Configuring SiteMinder for Integration with PPM

Before you configure SiteMinder for use with PPM, make sure that the Policy Server is working correctly and that the User Directory to be used for PPM authentication is correctly configured. The SiteMinder Test Tool is useful for verifying that the installation is functioning correctly.

Configuring SiteMinder for PPM is the same as configuring any other type of protected resource in SiteMinder. Use the SiteMinder Policy Server User Interface to update the SiteMinder configuration entities as necessary. For both mixed and SSO modes, four standard SiteMinder configurations should exist: Host Configuration Object, User Directory, Policy Domain, and Policy.

To configure SiteMinder for integration with PPM, perform the following steps.

Caution: These steps must be performed by a SiteMinder administrator.

  1. Create a new Web agent.

  2. Create a new Web Agent Conf object.

  3. Double-click the new Agent Conf Object to open the Properties window.

  4. Create a realm for PPM to protect resource /itg/*, and specify the name of the agent you created in step 3 for this realm.

It is important to understand that PPM reads the information that SiteMinder automatically injects into the HTTP Request header.

PPM relies on the following user attributes:

  • SM_USER. For an authenticated user, this parameter specifies the user distinguished name (DN). For an unauthenticated user, this is the user ID as specified by the user at logon.

  • SM_SERVERSESSIONID. This parameter specifies the session ID of a user who has already authenticated, or the session ID that is to be assigned to the user upon successful authentication.

  • SM_SERVERSESSIONSPEC. This parameter specifies the user's session ticket.

Note: For configuration details for these and other SiteMinder parameters, see the SiteMinder documentation.