Layer7 Access Management

Expand all | Collapse all

Servicenow SiteMinder SSO for users accesing via intranet and internet

Jump to Best Answer
  • 1.  Servicenow SiteMinder SSO for users accesing via intranet and internet

    Posted 05-04-2017 07:43 AM

    Hi,

     

    We need to integrate ServiceNow application with SiteMinder using Federation Services with ServiceNow as SP and SiteMinder as IDP.

     

    Requirement - Users need to be authenticated using Integrated Windows Authentication when ServiceNow application is accessed from company's intranet network and need to be authenticated using a forms based authentication when ServiceNow is accessed from Internet.

     

    Solution - We thought of setting up 2 separate SiteMinder partnerships to cater to users authenticating internally and from internet. But ServiceNow SP has only one entity id and we are unable to set up 2 separate partnerships.

     

    Please advise the possible solution options to meet this requirement.

     

     

    Thanks,

    Chenna Kesav



  • 2.  Re: Servicenow SiteMinder SSO for users accesing via intranet and internet
    Best Answer

     
    Posted 05-04-2017 08:04 AM

    I'm dealing with a similar requirement at my customer site.  The solution I came up with is to leave the partnership configured with HTML Forms Authentication.  For the internal users, setup an internal website servicenow.mycompany.com.  Configure the index.html to be a meta-refresh to Service Now using the IdP initiated authentication URL for CA SSO.  Protect the index.html with the Windows authentication.

    Internal Users will access servicenow.mycompany.com and get Windows Authentication.  External users will get HTML forms.



  • 3.  Re: Servicenow SiteMinder SSO for users accesing via intranet and internet

    Posted 05-05-2017 01:49 PM

    Thanks David.

     

    I tried the solution option and it works fine.

    -- configured the redirect.jsp to use forms based authentication

    -- configured another website to do a meta refresh to service now and this is configured to use IWA

     

    Application works fine from Internet with forms based authentication. Internally it works fine in IE & Mozilla browsers. But in Chrome, it is displaying the forms based rather authenticating users with IWA method. Have you seen similar issue in your environment?

     

     

    Regards,

    Chenna Kesav