JKW

SAML2.0 Authentication APM 10.1 not working

Discussion created by JKW on Jun 29, 2016
Latest reply on Jun 29, 2016 by Hiko_Davis

We are trying to configure SAML authentication in APM 10.1. We have it partially working, but there appears to be no method to pass parameters as part of the request.  The IDP side is Siteminder. The problem we are having is being able to create 3 URL's to pass to Siteminder. If we just use one, it works. The question is how does SAML Authentication on APM 10.1 pass parameters to siteminder? For example, there are three potential URL's to authenticate:

 

 

1) CEM

2) WebStart

3) WebView

 

 

The config file contains the following (IntroscopeEnterpriseManager.properties):
     introscope.saml.idpUrl=https://mysite.com/idp/redirect.jsp?SPID=WEVIEW
     introscope.saml.issuer=WEBVIEW
     introscope.webstart.issuer=INTROSCOPE

 

Siteminder requires the SPID of the incoming idpUrl.  So, using SPID=Webview works fine, likewise, I can say SPID=INTROSCOPE and it works fine. However, what we need is for the saml.issuer and webstart.issuer to pass the parameter as part of the request, when someone goes to Webview or clicks on Introscope Workstation webstart.

 

 

Also, there appears to not be a method to use SAML with CEM.

 

I was wondering if anyone was using SAML and got it working with the 3 main links in APM.

 

Thanks, JKW

Outcomes