Layer7 Access Management

Expand all | Collapse all

ADFS 3.0 and SiteMinder 12.52 SP1 Integration

  • 1.  ADFS 3.0 and SiteMinder 12.52 SP1 Integration

    Posted 08-09-2015 11:02 PM

    Hello All,

     

    We have a requirement to leverage 2nd factor authentication capability that we have built
    using CA SiteMinder 12.52 SP1 and AuthMinder 7.0.1 integration.

     

    Scenario

     

    We have a Microsoft based web application (e.g. App1) which is protected by ADFS 3.0 for
    a form based authentication (Username and Password). Our client wants the user
    to be redirected for a second factor authentication if the user is accessing
    the application from an external network (say Internet or any other Vendor
    network). Since, the client has deployed advance authentication solution using
    CA SiteMinder and AuthMinder for Arcot OTP, they want to leverage the same
    solution for this requirement.

     

    Solution Approach

     

    Step 1 - I am thinking to establish a IDP - SP relation between ADFS and SiteMinder. So that
    SiteMinder will consume the SAML2 assertion generated by ADFS, disambiguate the
    user, generate the SMSESSION and forward to a URL (say /adfs) protected with
    Arcot OTP auth scheme.

     

    Step 2 - I am thinking to do some scripting if required in the shimFinal.fcc (comes in Arcot
    integration) to prepare the final TARGET URL for the user to redirect to
    application.

     

    Questions

     

    1. Does anybody have experience in ADFS and SM federation trust configuration. I know
    there is a run book from CA but don't find that having detail steps. Do I need
    to configure a resource protected with SAML2.0 AuthScheme for this ?

     

     

    2. Does anybody have integrated SiteMinder with AuthMinder for 2nd Factor, where the
    1st factor is done by a third party IDP (ADFS in our case)? If yes, how did you
    handle the flow to redirect for the 2nd Factor?

     

    Thanks,

    Rajeeb



  • 2.  Re: ADFS 3.0 and SiteMinder 12.52 SP1 Integration

    Posted 03-07-2017 05:43 AM

    Hi Rajeeb,

     

    Step1 is looking good for me and you can refer below runbook to complete the configuration.

    SAP Portal Services 

     

    1. Does anybody have experience in ADFS and SM federation trust configuration. I know
    there is a run book from CA but don't find that having detail steps. Do I need
    to configure a resource protected with SAML2.0 AuthScheme for this ?
    -->Please refer below runbook which has complete details.
    https://support.ca.com/phpdocs/1/8231/runbooks/CASM-ADFS_as_IDP_FederationRunbookCertification-ver1.0.pdf

     

    Thanks,

    Sharan



  • 3.  Re: ADFS 3.0 and SiteMinder 12.52 SP1 Integration

    Posted 03-19-2019 06:53 AM

    Hi Sharan 

     

    One doubt that is can we integrate ca sso 12.8 version with ADFS on windows server 2016 .