Create an Identity Provider for CA Directory, which acts as the OpenID UserInfo Endpoint. This allows CloudMinder to act as an external Identity Provider for applications you want to authenticate via OAuth.
Note: Perform this procedure for each tenant for which you configure CA CloudMinder as an external IdP using OAuth. You only need to do this once per tenant, not once per OAuth client for that tenant.
Follow these steps:
https://<GATEWAY_ONE_HOSTNAME>:8443/ssg/webadmin
The Create LDAP Identity Provider Wizard opens.
For example, enter CA Directory.
ldap://<LOAD BALANCER VIP>:20498
The DxRouter instances to which the Layer 7 Gateway connects run on the same machine as the SiteMinder Policy Server. For <LOAD BALANCER VIP>, enter the VIP of the SiteMinder Policy Server used on the application tier load balancer.
20498 is the is the LDAP port on which the Gateway is listening. Use this port number unless you have changed the LDAP port.
For example, ou=xxx,ou=xxx,o=xxx
To locate this information, log in to the CSP console, click Infrastructure, then Directory, then User Directories. Click to view the User Directory for your tenant. Under LDAP Search, the values labeled Root are your LDAP search root. Copy and Paste these values into the Search Base field.
For example, cn=xxx,ou=xxx,ou=xxx,o=xxx
To locate this information, log in to the CSP console, click Infrastructure, then Directory, then User Directories. Click to view the User Directory for your tenant. Under Administrator Credentials, the values labeled Username are your Bind DN. Copy and Paste these values into the Bind DN field.
This is the LDAP database connection password, specified during creation of the LDAP server. If you do not know this password, see your LDAP administrator.
|
Copyright © 2014 CA.
All rights reserved.
|
|