Administration Guide › Configuring CA SiteMinder® SPS › Configure the Security Token Service

Configure the Security Token Service

CA SiteMinder® SPS supports Secure Token Service (STS) for Office 365 to provide a WS-Trust-based mechanism for token issuance and translation. You can deploy one or multiple STS instances on a CA SiteMinder® SPS machine.

Deploy Multiple CA SiteMinder® SPS Instances

To deploy multiple STS instances, all the STS instances must have the same log4j configuration so that each STS instance logs in to the individual log file.

Follow these steps:

1. Perform one of the following tasks:
   • On Windows, perform the following steps:
     1. Navigate to installation_home/proxy-engine/conf.
     2. Open the SmSpsProxyEngine.properties file and uncomment the STS_AGENT_LOG_CONFIG_FILE variable in the file.
     3. Save the changes.
   • On UNIX, perform the following steps:
     1. Navigate to installation_home/proxy-engine.
     2. Open the proxyserver.sh file and uncomment the STS_AGENT_LOG_CONFIG_FILE variable in the file.
     3. Save the changes.
2. Navigate to installation_home/proxy-engine/conf/sts-config/globalconfig.
3. Open the agent-multiinstance-log4j.xml file.
4. Perform the following steps for each STS instance:
   1. Create an appender for the STS instance.

      Note: By default, the file contains one appender for an STS instance.

   2. Replace [SPS ROOT FOLDER] with the CA SiteMinder® SPS root folder path in the appender.
   3. Replace [STS Service Name] with the service name of the STS instance in the appender.
5. Save the changes.
6. Restart CA SiteMinder® SPS.

   A log file for each STS instance is created in installation_home/proxy-engine/logs with the following format:

   STS_service_name.log
   

7. Verify that each STS instance logs in to the individual log files.