Symantec Access Management

Hi All,

Is it possible to protect and secure a Single Page Application (SPA) in MS Azure with CA SiteMinder, if so how? I somewhere read that SPA uses RESTful services and could be protected using OAuth2.0. Since CA SiteMinder R12.52 provides OAuth2.0, is it possible to protect these applications?

what are the pros and cons of using SiteMinder to protect this?

what are the steps involved to configure OAuth? What is OAuth Authorization server, does this needs to be installed separately, does it have a separate installer?I went through the BookShelf, it looks like it give some idea on configuring OAuth and Federation? what if i am not using federation?

I have worked with OAuth2.0 using different product, but how does it work with SiteMinder?

What would be best optimal solution to protect a SPA using SiteMinder?

Please provide some insight on this and help me to figure this out to successful integration.

Hi Christie

Not sure if this may help you, but since this is Azure, we do have a guide for integrating it with SiteMinder

_https://support.ca.com/phpdocs/1/8231/runbooks/CASM-MicrosoftAzureFederationRunbook-ver1.2.pdf

Maybe this can give you some ideas.

With respect to Oauth we do have an Oauth authentication scheme, which requires registering your application to an external Oauth server which you probably have already seen. Here is the link

_https://support.ca.com/cadocs/0/CA%20SiteMinder%2012%2052%20SP1-ENU/Bookshelf_Files/HTML/idocs/oauth-auth-scheme.html

A similar thing exists for Federation: you can have federation to an external Oauth IdP, like Google or Facebook, and the steps are again highlighted in the Federation guide

_https://support.ca.com/cadocs/0/CA%20SiteMinder%2012%2052%20SP1-ENU/Bookshelf_Files/HTML/idocs/social-signon.html

Not sure if any of these may help you, but just in case here it is