|
|
|
The CA SSO SiteMinder (smauthetsso) authentication scheme allows the SiteMinder Policy Server to validate CA SSO authentication credentials so that a user already authenticated in a CA SSO/WAC environment does not need to re-authenticate to SiteMinder. This custom authentication scheme accepts a CA SSO Cookie as a login credential; has it validated by an CA SSO Policy Server; extracts the user name from it; and verifies that the name is present in the SiteMinder user store. You can set this authentication scheme in a cookie, cookieorbasic, or cookieorforms mode.
You can configure one CA SSO Policy Server to failover to another CA SSO Policy Server when it fails for some reason. To configure failover, specify a comma-separated list of CA SSO Policy Servers in the parameter field on the Scheme Setup tab on the Authentication Scheme Dialog.
To configure an smauthetsso custom authentication scheme
Note: When you create or modify a Policy Server object in the Policy Server User Interface, use ASCII characters. Object creation or modification with non-ASCII characters is not supported.
From the Authentication Scheme Type drop-down list, select Custom Template.
Defines the name of the smauthetsso custom authentication scheme.
Required value: smauthetsso
Defines the Password of the CA SSO Policy Server administrator that you specify in the Parameter field.
Defines the administrator password once again.
Defines an ordered set of tokens separated by semicolons in the following format:
<Mode> [; <Target>] ; <AdminID> ; <CAPS_Host_A> [, <CAPS_Host_B>] ...
Examples:
cookie; SMPS_sso; myserver.myco.com
cookieorforms; /siteminderagent/forms/login.fcc; SMPS_sso; myserver.myco.com
Note: For improved legibility, you can enter a space before or after any token.
Determines the type of credentials that the authentication scheme accepts: cookie, cookieorbasic, or cookieorforms.
Only CA SSO cookies are acceptable.
Determines the login name and password to use with Basic authentication when you do not provide a CA SSO Cookie or the smauthetsso custom authentication scheme fails for any reason.
Determines the login name and password to use with Forms authentication when you do not provide a CA SSO Cookie or the smauthetsso custom authentication scheme fails for any reason.
(Optional) Defines the pathname of the .fcc file as is used by the HTML Forms authentication scheme.
Note: The <Target> is required for the cookieorforms mode and is not allowed for the cookie or cookieorbasic modes.
Defines the user name of the administrator for the CA SSO Policy Server. You specify this administrator’s password in the Secret and Confirm Secret fields. When authenticating to the CA SSO Policy Server, SiteMinder uses this administrator’s user name and password to request validation of CA SSO cookies.
Specifies the name of the host, where the CA SSO Policy Server resides.
(Optional) Specifies a comma-separated list of host names, one for each host on which the failover CA SSO Policy Servers reside.
You can assign the authentication scheme to a realm now.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |