KB 2449 CA Wily APM security example: CA SiteMinder for authentication with CA EEM for authorization

Similar documents
How to Integrate CA SiteMinder with the Barracuda Web Application Firewall

Integrating CA (formerly Netegrity) SiteMinder 6.0 with IBM Lotus Connections 2.0

CA SITEMINDER OVERVIEW

Configuring a Secure Access etrust SiteMinder Server Instance (NSM Procedure)

etrust SiteMinder Agent r5.5 for BEA WebLogic 9.0 etrust SiteMinder Agent for BEA WebLogic Guide

OTP SERVER NETEGRITY SITEMINDER 6. Rev 1.0 INTEGRATION MODULE. Copyright, NordicEdge, 2005 O T P S E R V E R I N T E G R A T I O N M O D U L E

Setup and Configure the Siteminder Policy Store with Dxmanager

CA SiteMinder. Agent for JBoss Guide SP1

CA SiteMinder. Agent for JBoss Guide. r12.1 SP3. Third Edition

API Gateway Version September Authentication and Authorization Integration Guide

Installation Guide. Unisphere Central. Installation. Release number REV 07. October, 2015

CA SiteMinder. Agent for JBoss Guide 12.51

etrust SiteMinder Agent r6.0 for IBM WebSphere

etrust SiteMinder Connector for Oracle Solutions Architecture, Installation and Configuration Guide For UNIX Version 1.6 (Rev 1.

CA SiteMinder Web Services Security

Video Media Center - VMC 1000 Getting Started Guide

User Guide for E-Rez

RSA SecurID Ready Implementation Guide

Concur Travel: User Supplied Hotels

HEATHROW S VIP SERVICE

MyFBO Help. Contents TRAINING ONLY

EMC Unisphere 360 for VMAX

WHAT S NEW in 7.9 RELEASE NOTES

Revalidation of RE Projects. Accreditation and Registration

Dell EMC Unisphere 360

EMC Unisphere 360 for VMAX

ELOQUA INTEGRATION GUIDE

EMC Unisphere 360 for VMAX

A320 Motorized PRO TQ Installation & Operation Manual

Concur Travel-Frequently Asked Questions

S-Series Hotel App User Guide

Wishlist Plug-in USER GUIDE

Traveltek Agent User Guide APRIL VERSION 01

Circular No. : NCDEX/TECHNOLOGY-027/2013/322 Date : October 23, 2013 Subject : Mock Trading Session for Spread day orders through Tradex Version 3.1.

MARKETO INTEGRATION GUIDE

Welcome to Air Tickets

CA SiteMinder Web Access Manager r12

Click the Profile link to review and update your profile. You must save your profile before you first attempt to book a trip. TOP

Booking Airfare for Another Employee

CruiseBuilder 2.0 Tutorial. How to Set Up CruiseBuilder 2.0 How to Use CruiseBuilder 2.0 Booking Engine

Fox World Travel/Concur Documentation Concur FAQ

CA SiteMinder Web Services Security

Multiple Wishlists extension for Magento2. User Guide

Canadian Classic Airlines Members Handbook

HPHConnect for Providers. Revalidation of Users of Your HPHConnect Account User Guide

MyTraveler User s Manual

Cisco CMX Cloud Proxy Configuration Guide

MYOB EXO OnTheGo. Release Notes 1.2

Wishlist Auto Registration Manual

Sunquest Collection Manager (Monitor)

Concur Travel - Frequently Asked Questions

Booking Airfare for Yourself

Concur Travel: View More Air Fares

USER GUIDE DOCUMENT VIETJET AIR FLIGHTVIEW

Management System for Flight Information

USER GUIDE Cruises Section

Angel Flight Information Database System AFIDS

GetThere Integration User Guide. Cvent, Inc 1765 Greensboro Station Place McLean, VA

Specialty Cruises. 100% Tally and Strip Cruises

Specialty Cruises. A. 100% Tally and Strip Cruises

Last Updated: July 04 th, 2014.Changes from the previous version are in green. SITEMINDER ,29 PLATFORM SUPPORT 1. Policy Server 11,

CASS & Airline User Manual

E: W: avinet.com.au. Air Maestro Training Guide Flight Records Module Page 1

SKYWELL 5T Quick Start User Guide

Concur Online Booking Tool: Booking Airfare for a Guest

Travelport Cruise & Tour Best Practice Cruise. Quick Reference - Book / Display / Pay

CA SiteMinder. Federation.NET SDK Guide 12.51

Supports full integration with Apollo, Galileo and Worldspan GDS.

