|
|
|
This section explains the two possible authentication flows for authenticating CA Service Catalog users. The first authentication flow uses CA EEM alone. The second authentication flow uses CA EEM with CA SiteMinder, enabling single sign on and providing enhanced security.
By default, CA Service Catalog uses CA EEM to authenticate users. In this example of the basic authentication flow, requests from CA Service Catalog users pass through Tomcat, then pass through the MDB, and end at your authentication server, for example, Active Directory. The following diagram illustrates the basic authentication flow with CA EEM and Active Directory:
In this authentication flow with CA SiteMinder, requests from CA Service Catalog users go to CA SiteMinder for authentication. If the request is authorized, then the requests are forwarded to the Tomcat instance of Catalog Component by the web server hosting CA SiteMinder. Thus, in this flow, authentication requests from CA Service Catalog users are validated by CA SiteMinder. The following diagram illustrates the enhanced authentication flow with CA SiteMinder.
Note: As shown in the previous diagram, CA SiteMinder requires a web server: either Microsoft Internet Information Server (IIS) or Apache Tomcat. CA SiteMinder does not work directly with Tomcat and therefore relies on the request being redirected from the web server to the Tomcat instance.
| Copyright © 2013 CA. All rights reserved. |
|