SSO Plugin. Release notes. J System Solutions. http://www.javasystemsolutions.com Version 3.6

Similar documents
SSO Plugin. Integration for Jasper Server. J System Solutions. Version 3.6

TIBCO Spotfire Platform IT Brief

SSO Plugin. Authentication service for HP, Kinetic, Jasper, SAP and CA products. J System Solutions. JSS SSO Plugin Authentication service

SSO Plugin. HP Service Request Catalog. J System Solutions. Version 3.6

Vyom SSO-Edge: Single Sign-On Solution for BMC Remedy

SSO Plugin. Configuration of BMC Mid Tier, HP Web Tier and Authentication Service. J System Solutions. Version 4.

SSO Plugin. Authentication service for HP, Kinetic, Jasper, SAP and CA products. J System Solutions. Page 1 of 23.

Q&A Session for Understanding Atrium SSO Date: Thursday, February 14, 2013, 8:00am Pacific

SSO Plugin. Case study: Integrating with Ping Federate. J System Solutions. Version 4.0

Executive Summary. What is Authentication, Authorization, and Accounting? Why should I perform Authentication, Authorization, and Accounting?

SSO Plugin. Installation for BMC AR System and WUT. J System Solutions. Version 3.4

Configuring Single Sign-on for WebVPN

SSO Plugin. J System Solutions. Upgrading SSO Plugin 3x to 4x - BMC AR System & Mid Tier.

Integrating IBM Cognos 8 BI with 3rd Party Auhtentication Proxies

SSO Plugin. Troubleshooting. J System Solutions. Version 3.5

SSO Plugin. Troubleshooting. J System Solutions. Version 3.4

Crawl Proxy Installation and Configuration Guide

SSO Plugin. J System Solutions. Troubleshooting SSO Plugin - BMC AR System & Mid Tier.

Plugin Single Sign On Version 1.2 Installation Guide

Vyom SSO-Edge: Single Sign-On for BMC Remedy

White Paper March 1, Integrating AR System with Single Sign-On (SSO) authentication systems

PingFederate. SSO Integration Overview

BMC Software Webinars 2013 Atrium Single Sign On (Atrium SSO)

SchoolBooking SSO Integration Guide

HP Asset Manager. Implementing Single Sign On for Asset Manager Web 5.x. Legal Notices Introduction Using AM

Enabling Single Signon with IBM Cognos ReportNet and SAP Enterprise Portal

Identity Management in Liferay Overview and Best Practices. Liferay Portal 6.0 EE

Enabling Single Signon with IBM Cognos 8 BI MR1 and SAP Enterprise Portal

Deploying RSA ClearTrust with the FirePass controller

CA SiteMinder. Implementation Guide. r12.0 SP2

Security Provider Integration Kerberos Authentication

Password Power 8 Plug-In for Lotus Domino Single Sign-On via Kerberos

Agenda. How to configure

Leverage Active Directory with Kerberos to Eliminate HTTP Password

SSO Plugin. Integrating Business Objects with BMC ITSM and HP Service Manager. J System Solutions. Version 4.

SSO Plugin. Installation for BMC AR System. J System Solutions. Version 4.0

Federated single sign-on (SSO) and identity management. Secure mobile access. Social identity integration. Automated user provisioning.

Active Directory Integration. Documentation. v1.02. making your facilities work for you!

SSO Plugin. Integration for BMC MyIT and SmartIT. J System Solutions. Version 4.0

Using SAP Logon Tickets for Single Sign on to Microsoft based web applications

Securing SAS Web Applications with SiteMinder

User Pass-Through Authentication in IBM Cognos 8 (SSO to data sources)

Active Directory Requirements and Setup

Single Sign On (SSO) solution for BMC Remedy Action Request System

Authentication and Single Sign On

Perceptive Experience Single Sign-On Solutions

TROUBLESHOOTING RSA ACCESS MANAGER SINGLE SIGN-ON FOR WEB-BASED APPLICATIONS

CA SiteMinder SSO Agents for ERP Systems

Siteminder Integration Guide

Single Sign On In A CORBA-Based

September 9 11, 2013 Anaheim, California 507 Demystifying Authentication and SSO Options in Business Intelligence

