SiteMinder?

Similar Messages

• SSO to a Siteminder application

  Hi,
  I need to integrate a web application into the portal that uses siteminder for authentication. I have looked through all the available details and have not been able to find a solution to this problem.
  There is no possibility of either changing the external application or siteminder.
  Your help would be greatly appreciated.
  Regards,
  Vibhu

  Vibhu,
  How is your portal authentication done? Does that also uses SSO (Netegrity)?  One of my implementation I did use Netegrity to setup SSO (single sign on)for Portal. Authentication was done by Microsoft ADS.
  -NE
  www.sapecc.com

• SSO for  non sap applications in EP on which siteminder sso is integrated

  Hi ,
  we have implemented Siteminder SSO on   SAP PORTAL 6 SP16  for authentication.I would like integrate non sap application in Portal.I could not find any documentaion for setting up non sap application's in portal on which siteminder sso external authentication is implemented.
  can anybody help for getting  step by step document.
  Thanks
  Tag

  Hi ,
  we have implemented Siteminder SSO on SAP PORTAL 6 SP16 for authentication.I would like to integrate non sap application in Portal.I could not find any documentaion for setting up non sap application's in portal on which siteminder sso external authentication is implemented.
  can anybody help for getting step by step document.
  diff rewards to be given...
  Thanks
  Tag

• Problem with siteminder in struts application

  In our application we are using the siteminder for the authentication of the users. Whenever the user is authenticated by the siteminder the user is being taken to the application welcome page.Then user performs his own activities and after that whenever he is logging out, i am taking him to the logout page and before that i am clearing all the sessions using the session.invalidate and also setting the session = null. I porvide a link the logout page where the user can click to relogin to the application. So whenever the user clicks on it he should be prompted with the siteminder login screen, instead it is directly taking me to the application. So i dont know wht to do. But if i close the window and open the new window i am getting that login prompt.But when the users types the same URL in the same page he is taken into the application without login screen
  Please help me with this issue

  It seems you are doing right thing. But what could possible is , on Siteminder Policy Server, there is Parameter called ACO that will have a definition for Logging off url . Its LogoffURI parameter. Unless it is set , though you clean up the session in browser when user click on logoff url, the session is still available on siteminder policy server cache. Thats why when user access the application url within the same browser window he is getting application pages. So check with siteminder administrator on your end...

• Siebel/Siteminder Netegrity (Computer Associates) SSO Integration

  Hello,
  The end client wants to integrate a SSO solution with Siteminder without purchasing the Siteminder custom security adapter. I have not yet seen this done before as I have always utilized the Siteminder custom security adapter when implementing SSO with Siebel. Currently, I have configured their authentication into Siebel using the standard Siebel LDAP Security Adapter to connect and authenticate to an Active Directory Server. I believe it would be possible to configure Siteminder to use the LDAP Security adapter and achieve SSO however; I am not clear as to what steps would need to be done in order to get this to work properly. Outside of the basic Siebel Enterprise Setup and the SWSE eapps.cfg setups for SSO would I just add the anonymous user account, which is currently being used by the LDAP Security Adapter by the SharedCredentinalsDN and which also holds the LDAP DB username and password, into the Siteminder HTTP header? Any advice on this would be greatly appreciated.
  Thanks

  With Siebel 7.7 and later (and possibly 7.5) it is theoretically possible to use Siteminder SSO with Siebel without the Computer Associates custom adapter. Please note, however, that Computer Associates does not officially support this approach and Oracle/Siebel's ability to support Siteminder issues is very limited.
  The basic outline of what needs to be done:
  1. You will use either the LDAPSecAdpt or ADSISecAdpt depending on what directory backends your Siteminder implementation. This must be an LDAP directory or Active Directory server that is supported by the Siebel security adapter. If it is not, then you will have to use the Siteminder customer adapter.
  2. Determine which attribute in the LDAP or ADSI directory contains the userID that matches up to a valid Siebel userID (i.e. in S_USERS). By default this would be sAMAccountName for ADSI and uid for LDAP. But this often is customized/changed.
  3. Configure Siteminder to pass the contents of that attribute as a custom HTTP header variable. For example SIEBEL_SSO_USER.
  The rest of the setup is documented in the Security Guide in the Single Sign-On Section. You will basically just need to add a few variables in the eapps.cfg and/or eapps_sia.cfg file(s) and then set the SingleSignOn and TrustToken parameters in the security adapter profile.
  Hope this helps.
  Stevan

