Symantec Access Management

Hi, everyone!

I have client requesting integration of SiteMinder (12.52) and BlueCoat Proxy SG 6.5.2.1 appliance.

Scenario is like this:

- user logs (using domain account) on windows ws, which is a part of a windows domain. User wants to open internet page,

- instead of typing in domain credentials (and of course, having them remembered inside browser),

- user is redirected by bluecoat (as a SP) to SiteMinder (as a IdP)

- Siteminder uses IWA to create NTLM challenge for user. User is automatically authenticated to SM without need for input (except in case if user is not part of a domain)

-siteminder creates assertion and tada! user is authenticated to bluecoat.

Steps are outlined here on bluecoat site:

https://bto.bluecoat.com/sgos/ProxySG/65/Authentication_WebGuide/Authentication_WebGuide.htm#Topics/Authentication/Tasks…

I have done similar things before, integration should be straight forward, but I have never met with bluecoat before.

Anyone did it? Any suggestions, experiences? Maybe even some run book?

Thanks in advance!

Milan Volar

Does BlueCoat still have their embedded SDK Agent?

that may be more simplistic, and another option.

I don't see why this would out of the ordinary as a SAML solution though. Just need to work with your BlueCoat team to get the right parameters.

-Josh

Sorry for keeping you waiting, but client didn't want to use SP-IdP approach for integration so we did it using classic (boring) approach - via BCAAA (BlueCoat AuthNAuthZ Agent) and IWA to automatically pick and pass credentials (of a logged on domain user) to BC Proxy SG.

Milan