Previous Topic: Configure CA EEM With NTLM AuthenticationNext Topic: Configure CA SiteMinder With CA EEM Authentication

Authenticate UsersConfigure CA SiteMinder Authentication

Configure CA SiteMinder Authentication

Specify the CA SiteMinder authentication details in CA Open Space so that users with CA SiteMinder credentials can log in to CA Open Space.

Follow these steps:

  1. Install the Apache server and install CA SiteMinder agent on the Apache server.
  2. Open the httpd.conf file located in conf folder the Apache server.

    Example: C:\Program Files (x86)\Apache Software Foundation\Apache2.2\conf\

  3. Ensure that the httpd.conf file has the following configuration: 
    <IfModule proxy_module>

    	ProxyRequests Off

    	<Proxy *>
 		Order deny,allow
 		Allow from all
 	</Proxy>

    	

    	# This is important - 

    	# Don't forward URIs which starts with /siteminderagent to open space server.

    	ProxyPass /siteminderagent !
 

    	#Forward all URI to given urls
 	ProxyPass / http://<web-id-of-the-company:port>/

    	ProxyPassReverse / http://<web-id-of-the-company:port>/

       	ProxyPreserveHost Off
 	ProxyErrorOverride On
</IfModule>
  4. Ensure that you have enabled the following modules in the conf file: 
    LoadModule proxy_module modules/mod_proxy.so

    LoadModule deflate_module modules/mod_deflate.so

    LoadModule headers_module modules/mod_headers.so

    LoadModule proxy_ajp_module modules/mod_proxy_ajp.so

    LoadModule proxy_http_module modules/mod_proxy_http.so

    LoadModule rewrite_module modules/mod_rewrite.so
  5. Stop the Apache server, wait till LLAWP.exe is killed, and start the Apache server.

    The Apache server is configured with the reverse proxy pointing to the CA Open Space server.

  6. If you are not using a default tenant for CA SiteMinder authentication, add an entry in the DNS server with the Company Host of the new tenant pointing to the CA Open Space server. For testing purpose, you can add an entry in the C:\Windows\System32\drivers\etc\hosts on the Apache web server machine for the onboarded tenant.

    Format: CA_Open_Space_Server_IP_Address Company Host

    Example: 10.131.87.34 test.company.com

  7. Log in to the CA Open Space server and add the following configuration details in the portal-ext.properties file located in the OSOP folder of the CA Open Space installation directory: 
    #### Reverse Proxy Configuration
web.server.protocol=http
web.server.http.port=80
web.server.https.port=-1
web.server.host=<apache-host-name>
  8. Log in to the CA Open Space tenant control panel as a tenant administrator.

    Example: http://<Company_Host_Name>:8686/group/control_panel

    Note: To configure CA SiteMinder authentication for a default tenant, login to the http://<CA_Open_Space_Server_Name>:8686/group/control_panel URL as the administrator.

  9. Select Portal Settings, Authentication, SiteMinder.
  10. Select the Enabled check box.
  11. Import Users from LDAP and select the Import Users from LDAP check box.

    CA SiteMinder authentication is configured.

  12. Verify the CA SiteMinder authentication:
    1. Log in to any machine and access the Apache server using the http://Apache_Server_Host_ Name:Apache Port Number URL.
    2. Enter the CA SiteMinder credentials on the CA SiteMinder authentication window.

      The CA Open Space Home page is displayed.