Policy Server GuidesPolicy Design GuideCA SSO/WAC Integration › Configure an smetssocookie Web Agent Active Response Attribute

Previous Topic: Configure Single Sign-On from CA SSO to SiteMinder

Next Topic: Configure an smauthetsso Custom Authentication Scheme

Configure an smetssocookie Web Agent Active Response Attribute

The smetssocookie Web Agent active response generates an SSO cookie to a Web browser to allow a SiteMinder-authenticated user to access CA WAC or SSO protected content without having to reauthenticate.

To configure an smetssocookie Web Agent response attribute

  1. In the SiteMinder Response dialog, make sure the SiteMinder radio button is selected in the Agent Type group box and Web Agent is selected in the drop-down list.
  2. Click Create.

    The SiteMinder Response Attribute Editor dialog opens.

  3. From the Attribute drop down list, select the WebAgent-HTTP-Cookie-Variable response attribute for the Web Agent response.
  4. In the Attribute Setup tab, select the Active Response radio button.

    Your selection from the Attribute drop-down list and the response attribute type radio button you select determine the available fields in the Attribute Fields group box.

  5. In the Attribute Fields group box, specify the following:
    Cookie Name

    Defines the name for the SSO cookie. Required Value: SSOTK

    Library Name

    Defines the library name for the smetssocookie. Required Value: smetssocookie

    Function Name

    Defines the function name for the GenEtssoCookie. Required value: GenEtssoCookie

    The capitalization in the function name is significant and must match GenEtssoCookie.

    Parameters

    Defines an ordered set of tokens separated by semicolons in the following format:

    <CA_PS_Host_Name>;<SSO_Auth_Host>;<SSO_AuthMethod>;<EncryptionKey>

    Note: For improved legibility, you can enter a space before or after any token.

    <CA_PS_Host_Name>

    Defines the host name of the CA SSO Policy Server.

    <SSO_Auth_Host>

    Defines the SSO authentication host name in the CA Policy Manager. You specify this host name by going to Web Access Control Resources, Configuration Resources, Authentication Host.

    Default: SSO_Authhost

    SSO_Authhost is the default value for the CA SSO configuration that you must enter here.

    <SSO_AuthMethod>

    Defines the SSO authentication method. Required value: SSO

    <EncryptionKey>

    Defines the ticket encryption key for the SSO authentication host name in the CA Policy Manager. For more information, see Properties, Authentication Information, Advanced in CA Policy Manager for the host.

  6. Click OK to save your changes.
  7. Attach this active response to an OnAuthAccept rule.

More information:

Response Attribute Editor Dialog