Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

This section describes how to use SiteMinder SSO for validating users authentication.
XpoLog's integration to SiteMinder supports a scenario where there are SiteMinder's web agents in-front of XpoLog. Users are performing the login operation directly against the SiteMinder, and then being redirected to XpoLog. XpoLog is validating the users authentication and retrieving the information which was passed by the SiteMinder. 

The SiteMinder settings include:

  • General
     
    • User header key - key used by the SiteMinder on authenticated users in case where information can be retrieved from the HTTP header (comma separated list. For example: HTTP_SM_USER, HTTP_UID)
      XpoLog is using the header key(s) to validate the user's authentication and to retrieve information regarding the user. If more than one key is provided, XpoLog will use the keys one by one to try and retrieve the information.
    • Client cookie name - cookie name used by the SiteMinder on authenticated users in case where information can be retrieved from a cookie  (for example: SMSESSION)
      XpoLog is using the cookie name to validate the user's authentication and to retrieve information regarding the user.
    • Protected URLs - a list of the protected SiteMinder web agents URLs which XpoLog will allow authentication from (comma separated list, wild card supported).
    • Group header key - key used by the SiteMinder, used in order to retrieve from the HTTP header information regarding the authenticated user's group(s). 
      XpoLog is using the header key(s) to retrieve information regarding the user's group(s). If more than one key is provided, XpoLog will use the keys one by one to try and retrieve the information.
    • Group id pattern - used if a specific value should be retrieved from the authenticated user's group.
    • User HTTP request keykey used by the SiteMinder on authenticated users in case where information can be retrieved directly from the HTTP request (comma separated list. For example: HTTP_SM_USER, HTTP_UID)
      XpoLog is using the request key(s) to validate the user's authentication and to retrieve information regarding the user. If more than one key is provided, XpoLog will use the keys one by one to try and retrieve the information.

      Click saveThe SiteMinder configuration is saved.
  • No labels