Here's a brief summary of our environment:
We have CA SSO r12.52sp2 setup on Win2012R2 servers
Authentication Store: Active Directory 2012R2 (ADS)
Authorization Store: SQL Sever 2012 SP3 (SQL)
Web Server: IIS 8.5
We use policy domain and legacy directory mapping to protect the web applications.
Users are authenticated by ADS and authorized by SQL. In addition, we created SM responses to send information about the user to the application. these information are stored in SQL.
We need to do likewise for SharePoint 2013 applications.
We setup CA SSO Agent for Sharepoint 12.52sp1cr4.
Similarly, we use policy domain and legacy directory mapping so that users are authenticated by ADS and authorized by SQL.
1. How do we convert those SM responses into identity claims that SharPoint consume?
2. How do add additional claims from authorization directory, i.e. user attributes NOT available the authentication directory?
Any other suggestions or workaround is much appreciated.