Single Sign-on (SSO) technologies for the Domino Web Server

Configuring Single Sign-On for Documentum Applications with RSA Access Manager Product Suite. Abstract

Integrating Hitachi ID Suite with WebSSO Systems

CA Single Sign-On Migration Guide

From the Intranet to Mobile. By Divya Mehra and Stian Thorgersen

Getting Started with Clearlogin A Guide for Administrators V1.01

Portal for ArcGIS. Satish Sankaran Robert Kircher

Authentication Methods

How To Secure Your Data Center From Hackers

SAML-Based SSO Solution

PingFederate. Integration Overview

Configuring IBM Cognos Controller 8 to use Single Sign- On

Session Code*: 0310 Demystifying Authentication and SSO Options in Business Intelligence. Greg Wcislo

Xerox DocuShare Security Features. Security White Paper

Secure the Web: OpenSSO

Extending Microsoft Windows Active Directory Authentication to Access HP Service Health Reporter

Securing WebFOCUS A Primer. Bob Hoffman Information Builders

PingFederate. IWA Integration Kit. User Guide. Version 3.0

HTTP connections can use transport-layer security (SSL or its successor, TLS) to provide data integrity

Cisco ASA Adaptive Security Appliance Single Sign-On: Solution Brief

UPGRADING TO XI 3.1 SP6 AND SINGLE SIGN ON. Chad Watson Sr. Business Intelligence Developer

White Paper BMC Remedy Action Request System Security

QLIKVIEW SECURITY OVERVIEW

IUCLID 5 Guidance and Support

Single Sign On. Configuration Checklist for Single Sign On CHAPTER

BMC Remedy Integration Guide

How-to: Single Sign-On

PingFederate. IWA Integration Kit. User Guide. Version 2.6

How To - Implement Single Sign On Authentication with Active Directory

How To Use Netscaler As An Afs Proxy

SSO Methods Supported by Winshuttle Applications

NetworkingPS Federated Identity Solution Solutions Overview

Building Secure Applications. James Tedrick

Allidm.com. SSO Introduction. Discovering IAM Solutions. Leading the IAM facebook/allidm

Symplified I: Windows User Identity. Matthew McNew and Lex Hubbard

Alex Wong Senior Manager - Product Management Bruce Ong Director - Product Management

How To Use Netiq Access Manager (Netiq) On A Pc Or Mac Or Macbook Or Macode (For Pc Or Ipad) On Your Computer Or Ipa (For Mac) On An Ip

Centrify Mobile Authentication Services

Identity. Provide. ...to Office 365 & Beyond

Web Express Logon Reference

NetIQ Access Manager 3.2 integration

CA Spectrum and CA Embedded Entitlements Manager

Web Applications Access Control Single Sign On

About Me. Software Architect with ShapeBlue Specialise in. 3 rd party integrations and features in CloudStack

OpenAM. 1 open source 1 community experience distilled. Single Sign-On (SSO) tool for securing your web. applications in a fast and easy way

Transcription:

SSO Plugin Release notes J System Solutions Version 3.6

JSS SSO Plugin v3.6 Release notes What's new... 3 Improved Integrated Windows Authentication... 3 BMC ITSM self service... 3 Improved BMC ITSM Incident integration... 3 Improved user interface... 4 Improved Active Directory account creation tool... 4 Configuration simplification on BMC AR System... 4 Native CA SiteMinder and RSA Access Manager (ClearTrust) support... 4 LDAP authentication... 5 Upgrades for existing customers... 6

