This section contains the following topics:
Post-Installation Configuration for Policy Server
Post-Installation Configuration for Web Server
Post-Installation Configuration for Siebel Server
You can create the authentication scheme using the CA SSO Administrative UI.
Perform the following procedure to install the authentication scheme.
Follow these steps:
<Siebel Agent Installation Directory>/siebel/bin
Siebel SSO Agent Authentication Scheme
(When you have completed the installation, you may optionally disable password acceptance by this Authentication Scheme.)
Custom Template
5
In general, this value should be NO HIGHER than the value for any other HTML-based authentication scheme supporting username and password authentication.
Checkmark—if Password Services is in use
SiebelSSOAuth
The Solaris and HP-UX platforms are case sensitive.
Enter a secret known only by the CA SSO administrator.
Re-enter the secret to confirm.
A configuration string constructed from the following parameters separated by a semicolon:
The FCC is the HTML page that collects credentials. This might be the URL that is used in another HTML-based authentication scheme. If you are unsure of the location of an appropriate FCC file on your system, and set the value for the FCC to:
/siteminderagent/forms/login.fcc
This displays the default CA SSO login form.
<User attribute> is the username that Siebel uses.
Default: UID
The value, in seconds, for the maximum amount of time between the moment the SSO ticket is created and the moment a user might present a ticket. In general, this will be a very short period of approximately 10 to 20 seconds. The default is 60.
The order of the individual components in the parameter string is not important.
CA SSO policies protect your Siebel applications and provide the framework for single sign-on (SSO). To create CA SSO policies to protect your Siebel resources, use the following process:
Follow these steps:
“COOKIE=_sn”
Attribute Kind |
User Attribute |
Variable Name |
SIEBELUSER |
Attribute Name |
uid This value should be the attribute used by the directory to locate users (whatever user attribute contains the Siebel username, typically uid). To determine the correct value, examine the user directory configuration and the DN lookup start and end. |
Attribute Kind |
Active Response |
Variable Name |
Leave this blank |
Library Name |
SiebelSSOAuth |
Function Name |
GetSSO Ticket In some environments, the function name should be GETSSOTicketWithDN. See Upgrade and Enable the New Encryption Ticket. |
Parameters |
Enter a string constructed from the following values:
Parameters can be in any order, separated by semicolons. |
Attribute Caching |
Recalculate the value to a number that is less than the PERIOD setting in the Authentication Scheme, typically 60 seconds or less. |
Copyright © 2015 CA Technologies.
All rights reserved.
|
|