Hi Team,
We are looking for an answer on how to create a reverse proxy solution in combination with CA SiteMinder, AuthMinder & SiteMinder Agent for Sharepoint.
Scenario:
We integrated SiteMinder, AuthMinder & agent for sharepoint, the solution works fine for internal users. The challenge that we are currently having is exposing SharePoint access to external users with the AuthMinder authentication scheme (ArcotID or OTP).
Challenge/Issue:
We want to put an apache reverse proxy server in DMZ which can act as reverse proxy to above internal servers this way we can only open one port externally. With this configuring we are getting challenges from the internal redirection between the various components involved.
When a user access the external URL, he gets redirected to SiteMinder forms collector (AuthMinder scheme) coming from the IIS fine. After user provides the UserID it does not get redirected to AuthMinder server to enter the OTP.
Hence we are seeking some guidance on how to make this solution work from external facing by mitigating the below redirection issues. Below is the exact flow with various redirections happening internally at this moment
· Step1: User access the External Protected URL -> redirects to http://<IIS server>:80/siteminderagent/adapterSiteMinder/fcc/shim2.fcc (Redirection1) -> The user will enter his AroctID(same as sAMAccountName)
· Step2: From the arcotuserid page -> redirects to http://<AuthMinder server>.za:8080/arcotafm/controller8.jsp (Redirection2) -> User enters the OTP generated on his mobile device
· Step3: On successful authentication -> redirects back to http://<agent for sharepointserver>/sharepointsite (Redirection3)-> This will redirect to sharepoint site defined in the proxyrules.xml
Thanks,
Satya