FAASafety.gov Help Manual for WINGS - Pilot Proficiency Program Federal Aviation Administration May 1, 2007

CA SiteMinder Federation Standalone

EMC Unisphere for VMAX

Sabre Online Quick Reference Guide

ST Electronics (Info-Software Systems) Pte Ltd. AOCS ACDM Flight Information Management (FIM) Training Guide

Federal GIS Conference February 10 11, 2014 Washington DC. ArcGIS for Aviation. David Wickliffe

Concur Travel: Lufthansa Pay As You Fly (PAF)

QuickStart Guide. Concur Premier: Travel

GetThere User Training

Book Upto 12 tickets in a month by linking Aadhaar

InHotel. Installation Guide Release version 1.5.0

Overseas Travel Registration System Operation Manual

NHS Professionals System User Guide

Concur Travel User Guide

ICTAP Program. Interoperable Communications Technical Assistance Program. Communication Assets Survey and Mapping (CASM) Tool Short Introduction

HelpAndManual_unregistered_evaluation_copy AirLog Pilot Logbook V3

Make an Airline Reservation. Action

UM1868. The BlueNRG and BlueNRG-MS information register (IFR) User manual. Introduction

Operations Manual. FS Airlines Client User Guide Supplement A. Flight Operations Department

Siteminder Setup. Setting up Siteminder into RezExpert

myldtravel USER GUIDE

Virgin Australia s Corporate Booking Portal User Guide

A New Way to Work in the ERCOT Market

Baggage Reconciliation System

Opera TWI Room Type Changes Introduction

Certify Travel Program Process Guide Booking

myidtravel Functional Description

CruisePay Enhancements for 2005 Training Guide Version 1.0

SERVICE LETTER COMMUNICATIONS - LINK CPDLC AND VHF ACARS CONFIGURATION VERIFICATION

The Official s Guide to Athletix

User Reference Manual

Modifying a Reflex Workflow

Transcription:

This article describes how you can perform a CA SiteMinder basic set up and configuration to provide CA Wily APM authentication before deploying CA EEM for. This example describes these tasks: Configure SiteMinder policy Configure EEM to connect to SiteMinder This example set up uses 4 machines. You ll install the required components on each machine as follows: Machine 1: SiteMinder Policy Store, Admin UI, and SunOne LDAP user directory Machine 2: SiteMinder Web Agent, Introscope EM Machine 3: CA EEM Machine 4: SiteMinder UI (called SiteMinder WAM UI) This diagram shows what the CA EEM/SiteMinder integrated environment looks like when the set up is complete. 1/31

Install SiteMinder Verify that SiteMinder is installed and working correctly. Start the SiteMinder UI Go to the WAMUI machine and start the task engine. Start ->Programs->CA->IAMSuite->siteminderWAM->Start Task Engine Go To Start > Programs > CA > IAM Suite > siteminderwam > SiteMinder Administrative User Interface Or http://<wamui ServerNAME>:8080/iam/siteminder Log in using credentials from your LDAP install that SiteMinder is configured to use. 2/31

The SiteMinder WAM Administrative UI appears. 3/31

Register the SiteMinder UI with the SiteMinder Policy server Note: Before you can add the UI, you must register it first with the SiteMinder Policy server. Run the command below on the SiteMinder machine. In this example, smui2 is the client name. Your client name must be a unique value that was not previously used on this server. xpsregclient smui2:123getout adminui su t 1440 The second value is the passphrase that will be used. (In this example the passphrase is 123Getout). This passphrase is needed when you register a Policy server with the WAM UI. Add the SiteMinder UI. In the SiteMinder WAM UI screen, click on the Administration tab > UI > Register Administration UI Server. Enter the server information and the client registration information that you entered when you ran the xpsregclient command to register the SiteMinder UI with the Policy Server. 4/31

Go to the Infrastructure tab. Click Agent > Create Agent. Select Create a new object of type Agent. 5/31

6/31

Select Support 4.x agents. Enter the IP address of the Web Agent machine. Enter a Shared Secret. Click Submit. 7/31

