- Verify versions supportedThe PingIntelligence policy is qualified with the following combination.If you are using any other versions of PingFederate or JDK, or any other PingFederate supported PCV, contact the Ping Identity support team for deployment support.
PingFederate Version JDK version Password Credential Validator (PCV) PingFederate 9.3.3 Oracle JDK8.0.u261
- Simple Username Password Credential Validator
- Install PingIntelligence software
Verify that API Security Enforcer (ASE) is in sideband mode
Check that ASE is in sideband mode by running the following ASE command.
/opt/pingidentity/ase/bin/cli.sh status API Security Enforcer status : started mode : sideband http/ws : port 80 https/wss : port 443 firewall : enabled abs : disabled, ssl: enabled abs attack : disabled audit : enabled sideband authentication : disabled ase detected attack : disabled attack list memory : configured 128.00 MB, used 25.61 MB, free 102.39 MB google pubsub : disabled log level : debug timezone : local (UTC)
- Enable sideband authenticationFor a secure communication between PingFederate and ASE, enable sideband authentication by entering the following ASE command.
# ./bin/cli.sh enable_sideband_authentication -u admin –p
- Generate sideband authentication token
A token is required for PingFederate to authenticate with ASE. To generate the token in ASE, enter the following command in the ASE command line. Save the generated authentication token for further use.
# ./bin/cli.sh -u admin -p admin create_sideband_token
- Enable connection keepalive between PingFederate and ASE
Complete the following prerequisites before deploying PingIntelligence policy on PingFederate: