Confirm that the following prerequisites are met before deploying the PingIntelligence integration.
Before deploying the PingIntelligence integration:
-
Configure the gateway using CA API Gateway Policy Manager.
PingIntelligence was developed with and qualified with CA API Gateway 9.4. Contact PingIdentity for other supported releases.
-
Install and configure the PingIntelligence 4.0 or higher software.
For more information, refer to PingIntelligence manual deployment or PingIntelligence automated deployment for virtual machines and servers.
- Install Java on the system from where the bundle is imported into the CA API Gateway.
-
Verify that ASE is operating in
sidebandmode by running the following command in the ASE command line:/opt/pingidentity/ase/bin/cli.sh statusAPI Security Enforcer status : started mode : sideband http/ws : port 80 https/wss : port 443 firewall : enabled abs : enabled, ssl: enabled abs attack : disabled audit : enabled sideband authentication : disabled ase detected attack : disabled attack list memory : configured 128.00 MB, used 25.60 MB, free 102.40 MBIf ASE is not in
sidebandmode, then stop ASE and change the mode by editing the /opt/pingidentity/ase/config/ase.conf file. Set mode assidebandand start ASE. -
For a secure communication between CA and ASE, enable sideband authentication
by entering the following command in the ASE command line:
# ./bin/cli.sh enable_sideband_authentication -u admin –p -
To generate the token in ASE, enter the following command in the ASE command
line. Save the generated authentication token for further use.
A token is required for CA to authenticate with ASE. This token is generated in ASE and configured in the policy XML file.
# ./bin/cli.sh -u admin -p admin create_sideband_token