Skip navigation
All Places > CA Security

CA Single Sign-On

Log in to follow, share, and participate in this community.

Recent Activity

Hello all,   I have SiteMinder 12.52 environment set up with SPS servers. The customer's requirement is to have an SSO between 2 native applications on the same device, meaning, once the user has logged in to one of them, he will be able to use the other one seamlessly. All session management must be done against SiteMinder Policy Server and… (Show more)
in CA Single Sign-On
What is the current best practice for securing script (Like AngularJS) based applications with CA SSO? We have multiple Angular applications that need to be integrated with CA SSO, that make API calls on behalf of the user. Session cookies (set to HTTPONLY) do not seem to be a good fit for these technologies. What tools in the SSO toolbag work… (Show more)
in CA Single Sign-On
I have Windows 2008 R2 box with CA SSO Policy server  and Admin UI installed Another box has CA Secure Proxy server I am trying to configure CA Secure Proxy server to the policy server. Getting the below error, the agent is created in the policy server but proxy server complains. It accepted the Trusted host and Host configuration from the same… (Show more)
in CA Single Sign-On
Hi everyone:   Now is a great time to upgrade your CA Single Sign-On deployment! We recently released CA Single Sign-On 12.7 with several new features and enhancements: REST APIs for administration operations, OpenID Connect 1.0 support, Integrated Windows Authentication (IWA) fallback to forms-based authentication, and Remote Engineer 4.0… (Show more)
in CA Single Sign-On
Hi, I need to deploy seamless SSO for mobile and AD desktops. This SSO is used to access remote SP (SFDC). For AD desktops, I selected IWA as my seamless authentication method. For mobile, x509 client certificate.  There is only one URL that can be used as SSO URL at the SP side, so it means that I need to protected the saml2sso service with… (Show more)
in CA Single Sign-On
Hi everyone   I have an instalation  of CA Single Sign-ON (v. 12.6.01) with a Policy Server  integrated with Ca Access Gateway. I can acces to a resource that is protected by de PS through the Access Gateway with a Basic Authentication Scheme (in this case a web page e.g. for test purposes). Now, i want to enable the Windows… (Show more)
in CA Single Sign-On
CA SSO 12.7 is out and includes OpenID Connect Authorization code flow out of the box!  This extends the numerous SSO access tokens and architectures already supported by the product.   Attached is a runbook I created based on lab experience setting up agent less SSO using JWT tokens using opensource Apache module mod_auth_openidc.    There are… (Show more)
in CA Single Sign-On
As of  now in CA Single Sign on 12.7, the authentication  chaining feature is available for IWA. For our Apache based credential collection infrastructure NTLM and IWA are impractical.  We would like to have this Authentication Chaining feature for Siteminder Kerberos Authentication Scheme(implemented on Apache Webservers).
LDAP policy store allows lengthy value for ACO paramters (over 4000 characters) but not ODBC policy store. This ODBC policy store limitation prevents customer from XPSImport on migration or AdminUI input, resulting in such an error as: Attribute Attributes[33]="AgentName=2=longAgentNameHere" value has too many characters. Actual: 5034, Maximal:…
1. Introduction   Here is what we are aiming to achieve.  We would like to keep a record of the changes made to a policy store under revision control, and to be able to see when policy changes have occurred and view the differences between revisions.    The above picture shows the revision history diaog and in the background (in blue/red/black) a…
in CA Single Sign-On
Load more items