• Siteminder SharePoint Adobe

  Hi,
     There is Sharepoint 2010 site integrated with CA Siteminder agent for sharepoint 2010. This site should open an Adobe Acrobat X Pro 10.1.1 when "Edit Document" command is clicked to edit a pdf file. But this result in error by Adobe Acrobat X Pro 10.1.1 "There was error opening this document. The filename, directory name, volume label syntax is incorrect"
  Note:
  Same file is editable using standalone sharepoint site, when authentication is NTLM.
  In case of siteminder+sharepoint integrated site, authentication is claim based.
  Seems adobe acrobat stop sending request after it get 302 http response. Is it case that the adobe acrobat x pro cannot handle 302 http response?
  Or because of claim based authentication it is not possible for adobe acrobat to handle authentication?
  thanks
  Sharmila([email protected])

  You can create a form to submit data to a web script. That script can be based on HTML, FDF, XFDF, or XML data types (only XML is available if you use Designer, the others are available if you develop the form directly in Acrobat). The data can then be manipulated as needed in your on-line application. I assume that is what you are referring to. If you need the form with the data, you can import the data into the form or within the 500 limit (section 15 of the EULA) can have the full form sent. However, it sounds like you want to work the data directly and the full form would just get in the way.

• WLS 6.1 - Oracle 8.1.6 - Siteminder - ArrayOutOfBounds issue

  Getting an ArrayIndexOutOfBoundsException when trying to
  run Wls 6.1 with Oracle 8.1.6 and Netegrity Siteminder (Security
  module for sign-on privileges) ..
  ####<Sep 25, 2001 11:10:26 AM CDT> <Error> <Posix Performance Pack> <olc221> <flextrialserver>
  <ExecuteThread: '13'
  for queue: 'default'> <> <> <000000> <Uncaught Throwable in processSockets>
  java.lang.ArrayIndexOutOfBoundsException
  at weblogic.servlet.internal.MuxableSocketHTTP.isMessageComplete(MuxableSocketHTTP.java:282)
  at weblogic.socket.PosixSocketMuxer.deliverGoodNews(PosixSocketMuxer.java:448)
  at weblogic.socket.PosixSocketMuxer.processSockets(PosixSocketMuxer.java:378)
  at weblogic.socket.SocketReaderRequest.execute(SocketReaderRequest.java:24)
  at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:137)
  at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
  ####<Sep 25, 2001 11:12:26 AM CDT> <Error> <Posix Performance Pack> <olc221> <flextrialserver>
  <ExecuteThread: '12'
  for queue: 'default'> <> <> <000000> <Uncaught Throwable in processSockets>
  java.lang.ArrayIndexOutOfBoundsException
  at weblogic.servlet.internal.MuxableSocketHTTP.isMessageComplete(MuxableSocketHTTP.java:282)
  at weblogic.socket.PosixSocketMuxer.deliverGoodNews(PosixSocketMuxer.java:448)
  at weblogic.socket.PosixSocketMuxer.processSockets(PosixSocketMuxer.java:378)
  at weblogic.socket.SocketReaderRequest.execute(SocketReaderRequest.java:24)
  at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:137)
  at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
  ####<Sep 25, 2001 11:14:26 AM CDT> <Error> <Posix Performance Pack> <olc221> <flextrialserver>
  <ExecuteThread: '14'
  for queue: 'default'> <> <> <000000> <Uncaught Throwable in processSockets>
  java.lang.ArrayIndexOutOfBoundsException
  at weblogic.servlet.internal.MuxableSocketHTTP.isMessageComplete(MuxableSocketHTTP.java:282)
  at weblogic.socket.PosixSocketMuxer.deliverGoodNews(PosixSocketMuxer.java:448)
  at weblogic.socket.PosixSocketMuxer.processSockets(PosixSocketMuxer.java:378)
  at weblogic.socket.SocketReaderRequest.execute(SocketReaderRequest.java:24)
  at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:137)
  at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
  ####<Sep 25, 2001 11:15:26 AM CDT> <Error> <Posix Performance Pack> <olc221> <flextrialserver>
  <ExecuteThread: '13'
  for queue: 'default'> <> <> <000000> <Uncaught Throwable in processSockets>
  java.lang.ArrayIndexOutOfBoundsException
  at weblogic.servlet.internal.MuxableSocketHTTP.isMessageComplete(MuxableSocketHTTP.java:282)
  at weblogic.socket.PosixSocketMuxer.deliverGoodNews(PosixSocketMuxer.java:448)
  at weblogic.socket.PosixSocketMuxer.processSockets(PosixSocketMuxer.java:378)
  at weblogic.socket.SocketReaderRequest.execute(SocketReaderRequest.java:24)
  at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:137)
  at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)