Page 3 of 6 What's new We are pleased to announce the next major release of the JSS SSO Plugin, the industry standard SSO implementation for BMC and HP products, featuring new integrations and enhanced existing functionality. This document presents the notable changes and key bug fixes to the SSO Plugin. Improved Integrated Windows Authentication This has other names, such as Windows Active Directory authentication and is the process of opening Internet Explorer (or other browsers) in a corporate Windows Domain and accessing an application without logging in. In previous versions of SSO Plugin, a computer service account was required for each Java web server (ie Apache Tomcat running BMC Mid Tier, HP Web Tier, etc.) to enable NTLM authentication, part of the IWA protocol. This version of SSO Plugin provides a tightly integrated solution that requires no computer account when running the Java web server on a Windows server machine. BMC ITSM self service Administrators know how difficult it is to keep the ITSM application up to date with users joining the organisation. Administrators have to run nightly LDAP queries that consume vast amounts of server resources, often resulting in few changes to the database. The product now boasts ITSM self service registration facilities for users who do not have an ITSM account. The user is required to enter a few pieces of information (first and last name, an email address and a phone number), and the product automatically creates an account and provisions access. BMC ITSM does not offer this functionality and there are no third party tools to achieve anything similar. Improved BMC ITSM Incident integration BMC ITSM has no facility to automatically raise an incident when a user can not access the system. This results in an unhelpful user experience for ITSM users, who see login pages or 'access denied' pages when trying to access ITSM with a simple match SSO user to ITSM user solution. SSO Plugin provides functionality to manage user access issues and automatically raise an incident. This functionality has existed for a couple of years and has been extended in this release. The incident field mapping is now fully user customisable, and different mappings can be attached to different types of authentication issue. For example, the incident may need to be routed to one team for Kerberos/NTLM issues, and another team for ITSM group provisioning. BMC ITSM does not offer this functionality and there are no third party tools to achieve anything similar.

Page 4 of 6 Improved user interface SSO deployments are not always simple and can be complicated when dealing with built-in Active Directory integration and load balancers. The product user interface continues to improve and help users avoid misconfiguration, and more improvements are present in this release, ie. Providing links to online tutorials on how to configure SSO Plugin in various deployments, when the product thinks the configuration may not be correct. Automatically detecting common mis-configurations with Apache Tomcat and providing links to tutorials on how to correct these issues. Monitoring the BMC AR System configuration file (ar.cfg) for misconfiguration. The user's groups (in BMC AR System or HP Service Manager) are listed in the Test SSO page. Improved Active Directory account creation tool The product includes a script called set-service-account.cmd which can be used to create a computer account and assign Service Principal Names (SPNs). Given most deployments involve multiple Java web servers behind a load balancer, the script has been improved to generate all of the accounts required for this type of deployment, ie a computer account for each NTLMv2 configuration, and a shared account for the Kerberos configuration. Configuration simplification on BMC AR System Previous releases had configurable Mid Tier and Windows User Tool shared keys. These have now been removed in place of the jss-sso-salt value in the ar.cfg file. This value was always more random and longer than the shared keys. Native CA SiteMinder and RSA Access Manager (ClearTrust) support Previous versions of SSO Plugin used an Apache front end to provide the SSO username for CA SiteMinder and RSA Access Manager. Both of these products provide a Java library to process their own SSO tokens, and SSO Plugin now supports both of them. Previously, the SiteMinder and Access Manager configuration options merely looked for the correct HTTP headers. These configuration options now reveal configuration for both of these products, however they are only enabled if the relevant APIs have been found: SiteMinder: The smjavaagent.jar file must be present on the classpath, and the Netegrity native libraries must also be configured with the Java web server. ClearTrust: The ct_runtime_api.jar must be present on the classpath. For installations that will continue to use an Apache front end, the custom header/cookie configuration option can be used to retrieve the SSO username.

Page 5 of 6 Given these two features are new and each SiteMinder/ClearTrust deployment is different in some way, JSS will provide testing/installation support for customers interested in removing the Apache front end and using SSO Plugin's native support. LDAP authentication Some organisations need to integrate with a traditional LDAP and whilst this does not provide a seamless sign-on, ie open Internet Explorer and access an application without logging in, it does provide a single point of sign on between different applications, ie BMC/HP ITSM and SAP Business Objects. This release of SSO Plugin provides an LDAP authentication module that s easily configurable from the user interface.

Page 6 of 6 Upgrades for existing customers The release is available at no cost to customers that are enjoying our support service. Simply download the product and consult the installation manual for upgrade steps, or contact JSS support for assistance.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information