CA SiteMinder Integration

Exploring best approach to integrate portal built on LiveSite with CA SiteMinder to externalize authentication and coarse grained authorization to SiteMinder. Standard approach would be to protect the LiveSite portal with a SiteMinder Web Agent installed in the web server tier and configure LiveSite to defer authentication and authorization to SiteMinder via the SM_USER HTTP Header. Would appreciate any feedback from the community on the technical feasibility of this approach (out-of-the-box with LiveSite) or alternate integration approaches.

Find more posts tagged with

Comments

Rick Poulin

LiveSite doesn't really provide a whole lot of production-worthy authentication mechanisms. Your approach is the right one and it won't necessarily conflict with anything in LiveSite. The integration between LiveSite and SM (i.e. looking for the session token or SM_USER header and deriving profile information from that) will have to be built custom, and there's a few different ways you could do it. It's hard to recommend one without knowing your context.