  Sagar,
  Can you test you application with Service Pack 1 for WebLogic Server 6.1
  WebLogic Server 6.1 with Service pack 1
  http://commerce.beasys.com/downloads/weblogic_server.jsp
  If you need just the service pack for WLS 6.1 , you will need to have a
  websupport login and password.
  Refer to this url for more information on this.
  http://contact.bea.com/bea/www/BEACustRegLogin.jsp
  http://websupport.bea.com/custsupp/
  Hope this helps
  Raj Alagumalai

• Safari 2.0 problem with Siteminder

  We are having problem logging out from our site which usesg authentication tool called Siteminder. This may have to do with cookies. This problem is there for the following version.
  MacOS X 10.4.1 and Safari 2.0 build 412
  This version is fine -> MacOS X 10.3.7 and Safari 1.2.4
  This problem is specific to Safari 2.0 and not the operating system.
  Please help
  Thank you

  Hi,
  I have the same problem.
  Most of homebanking systems use Siteminder. Siteminder is very popular in home banking and ecommerce big sites.
  I tried to authenticate myself in more than one homebanking and in more than one ecommerce website.
  Same results.
  This means that Safari users cannot use homebanking or ecommerce anymore.
  Did anyone find a solution?
  Thx
  Flavio

• ADF and SiteMinder not working

  Hi,
  I'm working on a project where the CA SiteMinder Authenticator and IdentityAsserter have been configured in a clustered environment alongside the Default Authenticator and IdentityAsserter. An ADF app using a combination basic J2EE security (isUserInGroup/Role type calls to show/hide tabs depending on user's role) and ADF Security roles and policies (used to lock down task flows to specific roles/groups/users).
  The J2EE security call works fine, proving that SiteMinder has populated the security Subject with the correct Principals and authorised correctly.
  However, ADF Security does not work at all, even though I can see the groups that originated in the SiteMinder Authenticator in the Enterprise Manager security config screens.
  I have mapped the ADF Application Roles to J2EE groups successfully, but when I access the application having successfully logged in as a user who is a member of that group, the taskflows don't show up...
  When I run this in a non-clustered WLS environment with only DefaultAuthenticator/IdentityAsserter, all is well, TaskFlows show/hide as expected.
  This falls neatly between Oracle and CA in terms of problem solving, can't get much help from either at the moment.
  Any thoughts or possible lines of enquiry are welcome.
  Edited by: 893022 on 27-Oct-2011 04:23

