Expand my Community achievements bar.

SOLVED

Configuring siteminder in AEM6

Avatar

Level 4

Hi,

I want to implement CA siteminder in AEM 6 on publisher. The way it is going to work is that the end user of the application will use a login form and enter into the application. On successful application the user will land on a homepage where she will be able to see her personal information like name, date of birth, medical history and all sort of data. On providing wrong password the user will get an error message. It's like any normal web application. The problem here is that all the user information will be coming from the back end i.e. web services. No user or minimal information will be saved in CRX. I have done some reading on siteminder and found out that some configurations will have to be done on Apache that checks for request. If it's /secure/ the request is redirected to siteminder which upon successful validation redirects to the /homepage.html and passes a number of HTTP headers like userrole. Additionally a cookie SMRESPONSECODE will also be passed. For userrole 'employee' the value of SMRESPONSECODE is 0 and for userrole employer the SMRESPONSECODE is 4. In case of failure, it redirects back to login page with SMRESPONSECODE value being 1 or 2 or 3 depending upon the reason of failure ranging from no user found to wrong password. Also, when SMRESPONSECODE is 3, SITEMINDER will pass some more cookies(to the login page). 

I have also gone through this page https://docs.adobe.com/docs/en/aem/6-0/deploy/configuring/single-sign-on.html and found out that Adobe Granite SSO Authentication Handler will have to be configured. But I am still not sure what all header names/cookies I need to configure. Also, I would like to know what all configurations I need to do. 

Any pointers are appreciated. 

Thanks in advance

1 Accepted Solution

Avatar

Correct answer by
Employee

Have you looked using SAML Authentication to establish SSO with CA SiteMinder. Required configuration for SAML Authentication has been documented here:

https://helpx.adobe.com/experience-manager/kb/saml-demo.html

http://docs.adobe.com/docs/en/cq/current/core/administering/saml-2-0-authenticationhandler.html

For SSO using Request Header, The header is SM_USER and AsIs ID Format for SiteMinder. It has been mentioned here:

https://docs.adobe.com/docs/en/cq/current/deploying/single_sign_on.html#Configuring%20SSO

Thanks

Sammit

View solution in original post

3 Replies

Avatar

Correct answer by
Employee

Have you looked using SAML Authentication to establish SSO with CA SiteMinder. Required configuration for SAML Authentication has been documented here:

https://helpx.adobe.com/experience-manager/kb/saml-demo.html

http://docs.adobe.com/docs/en/cq/current/core/administering/saml-2-0-authenticationhandler.html

For SSO using Request Header, The header is SM_USER and AsIs ID Format for SiteMinder. It has been mentioned here:

https://docs.adobe.com/docs/en/cq/current/deploying/single_sign_on.html#Configuring%20SSO

Thanks

Sammit

Avatar

Level 4

`Thanks for the reply. I have gone through the URLs already but couldn't find enough information.

Avatar

Level 1

Hi guys, any new information about this subject?