Configure Mistral

Mistral have a file-based configuration, to configure Mistral you need to edit the config/mistral_config.xml file and set up the differents parameters. If you have already configured Mistral-IdM, you probably are ready to work with the Administrator Module.

This file is organized in the following sections:

Mistral Config

In this section you have to set up the parameters related with component of Mistral-IdM.

Mistral Certs Config

This section configures the parameters related with the server certificates. Since Mistral uses three modules, it should have three different server keys installed: IDP PKCS12, AUTHZ PKCS12 and ATTR PKCS12.

Note: path could be absolutes or relatives, if they are relatives, the base directory will be the Mistral installacion folder (e.g. /usr/share/mistral/).

LDAP Config

This section configures the parameters related with LDAP server.

eXist-db Config

This section configure the parameters related with eXist-db database.

XKMS Config

-- Only needed if you want enable the authentication based on certificates --



Edit the login web page

To edit the web page which is showed when a client need to be authenticated you have to follow this step:

  1. Create a html web page, this web must have a post form with the input fields 'user' and 'password'. If you like authentication with certificates you have to add another form with no fields.
  2. Edit manually the form, and in the 'action' parameter set '#MISTRAL_IDP_URL#' (without the quotation marks). If you have the certificates form, in its 'action' parameter set '#MISTRAL_IDP_CERT_URL#'.
  3. In the forms insert '#FORM_LOGIN#' as if it was a new html element.

An example could be like this:

<h1>This is a authentication web example</h1>
<form method="post" action="#MISTRAL_IDP_URL#">Login:
<input name="login" size="25" type="text">Password:
<input name="password" size="25" type="password">
<input value="Send" type="submit">
<h2>Authenticate by certs</h2>
<form method="post" action="#MISTRAL_IDP_CERT_URL#">
<input value="Send" type="submit">