Previous Topic: CA SSO/WAC IntegrationNext Topic: Configure an smauthetsso Custom Authentication Scheme

Policy Server GuidesPolicy Server Configuration GuideCA SSO/WAC IntegrationConfigure an smetssocookie Web Agent Active Response Attribute

Configure an smetssocookie Web Agent Active Response Attribute

The smetssocookie Web Agent active response generates and sends an SSO cookie to a Web browser. The SSO cookie lets a SiteMinder-authenticated user access WAC or CA SSO protected content without having to reauthenticate.

To configure an smetssocookie Web Agent response attribute

  1. Click Policies, Domains.
  2. Click Response, Create Response.

    The Create Response pane opens.

  3. Verify that Create a new object is selected, and click OK.

    The Create Response: Select Domain pane opens.

  4. Click the radio button on the left of the domain you want, and then click Next.

    The Create Response: Define Response pane opens.

  5. Define a Name and Description for the response.
  6. Ensure that the SiteMinder radio button is selected and that Web Agent appears in the Agent Type drop-down list.
  7. Click Create Response Attribute.

    The Create Response Attribute pane opens.

  8. Verify that Create a new object is selected, and then click OK.

    The Create Response Attribute: Name pane opens.

  9. Click the Attribute drop-down list and select WebAgent-HTTP-Cookie-Variable.
  10. Click the Active Response radio button on the Attribute Kind group box.

    Additional fields appear in the Attribute Fields group box.

  11. In the Cookie Name field, type SSOTK.
  12. In the Library Name field, type smetssocookie.
  13. In the Function Name field, type GenEtssoCookie.

    Note: The function name is case-sensitive.

  14. In the Parameters field, define the following ordered set of tokens :

    <CA_PS_Host_Name>;<SSO_Auth_Host>;<SSO_AuthMethod>;<EncryptionKey>

    CA_PS_Host_Name

    Specifies the host name of the CA SSO Policy Server.

    SSO_Auth_Host

    Specifies the SSO authentication host name in the CA Policy Manager. You can specify this host name by going to Web Access Control Resources, Configuration Resources, Authentication Host.

    Required value: SSO_Authhost

    SSO_AuthMethod

    Defines the SSO authentication method.

    Required value: SSO

    EncryptionKey

    Defines the ticket encryption key for the SSO authentication host name in the CA Policy Manager.

    The cookie script appears in the Script field.

    Note: To improve legibility, you can type a space before and after any token.

  15. Click Submit.

    The Create Response Attribute task is submitted for processing, and the Create Response: Define Response pane reopens.

  16. Click Finish.

    The Create Response task is submitted for processing. When the task is complete, the response can be added to an OnAuthAccept rule.