Windchill URL Considerations
When configuring the form-based authentication solution, access to some Windchill URLs must be constrained by the solution, whereas others must not be constrained.
Relative Windchill web application URLs are stored in the <Windchill>/apacheConf/config/authResAdditions.xml file, where <Windchill> is the Windchill installation directory.
Each URL is stored in a resource tag. For example, the following resource tags are contained in the file:
<resource>pdmlink/jsp</resource>
<resource>servlet/WindchillAuthGW</resource>
<resource type="protocolAuth">protocolAuth</resource>
<resource type="anonymous">servlet/WindchillGW</resource>
With regard to form-based authentication, the URLs can be grouped as follows:
• Those URLs in resource tags that include the type attribute, such as:
<resource type="protocolAuth">protocolAuth</resource>
<resource type="anonymous">servlet/WindchillGW</resource>
• Those URLs in resource tags that do not include the type attribute, such as:
<resource>pdmlink/jsp</resource>
<resource>servlet/WindchillAuthGW</resource>
The URLs in resource tags with a specified type must not have a form-based authentication constraint applied; those URLs without a specified type must have a form-based authentication constraint applied.
Review the complete list of relative URLs in the file and ensure that only the set of URLs listed in resource tags that have no type attribute are constrained from the form-based authentication solution.