  Hi Frank,
  I'm just trying that now - reducing the variables seems like a good plan.
  A couple of things we're unsure of:
  1. Does ADF support Siteminder R12? My feeling is that the two are probably not related as ADF accesses the security realm via OPSS and the SiteMinder app server agent is an implementation of the WLS SSPIs, which would never be directly accessed from ADF (as far as I can tell).
  2. I've seen an example on redstack where an ADF application is deployed into an environment that is configured to use an Acitive Directory provider. There is a step includes that involves editing jps-config.xml on the server to include username.attr and user.login.attr properties to the idstore.ldap service instance. Is there similar any FMW-level config I'd need to do for SiteMinder?
  3. When JDeveloper builds the ADF app, it changes the class uses Groups and Users from:
  oracle.seurity.jps.internal.core.principals.JpsXmlEnterpriseroleImpl
  to:
  weblogic.security.principal.WLSUserImpl
  We did some debugging on on our app and saw that the SiteMinder 'Groups' that are fed into WLS by the SSPI are actually of a different class althoghether:
  com.netegrity.siteminder.weblogic.sspi.auth.SmWLSGroupImpl
  I'm building my ADF app with Maven so have used XMLTask to make this change to jazn-data.xml on deploy, but still no joy. ADF just doesn't appear to be able to 'see' the users and groups that have come from SiteMinder providers.

• Integrating WebLogic Server with CA SiteMinder Web Agent R6

  Hi I have searched on the topic of integrating WebLogic Server with the CA SiteMinder Web Agent R6 to provide single sign on services, and have been unable to find anything. Does anyone have any experience with this that could provide some tips, or could direct me to some documentation?

  It definitely can work. We have done the same thing in several installations. The question is "How secure does it need to be?" You will be using SM to do authentication. You will configure SSO to trust the SM header variable. If you really want to be secure you need to configure your boxes so that the http server on you SUSE box (for Portal) can only be accessed from the Reverse Proxy. If another machine can access it someone could spoof the header variable and log in as anyone they want.
  Hope this is helpful.
  Anton

• Integrating portal/identity server with netegrity siteminder?

  Has anyone integrated identity server/portal server with Netegrity Siteminder for single sign on?
  Both products seem to support SAML and the Liberty Alliance project. Can a new auth module in the identity server just exchange the appropriate messages to create a single sign on token in netegrity and then validate the token on each request?

  We are running Identity Server 6.1 on Solaris.
  The logs are in /var/opt/SUNWam/debug/
  The most useful one is amAuth. You might also want to look at amAuthInternal, amSession, amAuthLDAP, and amAuthContext.
  If you are seeing these, checkout AMConfig.properties (in /opt/SUNWam/lib). It should have the log level set to warning or message for you to get all these logs. Here's the setting from my AMConfig.properties:
  com.iplanet.services.debug.level=warningPS Sorry for the unix paths, but hopefully they map closely to the windows directories.

• SiteMinder Authentication Realm has NOT been correctly configured and...

