CA Service Management

We have below scenario in our environment (CA ITSM 14.1)

Application servers - 3

Background server - 1

Standby server - 1

There is a single load balancer link (Citrix load balancer) for users

We are using pass through authentication(single sign on)

As informed by CA support attachment not working on IIS hence we are enabling tomcat as web server (with SSL 8443) however pass through(single sign on) not supported by CA on tomcat.

After searching through previous articles found a link which discusses about 'waffle'  however when I downloaded the zip file, I did not found .jar files mentioned in the article, also article seems to be removed from CA site and not valid anymore. Also found that waffle have issues with Citrix load balancer.

So in current scenario we can not use file upload functionality or we need to give up with single sign on functionality in CA Service Desk.

Please provide me a way to resolve this issue

I think you have the wrong information - you can use IIS (with SSO) AND Tomcat (for attachments) at the same time. The Tomcat servlet responsible for attachments is not using SSO to authenticate users.

Hi Cristi,

Thanks for your reply.

I will update the configuration and check for issue.

Yes In fact, I received wrong information. I have done re-configuration also I found issue with SSL certificate (expired). After updating everything is working as expected.

Thank you Cristi and Anthony for your help.

There is no officially supported way to enable NTLM in tomcat. However, there is a way to enable it. You can use a third party library called WAFFLE. You can find how to set it up at this KB article:

How to Enable NTLM Authentication for CA SDM Tomca - CA Knowledge 

As for SAML there is no supported way to do it before 17.1. 17.1 does support SAML now though.

Enable SAML Authentication for CA SDM - CA Service Management - 17.1 - CA Technologies Documentation