Configure and Deploy the Password Manager
Steps
-
Copy
gapps-password-manager.warfrom thedist/gapps-password-managerdirectory to either:<pf_install>/pingfederate/server/default/deploy/Or the application-deployment directory in a different Web-servlet container of your choice.
-
In the directory
gapps-password-manager.war/WEB-INF/classes, edit the filegapps-password-manager-config.props, to provide valid client id, client secret, and oauth tokens for Google Apps.Follow the instructions in Obtain an application name, client ID, and secret section of this guide to obtain the client id and secret. Refer to Generate authorized OAuth 2.0 tokens for instructions on obtaining the token values.
You can use the
obfuscate.bat|shutility to mask the client secret, access token and refresh token value in the configuration file (recommended). The utility is located in the<pf-install>/pingfederate/bindirectory. Make sure to run the obfuscate utility with-lflag.Example:
obfuscate.[bat|sh] -l <Value to be obfuscated>As an option in this file, you may also change the default specifications (usable characters and length) for the randomly generated reset passwords that users will receive from the Password Manager.
-
Copy the
agent-config.txtfile, which was exported during the SP adapter, configuration, into the same directory. Learn more in SP Adapter Setup.../gapps-password-manager.war/WEB-INF/classes/ -
Start or restart PingFederate, or the servlet container in which the Manager is installed.