Symantec Access Management

  • Private Community
 View Only

  • 1.  Facebook, LinkedIn, etc... as IDP Integration with SiteMinder as SP

    Posted Aug 21, 2013 02:49 PM
    Identity being managed more and more by external IDPs, I see a need for some businesses to allow their clients to leverage their Facebook, LinkedIn or any public IDPs to authenticate into their paltform. I know R12.51 supports integration with external IDPs but not really in what capacity.

    Has anyone implemented a design involving Facebook as an IDP and SiteMinder as an SP? Please let me know your thoughts on this?


  • 2.  Re: Facebook, LinkedIn, etc... as IDP Integration with SiteMinder as SP



  • 3.  Re: Facebook, LinkedIn, etc... as IDP Integration with SiteMinder as SP

    Posted Apr 20, 2017 10:09 AM

    Adding to above update.

    You are bound to get the issue mentioned in below KB article while implementing social login if you miss to import default CA certs.

    OAUTH Partnership Error Dispatcher object thrown unknown exception while processing the message 

     

    Please make sure to take the necessary steps mentioned in the KB article to resolve the issue.

     

    Thanks,

    Sharan



  • 4.  Re: Facebook, LinkedIn, etc... as IDP Integration with SiteMinder as SP

    Posted Nov 27, 2017 12:08 PM

    The Tech note should be modified / clarified to import Root CA and Intermediate Cert of Asserting Party i.e. Google or Facebook or LinkedIn or Twitter. Importing the defaultRootCA's that are shipped with CA SSO is a blanket dump import approach. Often these defaultRootCA's become outdated / expired over a period of time and are not updated until a CA SSO PS upgrade is performed. Hence for a recent POC which was done on R12.7, I did not import the defaultRootCA's; rather I downloaded only the RootCA and Intermediate Certificate from www.facebook.com and imported those certificates into WAMUI (worked like a charm!).