CA EEM Getting StartedIntegrating With CA SiteMinder › How Single Sign-on Works between CA SiteMinder and CA EEM

Previous Topic: CA SiteMinder Configuration Parameters

Next Topic: How Authentication Works Using CA SiteMinder Authentication Schemes

How Single Sign-on Works between CA SiteMinder and CA EEM

If you use an application that has an existing CA SiteMinder session to access an CA EEM enabled application, CA EEM recognizes the CA SiteMinder session ticket and creates an CA EEM session without re-authentication.

The following is the basic flow of events for application created using CA EEM with CA SiteMinder integration:

Example: Protecting a web application using CA SiteMinder

A web application using CA EEM with web server pages protected by CA SiteMinder is considered.

  1. A user accesses a web application.
  2. CA SiteMinder prompts for user authentication and the user submits credentials and is authenticated.
  3. The user tries to access the original web application created using CA EEM.
  4. Servlet code accesses the HTTPServletRequest context and sends the CA SiteMinder session token to the CA EEM using authenticateWithArtifact.
  5. CA EEM Server validates the CA SiteMinder session against the CA SiteMinder Policy Server.
  6. An CA EEM session is created and the user identity is loaded, if validation succeeds.