenID Token End point (eg: /oauth/token)</param-value>
      </init-param>
 
      <init-param>
          <param-name>openIdOauthUserinfoEndpoint</param-name>
          <param-value>OpenID User information End point (eg: /oauth/userinfo)</param-value>
      </init-param>
  
  </filter>
 
  <filter-mapping>
      <filter-name>OpenIdSSOFilter</filter-name>
      <url-pattern>/sso</url-pattern>
  </filter-mapping>

...