  Hi All,
  When I set the realm (associated with the authentication provider) as UNPROTECTED, I see the following in my AUWebAgent.log (authentication web agent log):
  [31 Aug 2006 16:19:07,050] [main] [INFO] Configuration: Support for TP cookies is : ENABLED.
  [31 Aug 2006 16:19:07,050] [main] [INFO] Configuration: DefaultAgentName: bppttest.micron.com.
  [31 Aug 2006 16:19:07,051] [main] [INFO] Configuration: FilterDomainName: DISABLED
  [31 Aug 2006 16:19:07,051] [main] [DEBUG] Creating caches ..
  [31 Aug 2006 16:19:07,051] [main] [DEBUG] Configuration: No Cache Timeout specified. Default is 600 seconds
  [31 Aug 2006 16:19:07,051] [main] [DEBUG] Configuration: No Resource Cache Size specified. Default is: 0
  [31 Aug 2006 16:19:07,051] [main] [DEBUG] Configuration: No Authentication Cache Size specified. Default is: 0
  [31 Aug 2006 16:19:07,051] [main] [DEBUG] Configuration: No Authorization Cache size specified. Default is: 0
  [31 Aug 2006 16:19:07,051] [main] [DEBUG] Configuration: Auditing is DISABLED
  [31 Aug 2006 16:19:07,051] [main] [DEBUG] Configuration: Caching for anonymous users is DISABLED
  [31 Aug 2006 16:19:07,053] [main] [DEBUG] The SiteMinder Resource Manager is checking if resource "/smauthenticationrealm" is Protected.
  [31 Aug 2006 16:19:07,129] [main] [INFO] Resource "/smauthenticationrealm" is NOT Protected.
  [31 Aug 2006 16:19:07,129] [main] [ERROR] The SiteMinder Authentication Realm has NOT been correctly configured and is unavailable.
  Additional info:
  Using SiteMinder 5.5 on WebLogic 8.1 sp5
  When & if I set all my realms as protected then I am unable to startup my servers and get the folowing error:
  We are trying to setup (as in intergrate SiteMinder with Savvion) SiteMinder v2 with weblogic 8.1 sp 5. We have appropriately included the references to variours siteminder related jars as per Netegrity's ASA document. We aren't using any webserver, instead wewould be using launching page (which be a protected resource). The following is the installation, configuration, and testing information related to various siteminder components:
  SiteMinder Identity Asserter (IA) - installed, configured & tested successfully.
  SiteMinder Authentication Provider - installed, configured & test result -> Unsuccessful.
  SiteMinder Authorziation provider - installed, configured & test result -> Unsuccessful.
  Has anyone seen anything similar to the following? My guess on the above is that it looks like it is trying initialise siteminder stuff every time we start each of the servers(admin, ejb and portal). Since the initialisation happens for the 1st time) when the admin server is started, an error is thrown complaining about not being to initialise when we start either portal or ejb after that. If this is true then is there a way around this problem?
  The Admin Server starts fine. But when we try to start either of the ejb or portal server, we get the following error:
  <Aug 16, 2006 4:03:01 PM MDT> <Critical> <WebLogicServer> <BEA-000364> <Server failed during initialization. Exception:weblogic.security.service.SecurityServiceRuntimeException: [Security:090371]Problem instantiating Authentication Provider weblogic.rmi.extensions.RemoteRuntimeException: Unexpected Exception - with nested exception:
  [java.rmi.MarshalException: failed to marshal invoke(Ljavax.management.ObjectName;Ljava.lang.String;[Ljava.lang.Object;[Ljava.lang.String ;); nested exception is:
          java.io.NotSerializableException: com.netegrity.siteminder.weblogic.sspi.auth.a9]
  weblogic.security.service.SecurityServiceRuntimeException: [Security:090371]Problem instantiating Authentication Provider weblogic.rmi.extensions.RemoteRuntimeException: Unexpected Exception - with nested exception:
  [java.rmi.MarshalException: failed to marshal invoke(Ljavax.management.ObjectName;Ljava.lang.String;[Ljava.lang.Object;[Ljava.lang.String ;); nested exception is:
          java.io.NotSerializableException: com.netegrity.siteminder.weblogic.sspi.auth.a9]
  at weblogic.security.service.PrincipalAuthenticator.initialize(PrincipalAuthenticator.java:225)
  at weblogic.security.service.PrincipalAuthenticator.<init>(PrincipalAuthenticator.java:283)
  at weblogic.security.service.SecurityServiceManagerDelegateImpl.doATN(SecurityServiceManagerDelegateImpl.java :581)
  at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealm(SecurityServiceManagerDelegateImpl.java:420)
  at weblogic.security.service.SecurityServiceManagerDelegateImpl.loadRealm (SecurityServiceManagerDelegateImpl.java:700)
  at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealms(SecurityServiceManagerDelegateImpl.java:733)
  at weblogic.security.service.SecurityServiceManagerDelegateImpl.initialize (SecurityServiceManagerDelegateImpl.java:876)
  at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:734)
  at weblogic.t3.srvr.T3Srvr.initializeHere(T3Srvr.java:821)
  at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:669)
  at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:343)
  at weblogic.Server.main(Server.java:32)
  >
  <Aug 16, 2006 4:03:01 PM MDT> <Emergency> <WebLogicServer> <BEA-000342> <Unable to initialize the server: weblogic.security.service.SecurityServiceRuntimeException: [Security:090371]Problem instantiating Authentication Provider weblogic.rmi.extensions.RemoteRuntimeException: Unexpected Exception - with nested exception:
  [java.rmi.MarshalException : failed to marshal invoke(Ljavax.management.ObjectName;Ljava.lang.String;[Ljava.lang.Object;[Ljava.lang.String;); nested exception is:
          java.io.NotSerializableException: com.netegrity.siteminder.weblogic.sspi.auth.a9 ]>
  The WebLogic Server did not start up properly.
  weblogic.security.service.SecurityServiceRuntimeException: [Security:090371]Problem instantiating Authentication Provider weblogic.rmi.extensions.RemoteRuntimeException: Unexpected Exception - with nested exception:
  [java.rmi.MarshalException: failed to marshal invoke(Ljavax.management.ObjectName;Ljava.lang.String;[Ljava.lang.Object;[Ljava.lang.String ;); nested exception is:
          java.io.NotSerializableException: com.netegrity.siteminder.weblogic.sspi.auth.a9]
  at weblogic.security.service.PrincipalAuthenticator.initialize(PrincipalAuthenticator.java:225)
  at weblogic.security.service.PrincipalAuthenticator.<init>(PrincipalAuthenticator.java:283)
  at weblogic.security.service.SecurityServiceManagerDelegateImpl.doATN(SecurityServiceManagerDelegateImpl.java :581)
  at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealm(SecurityServiceManagerDelegateImpl.java:420)
  at weblogic.security.service.SecurityServiceManagerDelegateImpl.loadRealm (SecurityServiceManagerDelegateImpl.java:700)
  at weblogic.security.service.SecurityServiceManagerDelegateImpl.initializeRealms(SecurityServiceManagerDelegateImpl.java:733)
  at weblogic.security.service.SecurityServiceManagerDelegateImpl.initialize (SecurityServiceManagerDelegateImpl.java:876)
  at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:734)
  at weblogic.t3.srvr.T3Srvr.initializeHere(T3Srvr.java:821)
  at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:669)
  at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:343)
  at weblogic.Server.main(Server.java:32)
  Reason: weblogic.security.service.SecurityServiceRuntimeException : [Security:090371]Problem instantiating Authentication Provider weblogic.rmi.extensions.RemoteRuntimeException: Unexpected Exception - with nested exception:
  [java.rmi.MarshalException: failed to marshal invoke(Ljavax.management.ObjectName ;Ljava.lang.String;[Ljava.lang.Object;[Ljava.lang.String;); nested exception is:
          java.io.NotSerializableException: com.netegrity.siteminder.weblogic.sspi.auth.a9]
  Any help would be appreciated.
  Regards,
  Prashant

