Symantec Access Management

 View Only
Expand all | Collapse all

Integrating Single Page Application (SPA) with SiteMinder

Jump to Best Answer
  • 1.  Integrating Single Page Application (SPA) with SiteMinder

    Posted Mar 09, 2016 01:33 AM

    Hi All,

     

    Is it possible to protect and secure a Single Page Application (SPA) in MS Azure with CA SiteMinder, if so how? I somewhere read that SPA uses RESTful services and could be protected using OAuth2.0. Since CA SiteMinder R12.52 provides OAuth2.0, is it possible to protect these applications?

    what are the pros and cons of using SiteMinder to protect this?

    what are the steps involved to configure OAuth? What is OAuth Authorization server, does this needs to be installed separately, does it have a separate installer?I went through the BookShelf, it looks like it give some idea on configuring OAuth and Federation? what if i am not using federation?

    I have worked with OAuth2.0 using different product, but how does it work with SiteMinder?

     

    What would be best optimal solution to protect a SPA using SiteMinder?

     

    Please provide some insight on this and help me to figure this out to successful integration.



  • 2.  Re: Integrating Single Page Application (SPA) with SiteMinder
    Best Answer

    Broadcom Employee
    Posted May 09, 2016 08:35 AM

    Hi Christie

    Not sure if this may help you, but since this is Azure, we do have a guide for integrating it with SiteMinder

     

    _https://support.ca.com/phpdocs/1/8231/runbooks/CASM-MicrosoftAzureFederationRunbook-ver1.2.pdf

     

    Maybe this can give you some ideas.

     

    With respect to Oauth we do have an Oauth authentication scheme, which requires registering your application to an external Oauth server which you probably have already seen. Here is the link

     

    _https://support.ca.com/cadocs/0/CA%20SiteMinder%2012%2052%20SP1-ENU/Bookshelf_Files/HTML/idocs/oauth-auth-scheme.html

     

    A similar thing exists for Federation: you can have federation to an external Oauth IdP, like Google or Facebook, and the steps are again highlighted in the Federation guide

     

    _https://support.ca.com/cadocs/0/CA%20SiteMinder%2012%2052%20SP1-ENU/Bookshelf_Files/HTML/idocs/social-signon.html

     

    Not sure if any of these may help you, but just in case here it is