Previous Topic: Configure Single Sign-On from SiteMinder to CA SSONext Topic: Configure Single Sign-On from CA SSO to SiteMinder

Policy Server GuidesPolicy Server Configuration GuideCA SSO/WAC IntegrationConfigure Single Sign-On from CA SSO Client to SiteMinder

Configure Single Sign-On from CA SSO Client to SiteMinder

CA SiteMinder® provides single sign-on from the CA SSO Client to CA SiteMinder®.

To enable single sign-on from a CA SSO Client to CA SiteMinder®:

CA SiteMinder® Policy Server Configuration Steps

  1. Configure the smauthetsso custom authentication scheme using the Administrative UI.
  2. Create a domain, realm, and rules using the Administrative UI. Protect any resource with the CA SiteMinder® Web Agent.
  3. Configure the smauthetsso custom authentication scheme for a resource.
  4. Create a policy granting access to the protected resource to users who can access the browser protecting the CA SSO Client.

CA SSO Client Verification Steps

In the CA SSO Client SsoClnt.ini file, set the following items:

Note: The SsoClnt.ini file is installed in C:\Program Files\CA\CA SSO\Client on the CA SSO Client computer.

DomainNameServer=<eSSO_WA_FQDN> <SM_WA_FQDN>

eSSO_WA_FQDN

(Optional) Specifies the fully qualified domain name for the WAC Web Agent

SM_WA_FQDN

Specifies the fully qualified name for the CA SiteMinder® Web Agent

Overall Verification Steps

  1. Restart the CA SSO Client, CA SiteMinder® Policy Server, and web server hosting the Administrative UI.
  2. Access the protected browser through the SSO Client and enter the URL of the resource that the Policy Server protects.

    The resource appears without a rechallenge from CA SiteMinder®.

More information:

Realms

Rules

Domains