Policy Server Guides › Policy Server Configuration Guide › CA SSO/WAC Integration › Configure Single Sign-On from CA SSO Client to SiteMinder

Configure Single Sign-On from CA SSO Client to SiteMinder

SiteMinder provides single sign-on from the CA SSO Client to SiteMinder.

To enable single sign-on from an CA SSO Client to SiteMinder:

SiteMinder Policy Server Configuration Steps

1. Configure the smauthetsso custom authentication scheme using the Administrative UI.
2. Create a domain, realm, and rules using the Administrative UI to protect any resource with the SiteMinder Web Agent.
3. Configure the smauthetsso custom authentication scheme to protect a resource.
4. Create a policy that grants access to the protected resource to users who already have access the browser protected by the CA SSO Client.

CA SSO Client Verification Steps

Set the following in the CA SSO Client SsoClnt.ini file:

Note: The SsoClnt.ini file is installed in C:\Program Files\CA\CA SSO\Client on the CA SSO Client machine. More information on configuring the CA SSO Client exists in the CA SSO documentation.

DomainNameServer=<eSSO_WA_FQDN> <SM_WA_FQDN>

• eSSO_WA_FQDN

  (Optional) Specifies the fully qualified domain name for the WAC Web Agent

• SM_WA_FQDN

  Specifies the fully qualified name for the SiteMinder Web Agent

Overall Verification Steps

1. Restart the CA SSO Client, SiteMinder Policy Server, and Web server hosting the Administrative UI.
2. Access the protected browser through the SSO Client and enter the URL of the resource protected by the SiteMinder Policy Server.

   You should be able to access the resource without being rechallenged by SiteMinder.