Suhas Kamble

How to do Single Sign on with Clarity and sharepoint

Discussion created by Suhas Kamble on May 19, 2017
Latest reply on Jul 4, 2018 by MarianMitter1311031

Ca provides file /webroot/sso-template-jsp.txt

 

copy this to new file 

 

cp sso-template-jsp.txt singlesignon.jsp

 

 

And have Sharepoint or any asp.net webpage authenticate the user and redirect to this file with username= parameter set 

 

And the SSO starts working. (I added encryption decryption later for obvious reasons)

 

This worked fine in Dev for me but the same did not work in Stage and Prod so I was stuck. Non of the logs helped and kept getting Error 403 (forbidden)

 

CA support help to the rescue and pointed me to webroot/WEB-INF/web.xml

 

There is this section

<filter-class>com.niku.union.web.filter.ClarityContentFilter</filter-class>
<init-param>
<param-name>allowedList</param-name>
<param-value>DefaultPrint.css,FeaturePrint.css,pagebutton-center.png,Login.gif,ajax-impls.js,ajax.js,lookupManagement.js,DefaultScreen.css,DocMgrScreen.css,LinkActions.js,common.js,Theme.css,FeatureScreen.css,Feature.css,smallFont.css,spacer.gif,WdgError.gif,Spacer.gif,/timesheet,spacer.png,blue.gif,eMailLogo.gif,workspace.png,BOServerStatus.jsp,monitor.jsp,monitor_lite.jsp,common.png,/login,/logoff,min.js,min.css,shortcut.ico,favicon.ico,s.gif,_header.gif,cache.js,gantt.js,hook.js,/nu,/app,.cache.html,hosted.html,pie.htc,/odata*,/odata.v2*,/soap,/sched,/xog,/proxool*,/wsdl*,/test.html,blue.gif,spacer.png,eMailLogo.gif,/,sso.jsp</param-value>

 

 

I just added the last 8 characters (allowed the new file to be browsed) and it works just fine.

 

What I understand this says is these executable files are not harmful and are permitted to execute. all others are blocked.

 

I remember web,xml did this to me in past but good to know again. Documenting it here as I dont want to spend days on this again.

 

I love CA Support when they dont redirect to Service saying it is not what Support does! Kudos!!!

Outcomes