Go to Agent Configuration. Click on Create Agent Configuration. Create a copy of an object of type Agent Configuration. Select IISDefaultSettings. Click OK. 8/31

Enter the Name. Click on the icon to edit the Parameter for the DefaultAgentName. 9/31

Remove the # from the Parameter name. Set the value to the agent name that you created earlier (i.e. smagent). Click OK. Edit the AllowLocalConfig parameter. Change the value to Yes. (This parameter might be on the second page) 10/31

Click OK. 11/31

Go to Infrastructure > Authentication. Click Authentication Scheme > Create Authentication Scheme. Click OK. 12/31

Enter a Name. Select the Authentication Scheme Type: HTML Form Template. Enter the Web Server Name and Port. Click Submit. 13/31

Create the User Directory Go to Infrastructure > Directory. Click User Directory > Create User Directory. Enter the Name for the user Directory. Enter the Server and Port for the LDAP Server (The SunOne Default port is 389). Enter the Administrator Credentials. 14/31

Enter the LDAP Settings and the User Attributes for your LDAP server. Create a Host Configuration Go to Infrastructure > Hosts. Click Host Configuration > Create Host Configuration. 15/31

Enter the Host Config Name. Enter the Policy Server IP Address. Click Submit. 16/31

Create a Domain Go to Policies > Domains. Click Domains > Create Domain. Click the Add/Remove under the User Directories. Select the user directory that you created. 17/31

Click OK. 18/31

Click Submit. Create a Realm Go to Policies > Domains. Click Realm > Create Realm. 19/31

Select the domain you created Click Next. Enter the Realm Name. 20/31

Use the Browse button to select the Agent you created. Set the Authentication Scheme to the Scheme you created. Click Finish. 21/31

Create a Rule Go to Policies > Domains. Click Rule > Create Rule. Select the Domain. Select the Realm you created and click Next. 22/31

Enter the Rule Name. Select both Get and Post in the Action section. Click Finish. 23/31

Create a Policy Go to Policies > Domains. Click Policy > Create Policy. Select your Domain and click Next. Enter the Policy Name, then click Next. 24/31

Click Add All in the User Directories section. Click Next. 25/31

Click Add Rule. Select the Rule you created Click OK. Click Next. Click Finish. 26/31

Enable the Policy you created Go to Policies > Domains. Click Policies > Modify Policy. Select the Policy you created. Select the box to Enable the Policy. Click Submit. 27/31

Configure the WebAgent.conf and SmHost.conf You can manually edit the conf files, or run the ca wa config.cmd. WebAgent.conf C:\CA\webagent\bin\IIS\WebAgent.conf Open the file in notepad Enter the AgentConfigObject (Agent config you created) Enable the Web Agent AgentConfigObject="MyAgentConfig" EnableWebAgent="YES" SmHost.conf C:\CA\webagent\config\SmHost.conf Enter the Host Config Object (Host Config you created hostconfigobject="myhostconfig" Carry out final steps and confirmations Restart IIS on the Web Agent Machine. You can run the command iisreset on the Web Agent machine to restart IIS. To check your SiteMinder configuration. connect to a default IIS page. http://<webagentmachine>.ca.com/iisstart.htm At the Please Login page, you will be prompted for the SiteMinder Authentication. Enter the login credentials from your LDAP. 28/31

You will then be able to view the IIS page. Connect to your CA EEM server. http://localhost:5250/spin/eiam/eiam.csp Select the Configure tab. Go to EEM Server > Global users / Global Groups. Select Reference from CA SiteMinder. 29/31

Host: <SiteMinder Server Machine> Admin Name: <SiteMinder Admin user> Admin password: <SiteMinder Password> Agent name: smagent (agent you created in SiteMinder) Agent Secret: (enter the agent secret that you used when you created the agent) Authorization Store Type: Sun ONE Directory Authorization Store Name: wilyuserdir (Directory name that you created) Authentication Store Name: wilyuserdir (Directory name that you created) Click Save. The status should change to succeeded and loaded. 30/31

You now need to configure CA EEM and LDAP with the Access Policy and Groups needed for CA Wily APM. For more information, see the CA Wily APM Security Guide or KB article 2450: CA Wily APM security example: Setting up CA Wily APM users, groups, and resources in CA EEM. 31/31

2024 © travelsdocbox.com Privacy Policy | Terms of Service | Feedback