Previous Topic: Anonymous Authentication SchemesNext Topic: How to Configure an OAuth Authentication Scheme

Policy Server GuidesPolicy Server Configuration GuideAuthentication SchemesCustom Authentication Schemes

Custom Authentication Schemes

If you want to use an authentication method that is not provided by CA SiteMinder®, you can create a custom authentication scheme. Once you create a Custom scheme, you must configure the scheme on the CA SiteMinder® Authentication pane.

Note: For information on configuring an smauthetsso custom authentication scheme, which is needed for enabling single sign-on from CA Single Sign-On to CA SiteMinder®, see CA SSO/WAC Integration.

Note: If you have installed the Software Development Kit, see the API Reference Guide for C for information about creating a custom authentication scheme.

Custom Scheme Prerequisites

The prerequisites of a Custom authentication scheme are determined when you create the scheme using CA’s APIs. Prerequisites will differ between authentication schemes.

Configure a Custom Authentication Scheme

You can use a custom authentication scheme to specify a scheme that the product does not provide.

Note: The following procedure assumes that you are creating an object. You can also copy the properties of an existing object to create an object. For more information, see Duplicate Policy Server Objects.

Follow these steps:

  1. Click Infrastructure, Authentication.
  2. Click Authentication Schemes.

    The Authentication Schemes page appears.

  3. Click Create Authentication Scheme.

    Verify that the Create a new object of type Authentication Scheme is selected.

  4. Click OK

    The Create Authentication Scheme page appears.

    Note: Click Help for descriptions of settings and controls, including their respective requirements and limits.

  5. Enter a name and a protection level.
  6. Select Custom Template from the Authentication Scheme Type list.

    Scheme-specific settings open.

  7. (Optional) Select the Allow Protection Override check box in Scheme Common Setup. This option specifies that the protection level in the library takes precedence over the protection level specified in the Administrative UI.
  8. Enter the library that is to process the credentials for the authentication scheme and the parameters that are passed to the library in Scheme Setup.
  9. (Optional) Select Persist Authentication Session Variables in Scheme Setup. If you do not select this option, session variables are not saved in the session store.
  10. Click Submit.

    The authentication scheme is saved and can be assigned to a realm.