The web agent is installed on a web server that intercepts requests for EPM System resources. Attempts by unauthenticated users to access a protected EPM System resources forces the web agent to challenge users for SSO credentials. When a user is authenticated, the policy server adds the login name of the authenticated user, which is carried by the header. Thereafter, the HTTP request is passed to the EPM System web server, which redirects the requests. EPM System components extracts the authenticated user credentials from headers.
SiteMinder supports SSO across EPM System products running on heterogeneous web server platforms. If EPM System products use different web servers, you must ensure that the SiteMinder cookie can be passed among web servers within the same domain. You do so by specifying the appropriate EPM System application domain as the value of the Cookiedomain property in the WebAgent.conf file of each web server.
See the “Configuring Web Agents” in the Netegrity SiteMinder Agent Guide.
Note: | Because Shared Services uses basic authentication to protect its content, the web server that intercepts requests to Shared Services should enable basic authentication to support SSO with SiteMinder. |
You configure the web Agent by running the SiteMinder Web Agent Configuration wizard (by executing WEBAGENT_HOME/install_config_info/nete-wa-config;for example, C:\netegrity\webagent\install_config_info\nete-wa-config.exe on Windows). The configuration process creates a WebAgent.conf for the SiteMinder web server.
To enable SiteMinder Web Agent:
Using a text editor, open WebAgent.conf. The location of this file depends on the web server that you are using. If you are configuring the an IIS Server as the SiteMinder web server, the location of WebAgent.conf is WEB_AGENT_HOME/bin/IIS; for example, C:\SiteMinder\webagent\bin\iis\WebAgent.conf.
Set the value of enableWebAgent property to Yes.
enableWebAgent=”YES”