Configuring application server security for the Maximo Anywhere apps

You can configure the Maximo Anywhere mobile apps to use the same authentication method as Maximo® Asset Management.

Before you begin

Configure the system to use application server security.

About this task

You can use Maximo Asset Management native authentication or you can configure basic or form-based application server authentication. You specify the authentication method for Maximo Asset Management by modifying the web.xml file on the computer where Maximo Asset Management is installed.

The XML files contain comment tags, which you must insert or remove to disable or enable certain properties. For example, inserting text inside <!-- and --> tags means that the code is commented out and cannot function as an active property.

1. On the computer where Maximo Asset Management is installed, go to the tpae_home\maximo\applications\maximo\maximouiweb\webmodule\WEB-INF directory and open the web.xml file for editing.
2. Uncomment the security-constraint parameter and add a line for the Maximo OSLC web resource by modifying the XML code as follows:

   <security-constraint>
   	<web-resource-collection>
   		<web-resource-name>MAXIMO UI pages</web-resource-name>
   			<description>pages accessible by authorised users</description>
   			<url-pattern>/ui/*</url-pattern>
   			<http-method>GET</http-method>
   			<http-method>POST</http-method>
   	</web-resource-collection>
   	<web-resource-collection>
   		<web-resource-name>MAXIMO UI utility pages</web-resource-name>
   			<description>pages accessible by authorised users</description>
   			<url-pattern>/webclient/utility/*</url-pattern>
   			<http-method>GET</http-method>
   			<http-method>POST</http-method>
   	</web-resource-collection>
   
   <!-- New line for protecting the Maximo OSLC servlet -->
   
   	<web-resource-collection>
   		<web-resource-name>MAXIMO OSLC</web-resource-name>
   			<description>pages accessible by authorised users</description>
   			<url-pattern>/oslc/*</url-pattern>
   			<http-method>GET</http-method>
   			<http-method>POST</http-method>
   	</web-resource-collection>
   
   	<auth-constraint>
   		<description>Roles that have access to MAXIMO UI</description>
   		<role-name>maximouser</role-name>
   	</auth-constraint>
   	<user-data-constraint>
   		<description>data transmission guarantee</description>
   		<transport-guarantee>NONE</transport-guarantee>
   	</user-data-constraint>
   </security-constraint>

3. On the Maximo Anywhere computer, go to the Anywhere\MaximoAnywhere\server\conf directory and open the worklight.properties file for editing.
4. Modify the authentication type property to match the Maximo Asset Management security configuration:

   ## Authentication type, possible values are: maximo, basic, form
   si.auth.type=maximo

   maximo

   Maximo native authentication

   basic

   Application server security with basic authentication

   form

   Application server security with form-based authentication

5. Build and deploy the Maximo Anywhere mobile apps.