Tech Tip : SOI & SmartCard Reader

Document created by Sheryn Employee on Nov 3, 2014Last modified by Sheryn Employee on Nov 7, 2014
Version 2Show Document
  • View in full screen mode

Service Operation Insight does not have any interface to directly accept Smart Card Authentication.

SOI is not the product that authenticates users; It ask's for user credentials or accepts tokens; specifically EEMSESSION or SMSESSION tokens from other products that authenticated the user already, then passes the information to  EEM.

This is only possible through integration with SiteMinder see EEM Documentation

 

CA Embedded Entitlements Manager  "Programming Guide".

 

How Single Sign-on Works between CA SiteMinder and CA EEM  

 

If you use an application that has an existing CA SiteMinder session to access an CA EEM enabled application, CA EEM recognizes the CA SiteMinder session ticket and creates an CA EEM session without re-authentication.

The following is the basic flow of events for application created using CA EEM with CA SiteMinder integration:

 

Example: Protecting a web application using CA SiteMinder

A web application using CA EEM with web server pages protected by CA SiteMinder is considered.

  1. A user accesses a web application.
  2. CA SiteMinder prompts for user authentication and the user submits credentials and is authenticated.
  3. The user tries to access the original web application created using CA EEM.
  4. Servlet code accesses the HTTPServletRequest context and sends the CA SiteMinder session token to the CA EEM using authenticateWithArtifact.
  5. CA EEM Server validates the CA SiteMinder session against the CA SiteMinder Policy Server.
  6. An CA EEM session is created and the user identity is loaded, if validation succeeds.

Attachments

    Outcomes