Scenario Guide › Scenario Overview › Using CA SiteMinder to Support the Single Sign-On › How to Use Single Sign-On (SSO) with CA SiteMinder

How to Use Single Sign-On (SSO) with CA SiteMinder

You can use CA SiteMinder to support the Single-Sign-On (SSO) function for CA GovernanceMinder Portal users.

Users log in to a CA SiteMinder environment and are authenticated once. Users then have access to additional systems without being prompted to log in again at each site. CA SiteMinder maintains user credentials and a list of active sessions.

To implement SSO in the CA GovernanceMinder server environment, you must have the following CA SiteMinder components:

CA SiteMinder Policy Server - This server authenticates CA GovernanceMinder users and returns information that identifies the user account in the CA GovernanceMinder Portal. Typically you implement SSO using an existing CA SiteMinder Policy Server in the network environment.
CA SiteMinder Web Agent - This agent intercepts user requests that are sent to the CA GovernanceMinder Portal and authenticates CA GovernanceMinder Portal users. Install the Web Agent on an HTTP server or cluster that is compatible with CA SiteMinder and sized to handle portal traffic. We recommend that you use the Apache HTTP server. You can use an existing CA SiteMinder Web Agent, or you can install the agent on an HTTP server or a CA SiteMinder compatible cluster.

When you implement SSO, a CA SiteMinder Web Agent intercepts user requests submitted to the CA GovernanceMinder server, and queries the CA SiteMinder Policy Server to authenticate the user. The Policy Server returns user credentials that enable the CA GovernanceMinder server to identify the user in the local portal users file.

The CA GovernanceMinder and CA SiteMinder servers are typically located behind enterprise firewalls, and the HTTP server with the CA SiteMinder Web Agent is exposed to the public network.

The following diagram illustrates the CA SiteMinder and SSO interaction:

Single Sign-on (SSO) with CA SiteMinder Interaction

Note: For more information about CA SiteMinder implementation and configuration, see the CA SiteMinder Policy Server Configuration Guide, the CA SiteMinder Web Agent Configuration Guide, and other relevant portions of the CA SiteMinder documentation.

The following diagram illustrates how to implement SSO with CA SiteMinder:

How to Implement Single Sign-on (SSO) with CA SiteMinder

Follow these steps to implement SSO with CA SiteMinder:

Review SSO prerequisites.
Define CA GovernanceMinder system properties.
(Optional) Define CA GovernanceMinder SSO system properties.
(Optional) Configure SSO HTTP response headers.
(Optional) Login to CA GovernanceMinder with SSO.