This section contains the following topics:
SAML 2.0 Response to the SP on Authentication Failure
Federation Use Cases for Partnership Federation
Log Enhancements to Aid Troubleshooting
Federation Transaction Process Flows
Certificate List Cross References Partnerships
This release supports the de-provisioning of an individual user from a partnership, which is a portion of the SAML Name ID Management profile.
The administrator can configure a partnership to notify the Service Provider when a user fails to authenticate. The Service Provider can determine whether to redirect the user, or any other appropriate action.
CA SiteMinder® Federation enables single sign-on between enterprise users and Office 365 services. The following profiles are available for single sign-on to Office 365:
Note: The CA SiteMinder® Federation Standalone product does not support single sign-on to Office 365.
CA SiteMinder® Federation now lets users get access to a federated resource using their social networking credentials instead of the federation system credentials.
Social sign-on consists of the following features:
The features are independent of each other. You can configure the federation system to implement one or both of them.
This release includes a series of federation use cases and the associated CA SiteMinder® solutions for solving business problems. See Federation in Your Enterprise to review these use cases.
The federation log files FWSTrace.log and the smtracedefault.log now contain checkpoint log messages that indicate what is happening during a transaction. You can search on these checkpoint messages to follow some of the processes occurring during a transaction.
In addition to the checkpoint messages, there are transaction IDs in the log to follow a transaction. If a transaction fails, the checkpoint messages and transaction IDs can help you determine the specific problem.
A number of diagrams and process flows explain how CA SiteMinder® Federation executes various federated transactions. The process flows also include the associated checkpoint log messages at various stages of a transaction to help troubleshoot problems.
12.52 supports SAML 2.0 HTTP POST binding as a method for exchanging requests and responses during authentication and single log-out requests.
In the Administrative UI, the Certificate and Private Key List for X509 certificate management now includes a Partnerships column. This column displays the federated partnerships that use each private key/certificate. The partnerships are displayed as a link. If there is only one partnership in the column, the link takes you to a filtered partnership list. The list shows only the one partnership. If there are multiple partnerships in the column, the link takes you to an unfiltered federation partnership list.
|
Copyright © 2013 CA.
All rights reserved.
|
|