Symantec Access Management

  • Private Community

  • 1.  SiteMinder Protection of Web application with Angular UI Routing

    Posted Sep 29, 2016 07:39 PM

    We are looking for recommended approaches for protecting web applications which use Angular UI routing with CA SiteMinder (SSO). The application team has informed us (the SiteMinder team) that protecting the front-end URLs of their Angular application with SiteMinder will pose some issues with the Angular UI routing. We have previously protected applications that use MVC framework with SiteMinder but Angular appears to be a bit different.

     

    Can anyone share any approaches based on previous experience or knowledge with such implementations?



  • 2.  Re: SiteMinder Protection of Web application with Angular UI Routing
    Best Answer

    Posted Sep 29, 2016 08:05 PM

    Hi,

     

    Would it be possible to share more information on what issue that encounter with following statement from application team?

    @@@

    The application team has informed us (the SiteMinder team) that protecting the front-end URLs of their Angular application with SiteMinder will pose some issues with the Angular UI routing.

    @@@

     

    I don't have the experience on Angular UI but if we know what the problem that SM contribute to Angular UI routing, it might help to find some workaround.

     

    Regards,

    Kar Meng



  • 3.  Re: SiteMinder Protection of Web application with Angular UI Routing

    Posted Sep 29, 2016 08:22 PM

    Hi Jamie,

     

    I agree with Kar Meng, we need more info to be able to help here.

    Looking at our support cases, I don't see many customer using Angular JS with SiteMinder.

    So, this will be something new for us as well

     

    However, doing some quick google search, other customer seems to have attempted this as well (hopefully successfully)

    angularjs - Siteminder SSO + Spring Security + Angular JS - Stack Overflow 

     

    Regards,

    Ujwol Shrestha

    Ujwol's Single Sign-On Blog 



  • 4.  Re: SiteMinder Protection of Web application with Angular UI Routing

    Posted Sep 30, 2016 03:20 PM

    Thanks for the responses. I am seeking more information from the application team and will follow up when they respond.

     

    Regards,

    Jaime



  • 5.  Re: SiteMinder Protection of Web application with Angular UI Routing

    Posted Jan 12, 2017 07:14 PM

    I have received more information from the application team on this topic of SiteMinder protecting Angularjs applications.

     

    1. The current Angular 1.6 version uses a UI Router which calls an API endpoint, retrieves data, and then updates the current view with that data. There is no page refresh. SiteMinder is intercepting this call and returning a page with the data as opposed to just the data itself, which is a problem.

     

    2. The current version of Angular (1.6) puts a “#!” before every URL.  Hashes in SiteMinder configuration seem to not work well, especially in login page redirections.

     

    Is SiteMinder designed to adequately protect Angular js applications? We are conducting a proof of concept at the moment but would like some recommendations on integrating SiteMinder with applications built on Angularjs framework.



  • 6.  Re: SiteMinder Protection of Web application with Angular UI Routing

    Posted Mar 31, 2017 10:56 AM

    Hi JaimeBritton, 

     

    Great to see this post we are also trying to find a good design to do the POC for protecting an Angular application using Siteminder. Do you have any findings/design to share from your POC.

     

    Thank you
    DD