|
|
|
The configuration process for the SiteMinder Connector is as follows:
The policy requires that you configure the typical SiteMinder objects that make up a policy; however, you use a custom SiteMinder authentication scheme.
Note: This policy is in addition to existing policies that are configured for SiteMinder access control.
All partnerships that use the SiteMinder Connector use a single configuration and connect to a single SiteMinder environment. You define the Connector configuration in the Deployment Settings of the Federation Manager UI. To enable the Connector for a given partnership, enable it at the partnership level. Disable the Connector at the partnership level or globally by disabling it in the Deployment Settings.
Important! If the Connector is disabled at the global level, Federation Manager ignores the check box at the partnership level.
At the partnership-level configuration for the SiteMinder Connector, there is an Enforce UserDN Comparison check box. If you leave this check box selected, the user directory for the Federation Manager deployment and the SiteMinder deployment must be the same physical directory. The name for both of these directories must be the same for user store lookups. If you clear the check box, Federation Manager uses the Universal ID to find the user record so the directories do not have to be the same. If you rely on the Universal ID, each user must have a unique Universal ID. If the Universal IDs are not unique, the system accessing the user record can retrieve the wrong record.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |