Home
Installing
Learn how to install the product.
Post installation tasks
After you install AppScan® Enterprise, complete these postinstallation tasks.
Authenticating with the Common Access Card (CAC)
The Common Access Card is the standard identification for active duty uniformed service personnel, Selected Reserve, DoD civilian employees, and eligible contractor personnel in the United States. It is used to enable physical access to buildings and controlled spaces, and provides access to DoD computer networks and systems. The CAC can be used for access into computers and networks that are equipped with various smart card readers. When it is inserted into the reader, the device asks the user for a PIN. This task helps you set up AppScan® Enterprise to allow CAC authentication over LDAP so that users can log in to AppScan Enterprise without providing a user name and password.
Support for Subject Alternative Name (SAN)
ASE supports CAC authentication using the Subject Alternative Name attribute.

Installing
Learn how to install the product.
- Planning the deployment and installation
  The configuration you use depends on a number of factors: what you plan to do with the software, how your organization and website or applications are structured, and how the information is to be distributed. Before you install the current release, review the information about hardware and software requirements, licensing, and other deployment considerations.
- Preinstallation tasks
  Before you install AppScan® Enterprise, you will need to prepare and configure your system.
- Installation tasks
  This section provides the instructions for installing AppScan® Enterprise.
- Post installation tasks
  After you install AppScan® Enterprise, complete these postinstallation tasks.
  - Postinstallation checklist
    After you install AppScan® Enterprise, review and complete all of the necessary tasks on the postinstallation checklist.
  - Verifying the agent service and alerting service installation
    During installation, two services were installed: the Agent Service and the Alert Service. You need to ensure that these services have been installed and are started. If the agent service is not started, any jobs that users create will not be picked up and run by the Server. If the alerting service is not started, any alerts that have been configured for users will not be issued. Make sure that only one instance of the alerting service is installed; otherwise, duplicate notifications might be sent out.
  - Configuring a basic user registry for the Liberty profile
  - Securing the deployment
    Follow these steps during installation and configuration to ensure your AppScan® Enterprise instance is secure.
  - Support for FIPS 140-2 and NIST SP800-131a security standards
    The National Institute of Standards and Technology (NIST) is the US federal technology agency that works with industry to develop and apply technology, measurements, and standards. AppScan® Enterprise Server can be configured to work with various security standards to meet security requirements required by the US government.
  - Authenticating with the Common Access Card (CAC)
    The Common Access Card is the standard identification for active duty uniformed service personnel, Selected Reserve, DoD civilian employees, and eligible contractor personnel in the United States. It is used to enable physical access to buildings and controlled spaces, and provides access to DoD computer networks and systems. The CAC can be used for access into computers and networks that are equipped with various smart card readers. When it is inserted into the reader, the device asks the user for a PIN. This task helps you set up AppScan® Enterprise to allow CAC authentication over LDAP so that users can log in to AppScan Enterprise without providing a user name and password.
    - Support for Subject Alternative Name (SAN)
      ASE supports CAC authentication using the Subject Alternative Name attribute.
- Advanced installation scenarios

Support for Subject Alternative Name (SAN)

ASE supports CAC authentication using the Subject Alternative Name attribute.

In addition to the steps described in Authenticating with the Common Access Card (CAC), do the following:

Modify the server.xml file:
1. Locate the server.xml file, at:
```
<install-dir>\AppScan Enterprise\Liberty\usr\servers\<ase instance name>\server.xml
```
2. In the <ldapRegistry> section of the file, add or edit these two attributes to look like this:
  - certificateMapMode="CUSTOM"
  - certificateMapperId="customLdapMapper"
SAN is a composite attribute containing other attributes, so you must specify the mapping to specifically fetch the LDAP attribute in the configuration JAR file:
1. Locate the SanAttributeReader.jar file of your AppScan Enterprise instance in:
```
<install-dir>\AppScan Enterprise\Liberty\usr\servers\ase\lib\ SanAttributeReader.jar
```
2. Rename it SanAttributeReader.zip and retrieve the config.properties file it contains.
3. Edit as needed.
4. Once you have verified that everything works fine, make sure to set the Logging value to off.