Symantec Access Management

Expand all | Collapse all

Facing problem while integrating Ca Single Sign On with Liferay Eap 7.x

  • 1.  Facing problem while integrating Ca Single Sign On with Liferay Eap 7.x

     
    Posted 12-17-2018 05:26 AM
      |   view attached

    Hi Team ,

     

    I have successfully deployed and configured CA Siteminder web agent and integrated Liferay user store with CA SSO. Also , i have created  domain and realms accordingly for that. Now, when trying to integrate CA SSO with liferay , i am unable to find siteminder configuration window and after going through various articles i found liferay 7.x version only support Token based SSO authentication. How can i integrate the same using token based SSO integration ? 

    I want to know, what is the configuration for token based SSO authentication and is there any other way for integrating liferay and SSO ?

    It would be a great help if anyone can share some article or document regarding that .

     

    Environment - CA SSO - 12.7 version

    Liferay Eap 7.0 version

     

    Please Help 

    Thanks in advance

     

    Regards

    Girish Gandhi



  • 2.  Re: Facing problem while integrating Ca Single Sign On with Liferay Eap 7.x

    Posted 12-17-2018 12:38 PM

    Please refer this document - https://dev.liferay.com/en/discover/deployment/-/knowledge_base/7-1/token-based-single-sign-on-authentication 

     

    Where to find Siteminder Configurations:

    "Token based authentication is disabled by default. To manage token based SSO authentication, navigate to Liferay Portal’s Control Panel, click on System Settings, → Security  SSO. Token Based SSO appears in the list at the bottom. Alternately, you can search for Token in the Search field."

     

    According to above document link - there are various token based options to integrate with SSO solutions. One of the Siteminder supported mechanism is "HTTP request header" based.

     

    This is how your configuration should look like on LifeRay Portal:

     

    Authentication cookies:  SMIDENTITY, SMSESSION

    Enabled: Checked

    Import from LDAP: < Check this box to automatically import users from LDAP if they do not exist in the portal. (This may not be required, but you need to understand the requirement and make decision). >

    Logout redirect URL: <When user logs out of Liferay Portal, the user is redirected to this URL.>

    Token location:  HTTP request header

    User token name: SM_USER

    Additional info:

    On siteminder/SSO side -you need to take care of Userdirectory/Agent/ACO/Domain/Realm/Rules/Policies...etc. 

    SM_USER is a default HTTP header set by Siteminder webagent for applications to make use of it.

    Default HTTP Headers Used by the Product - CA Single Sign-On - 12.7 - CA Technologies Documentation 

    Hope this helps !!!, Let me know, if you have further questions on this.

     

    Regards

    Ashok



  • 3.  Re: Facing problem while integrating Ca Single Sign On with Liferay Eap 7.x

     
    Posted 12-19-2018 12:36 AM

    Thanks a lot for your help Ashok , but my main concern is what would be the configuration to be used for Token based SSO authentication . Do I have to also keep the parameters like Token location , User token name as default ? 

    I have successfully deployed and configured SSO webagent but i didn't found any of these options(User token name,Token Location) to select some values for that , while configuring the agent . So i am confused what values should i give in those parameters . I think i am doing something wrong from liferay Eap 7.x tool end. It would be a great help if you can share some article or document explaining these Token based sso configuration parameters briefly .

     

    Thanks again

    Regards

    Girish Gandhi



  • 4.  Re: Facing problem while integrating Ca Single Sign On with Liferay Eap 7.x

     
    Posted 12-19-2018 03:36 AM

    Further adding more to my question . Is there any other option to be enabled or checked , apart from the enabled option given in Token based sso authentication configuration window for a successful integration of Single sign on and Liferay  ?

     



  • 5.  Re: Facing problem while integrating Ca Single Sign On with Liferay Eap 7.x

    Posted 12-20-2018 11:30 PM

    Did you make it work ? are you still looking for assistance ?



  • 6.  Re: Facing problem while integrating Ca Single Sign On with Liferay Eap 7.x

     
    Posted 12-20-2018 11:57 PM

    No it didn't worked yet . I am still looking for an assistance .