Symantec Access Management

Tech Tip : CA Single Sign-On : How to deploy CA SSO with PaaS system like Openshift 

  • 1.  Tech Tip : CA Single Sign-On : How to deploy CA SSO with PaaS system like Openshift 

    Posted 07-04-2018 03:29 AM

    Question:


    We'd like to know if you support Web Agent with OpenShift software to
    dynamically be able to register the Web Agent. What is important for
    us to know, is the process to register every Apache instance that
    OpenShift wake up during high work peaks with CASSO and how to
    unregister that instance when OpenShift takes it down during low
    peaks. If there is any way to do that.

     

    Answer:

     

    At first glance, OpenShift is supported.

    Administration, Internals and Supportability
    https://communities.ca.com/servlet/JiveServlet/download/241807667-1-189327/why-upgrade-to-ca-single-sign-12.8.pdf

    Using Web Agent in Dynamically Scaled Environments

    CA SSO Web Agents can be used in dynamically scaled environments
    such as Docker containers and OpenShift. Using these technologies
    require taking a different approach to register the Web Agent
    instances. For more information, see Use Web Agent in Dynamically
    Scaled Environments.

    https://docops.ca.com/ca-single-sign-on/12-7/en/release-notes/new-features

    and here the doc about registration :

    Use Web Agent in Dynamically Scaled Environments

    For each application, create a trusted host using Java Agent API
    SDK. Using this method you can create a new trusted host and obtain
    its generated shared secret in an unencrypted string format. You
    must save this shared secret to use as part of the data
    initialization of the application. You can use this approach to
    register all versions of the Web Agents (6x and later). The
    following sample code can be used to register an application, the
    sample code uses SDK versions 12.5 and up. You can also use SDK
    version 12.0 by removing the lines that handle FIPS mode:

    https://docops.ca.com/ca-single-sign-on/12-7/en/configuring/policy-server-configuration/agents-and-agent-groups/use-web-agent-in-dynamically-scaled-environments


    KB : KB000103781