We have integrated our CA SSO r12.52 SP2 with our SharePoint 2010 server. We need to add the following responses at our application.
Is it possible to create the response as the following technote states for SM_USERGROUPS response?
If yes what are the Variables/Attribute Names for the other responses that we need?
Thank you in regards.
Firstly I am assuming you are using CA Agent for SharePoint and WSFED SSO for this Integration with SharePoint. If this is not the case please let know, because the below explanation is true for WSFED SSO using CA Agent for SharePoint.
SM_USERGROUP is by default included by the Agent for SharePoint "ConnectionWizard". Furthermore, SM_USERGROUP is enhanced by the FMATTR tag, which separates the single string of groups into separate lines / diffferent tags. Thus enabling SP (SharePoint) to identify all the groups in different lines. The ConnectionWizard is a utility shipped within the Agent for SharePoint Installation.
There is no R12.52 SP2 Agent for SharePoint 2010/2013, so it is unclear what Single Sign On Agent you have installed in the environment protecting the SharePoint Server.
With that being said, Single Sign On Authentication/Authorization "Responses" are "Responses" regardless if this is an Agent for SharePoint or not protecting the SharePoint Server.
As stated by Dennis, the SM_USERGROUP is a special attribute to return all groups the authenticated/authorized user is a member of, and it would not be used to return other response values.
Please refer to the following link which documents Single Sign On Responses;
Responses and Response Groups - CA Single Sign-On - 12.52 SP2 - CA Technologies Documentation
You can define what ever name is required per response, and return what ever LDAP attribute (Database field) value is needed in the response header.
As a correction...the special attribute to return a user's Group Membership with SiteMinder is "SM_USERGROUPS" not "SM_USERGROUP". I would also like to point out that if using "Nested Groups" in the SiteMinder environment, the attribute would be "SM_USERNESTEDGROUPS" to return all groups including the Nested Groups that a user is a member of.