6.7.1 Integration with SiteMinder

I hadn't seen anything about the changes to SiteMinder integration with 6.7.1 until the release. The documentation mentions TeamSite and SiteMinder "sharing the same user database"...but doesn't elaborate on that functionality.

My instinct is that this means that, in a UNIX environment, that users must be defined at the UNIX OS level as well as in SiteMinder... probably through LDAP.

Find more posts tagged with

Comments

RichDiaz

Interested in this as well..

Bill Klish

We are attempting to work through this integration right now using Sun One Access Manager as our SSO product. It doesn't seem to like working with an SSL enabled version of apache (which is what iw-webd is). We are working on this through the vendor.

At any rate, you are correct. The SSO product merely provides authentication, not authorization. For authorization, you need to have your users defined in LDAP, local /etc/passwd, etc. to add them as allowed users in TeamSite. The user ids should be the same in both systems. In our case, our SSO product and LDAP point to the same set of information. From the TeamSite Admin tab, if you are modifying users and groups, they will need to be retrieved from somewhere besides your SSO system.

Hope that helps,
-Bill

Migrateduser

The new Siteminder integration is described in the TeamSite 6.7.1 Supplement document.

Nicholas

This is what I read from 6.7.1 feature list

Single-sign-on (SSO) enhancement: A more generic and flexible infrastructure for integration with third party SSO systems including an out-of-the-box integration with SiteMinder. The new design leverages the “trusted client” infrastructure in TeamSite and removes the need for the “active response module” on the SiteMinder server. This also serves as a best practice recommendation for integration with other SSO systems.

Hope this help you

Thanks Nicholas