|
|
|
SiteMinder provides single sign-on from SiteMinder to CA SSO environments. Users log into a SiteMinder or CA SSO environment, and once authenticated by SiteMinder, are authenticated for both environments. Authenticated users can access protected resources in either environment without having to re-enter credentials, as long as they are authorized. User authorization is based on the policies in effect within each environment.
When allowing users to access secure resources, SiteMinder and CA SSO each maintain user credentials in their own session stores. They also have their own proprietary session credentials that cannot be read by the other and, thus, user credentials are maintained separately. Since these credentials reside in different stores, to enable single sign-on, the SiteMinder Policy Server and CA SSO Policy Server must be part of the same cookie domain and share the same user or authentication store.
In this single sign-on configuration, the SiteMinder and CA SSO Policy Servers can be on the same or on different machines. SiteMinder can contain a Web Agent, Secure Proxy Server, or both. You use a Web Agent or Secure Proxy Server based on your own SiteMinder environment. CA SSO uses the eTrust Web Access Control (WAC) Web Agent, and you do not need to modify your current environment to enable single sign-on with SiteMinder.
Note: You must be intimately familiar with SiteMinder and CA SSO before configuring single sign-on between the products. For a list of supported SiteMinder, SiteMinder Secure Proxy Server, CA SSO, and eTrust WAC versions, refer to the 6.0 SiteMinder and Agents Platform Matrix on the Technical Support site.
| Copyright © 2010 CA. All rights reserved. | Email CA about this topic |