  but it just says it cannot repair due to another program being installed.
  I'd like to have a closer look at that error message please.
  Generate the error message again. While the error message box is open, hold down the Alt key and hit the PrtSc key. Paste the screenshot into an image file (using a program like Paint), and save the file.
  Start a reply here and click the wee camera icon at the top of the reply window. Click "Choose file", browse to the image file, select the file and click "Open". Now click "Insert file" to insert the screenshot into the reply.

• Siteminder Exception

  Hello All,
  In our application we have siteminder as our webserver par , for every request it hits the siteminder and then the control comes to the weblogic.
  The strange problem we are facing now is, it was all working fine in the development environment when the same EAR is deployed in our TEsting env, that siteminder is throwing the exception after the user logs in .THe error is thrown exactly when our application has to eb launched after thevalidation done by the siteminder.
  Its throwing the follownig exception
  "No backend server available for connection: timed out after 10 seconds"
  And its throwing some NSAPI error.
  Its very much strange that itw was working fine with dev env. If i connect to teh teting siteminder with teh dev app server its working.If i connect to testing app from dev siteminder then also behavious is as expected.
  Whyu this strange probelm not able to see where its going wrong.
  If any of you have come across usch probelm, or if yuo haev any idea please throw some light.
  Thanks ,
  VIswa

  I assume you use webserver to proxy your requests to the application server. If so, this error occurs when the back-end app server is down or not accessible from the web server.
  1. Try to ping your app server from the web server where you installed the webagent
  2. Try accessing the http://appserver:port/XXXXX from the web server
  3. Check your webserver Proxy Plugin/ .ini file that will proxy to your app server
  Hope this helps.

