Expand my Community achievements bar.

Dive into Adobe Summit 2024! Explore curated list of AEM sessions & labs, register, connect with experts, ask questions, engage, and share insights. Don't miss the excitement.
SOLVED

Help in integrating Enterprise Siteminder with AEM6 for SSO

Avatar

Level 2

Hi Experts,

We are trying to integrate AEM6 with Enterprise Siteminder for SSO implementation. Please note that we are not using LDAP. All internal users reside in siteminder whereas external users would be stored in CRX.
 
My Queries,
1) Is it a straight forward implementation?
2) Do we have to write a custom login module for redirecting from Siteminder to AEM ?
3) What all are the parameters expected from Enterprise Siteminder for the implementation?
     a) IDP Url
     b) IDP public certificate
     c) anything more?
4) Entity ID / Audience - ?
5) SSO Assertion consumer service endpoint / URL ?

 

Regards,

Manjith

1 Accepted Solution

Avatar

Correct answer by
Level 10

If you are talking about  SiteMinder integrated with Sun OpenSSO support of saml2 then

  1. Yes you need to configure & details at [1].
  2. Destination at saml should take care of landing. No need of special implementation.
  3. Refer [1]
  4. Refer [1]
  5. Refer [1]

[1]

http://docs.adobe.com/docs/en/cq/current/core/administering/saml-2-0-authenticationhandler.html

https://helpx.adobe.com/experience-manager/kb/saml-demo.html

View solution in original post

3 Replies

Avatar

Correct answer by
Level 10

If you are talking about  SiteMinder integrated with Sun OpenSSO support of saml2 then

  1. Yes you need to configure & details at [1].
  2. Destination at saml should take care of landing. No need of special implementation.
  3. Refer [1]
  4. Refer [1]
  5. Refer [1]

[1]

http://docs.adobe.com/docs/en/cq/current/core/administering/saml-2-0-authenticationhandler.html

https://helpx.adobe.com/experience-manager/kb/saml-demo.html

Avatar

Level 2

What would #5,  SSO Assertion consumer service endpoint / URL, above be?

This is not clear from:  https://docs.adobe.com/docs/en/aem/6-0/administer/security/saml-2-0-authenticationhandler.html

Is the SAML Authentication Handler "Default Redirect" property the SSO Assertion consumer service endpoint?

Avatar

Level 9

Hi,

It should end with /saml_login

Thanks,