AnsweredAssumed Answered

SiteMinder r12.52 - Federation Partnership (no "application URL" parameter/field)

Question asked by dmt953 on Nov 9, 2016
Latest reply on Jan 8, 2019 by dmt953

Hi Folks,

 

We had been using the Legacy FSS UI to create SAML Service Providers configurations.  Using the FSS UI we create a new SAML Service Provider and within this configuration UI there is a "Application URL" field where we specify the URL to the custom application that will retrieve additional user attributes and then pass it back to the custom Assertion Generator Plugin (AGP).

 

With our new SiteMinder r12.52 SP1 CR05, we are encouraged by CA to start using the Federation Partnership method of creating SAML configuration because the "Legacy Federation" method will eventually be discontinued.  What we noticed as we're giving the "Federation Partnership" method a try is that when creating a new "Partnership" the configuration wizard does not have the "Application URL" field/parameter for us to defined so that SiteMinder can redirect the federation request to this custom application to collect additional user information to be passed back to the Custom Assertion Generator Plug-in.

 

Is there a different way of accomplishing this with the r12.52 version or am I missing a step?

 

In case folks may still be unclear about my question regarding the "Application URL" field, here is the SiteMinder Administrative UI "Help" description of this configuration field:

 

Application URL

(Optional) Identifies the protected URL for a custom web application that is used to supply user attributes to the CA SiteMinder® Single Sign-on service. The application can be on any host in your network.

Attributes from the web application specified in this field are made available to the Assertion Generator and then placed in the SAML assertion by an Assertion Generator plug-in. You create the plug-in and integrate it with CA SiteMinder®.

The Federation Web Services application supplies sample web applications that you can use as a basis for your web application. They are:

http://idp_server:port/affwebservices/public/sample_application.jsp

http://idp_server:port/affwebservices/public/unsolicited_application.jsp

idp_server:port

Identifies the web server and port hosting the Web Agent Option Pack or SPS federation gateway.

 

 

 

Thanks in advance!

 

Duc Tran

Outcomes