• Can SiteMinder and OAM co-exist (SMSession and ObSSOCookie)?

  Hi folks,
  We currently have SiteMinder in place, but we're migrating to OAM 10.1.4.3.0. At some point, we'll need to have SiteMinder and OAM to co-exist and stand in parallel, so that we can gradually phase out Siteminder, and start protecting all of our resources with OAM. With this in mind, is there a way for the two of these access systems to co-exist? Can they share some common data, so that once user has been authenticated with SM, a cookie is created (similar to SMSession) which would then be understood by the OAM, or vice versa. This way, when the same customer accesses a subsequent resource protected in turn by OAM, the OAM (instead of authenticate and authorize user for the second time) would then read a session cookie, created by the SM and grant access. This scenario should be reversible, and also work the other way around with OAM as an entry point.
  Has anyone faced the same issue?
  Thank you,
  Roman

  For apps already protected by SiteMinder:
  User get authenticated by SiteMinder; gets SMSession cookie and comes to app protected by OAM
  OAM can read the cookie value and treat it as Credentials. For this you need to evaluate how to make OAM understand the SMSession cookie value.
  More Info: http://download.oracle.com/docs/cd/E15217_01/doc.1014/e12488/v2authen.htm#BABEAHEB
  For apps protected by OAM:
  User get authenticated by OAM; gets ObSSOCookie and comes to app protected by OAM
  Well, I'm not sure if this is supported by SiteMinder, but there should be some way to read the ObSSOCookie value also. Otherwise, you need to develop your own module.
  If you have considerable number of applications, it will be practical if applications are migrated from SM to OAM step by step. I might be wrong with these ideas, but it will be a good experience to involve in such type of discussions. Lets see what the experts have to say on this.

• Siteminder integration

  We are using Netegrity Siteminder for providing Single SignOn for differnet applications.
  Lately there has been request of integrating it with the Security Structure of
  BEA Weblogic 8.1 (For EJB's and certain secured resouces) based on SSO Id. Is
  there any plugin which provides this integration?

  Oh and neglected to say, the answer is yes. And as per the doc referrenced
  you must obtain this from Netegrity
  "Jason Keating" <[email protected]> wrote in message
  news:[email protected]..
  You do not suggest which version or Siteminder you are using. Unsure which
  version of Siteminder this supports but imagine it is the most recent.
  See the following doc (you need a Netegrity support acct)
  https://support.netegrity.com/ocp/custom/productdownload/productdownload_edi
  >
  t.asp?grouptype=248&isNodeGroup=null&filepath=%5Cliterature%5Cwhite+papers%5
  Cauth1%5Fsiteminder%5Fweblogic%5F8%2E1%2Epdf#
  "pvprabhakar" <[email protected]> wrote in message
  news:[email protected]..
  We are using Netegrity Siteminder for providing Single SignOn fordiffernet applications.
  Lately there has been request of integrating it with the SecurityStructure of
  BEA Weblogic 8.1 (For EJB's and certain secured resouces) based on SSO
  Id.
  Is
  there any plugin which provides this integration?

• Siebel 7.8 siteminder 12 can be sso and integrate?

  Hi guys:
  Can siebel 7.8 and siteminder r12 be integrate ？
  I‘ve read the <Policy Server Configuration Guide r12.0 SP2>
  <CA ETRUST SITEMINDER SSO AGENT VERSION 5.6 INTEGRATION WITH SIEBEL CRM RELEASE 7.8>
  and other write book,there is no exactly explain。
  So,i dont know how to configuration software。
  Great Appreciation
  不胜感激
  Edited by: user10739954 on 2011-12-4 下午7:15

  Hi,
  You need to contact CA to confirm if they have tested Siteminder R12 integration with Siebel 7.8 and created a siebel agent for R12. They have performed this test and created the integration document for eTrust 5.6.
  Thanks
  Wilson