How to hide or show authentication method tiles on the SecurID Access Prime Self-Service Portal's login home page (and other pages)
2 years ago
Originally Published: 2022-04-15
Article Number
000067895
Applies To
RSA Product Set:  SecurID Access
RSA Product/Service Type:  SecurID Access Prime
Issue
It is desired to either hide or show a particular authentication method tile on the login home page of the SecurID Access Prime's Self-Service Portal (SSP).

SSP's login home page:

SSP Login Home Page
Resolution
The following steps are given for Prime deployed on a Linux platform.

To hide an authentication method tile on the Self-Service Portal's (SSP) login home page, do the following on each Prime server that is running the SSP (this example will hide the "Security Q&A Authentication" tile):
 
  1. Login to the Prime server as the primekit user.
  2. Change directories to the /opt/rsa/primekit/configs/ssp/config/ directory.
    • cd /opt/rsa/primekit/configs/ssp/config/
  3. Create a backup copy of the authentication.xml file as a precaution.
    • cp authentication.xml authentication.xml.backup
  4. Edit the authentication.xml file.
    • vi authentication.xml
  5. Find the following section in the file (this section controls what authentication method tiles appear on the SSP's login home page):
    • <util:list id="HOME_PAGE">
                      <ref bean="adAuthenticationService"/>
                      <!-- <ref bean="rbaAuthenticationService"/> -->
                      <ref bean="tokenAuthenticationService"/>
                      <ref bean="questionAuthenticationService"/>
                      <ref bean="mfaAuthenticationService"/>
                      <!-- <ref bean="chainSQplusAD"/> -->
                      <!-- <ref bean="chainSMSplusAD"/> -->
                      <!-- <ref bean="chainEmailplusAD"/> -->
                      <!-- <ref bean="smsService"/> -->
                      <!-- <ref bean="emailAuthenticationService"/>-->
                      <!-- <ref bean="samlAuthenticationService"/> -->
      </util:list>
  6. Comment out the <ref bean="questionAuthenticationService"/> line, which refers to the "Security Q&A Authentication" tile.
  7. Save the modified version of the authentication.xml file.
  8. Restart the tomcat-ssp service.
    • service tomcat-ssp restart
  9. Browse to the SSP's login page and verify that the "Security Q&A Authentication" tile no longer appears.

To cause an authentication method tile to show up on the SSP's login page, the method in the <util:list id="HOME_PAGE"> section in the authentication.xml file can be un-commented out.
Notes
The steps in the Resolution section can be applied to hide or show an authentication method tile for other pages of the SSP, such as the "Forgot Password" page, that are referenced in sections that begin with <util:list id="EXAMPLE_PAGE_NAME"> within the authentication.xml file.

Modifying the authentication.xml so that an authentication method tile shows up on one of the SSP's pages does not necessarily mean that the authentication method can then be used to authenticate successfully: there may be additional configuration that is required to be able to use a given authentication method to authenticate successfully.

Related Articles

Trending Articles

Don't see what you're looking for?