Hi, I have to create send the SAML response with alternate email attribute value, if original mail attribute value is null. Ex: If LDAP attribute “mail” value is null, need to send another attribute “altemail” value in response. I am new to writing OGNL expressions for federation. Could someone help me on this and […]
Hi, I recently upgraded the policy server from 12.52 Solaris to 12.8 linux. I have a reverse proxy in place on which the webagent is installed for 12.52. After upgrading the policy server, I updated the SmHost.conf file on the reverse proxy server to point to new Policy server and commented the existing Policy […]
Hi, I am protecting an application using CA SSO and I need to allow users to authenticate via an external IdP using OpenID Connect. Is it possible to establish a federation partnership between CA SSO as Relaying Party (RP) and the external OIDC IdP as OpenID Provider (OP)? Can’t seem to find this use case […]
Case: I am in a project where I should implement CA SSO for many application. I also implementing CA Identity Suite and CA Access Gateway in the systems. Questions: 1. What is the best case for the user to access the applications? 2. Is CA can provide us a page where it shows the […]
We see that duplicate user directories (userdirectory1 shown twice and userdirectory2 shown twice) were tied to the domain. The policy server version we are using is 12.52 SP2 CR01 and we are using ADLDS for policy store database. To be precise we have been doing the configurations under the same domain since 2 years and […]
Does someone know if there is an analytical took that is user friendly out of the box and is compatible with CA SSO? Source: New feed {pubDate}
Hi All, I’m trying to do inplace upgrade from r12.52 SP2 to R12.8 SP1. UpgradeReadinessCheck tool is not connecting to policy store during the upgrade, But I continued at that moment. Even after upgrading, I’m getting the same error. C:Users>UpgradeReadinessCheck -u siteminder -of test1234.txt [Enter siteminder password]: ********* INFO: Starting UpgradeReadinessCheck ….. ERROR: […]
Is it possible to validate an attribute from header say email address from a form and validate with the domain, ie “@xyz.com” and redirect to different uri. For example: if user is from xyz, validate the header from onauthattempt event in response and redirect to another uri. If its possible, how to write a […]
Is it possible to move Derby DB to External DB? If thats not possible, how to preserve Derby DB data effectively. Regards, Joseph Christie Source: New feed {pubDate}
I downloaded the procedure to configure federation in CA SDM 17 https://docops.ca.com/ca-service-management/17-1/en/installing/post-installation-tasks/ca-service-desk-manager-post-installation-tasks/enable-saml-authentication-for-ca-sdm I followed all steps, but when I try to access SDM , use this link to redirect to IDP on CA SSO http://d1apcassoagw01.minedu.gov.co/affwebservices/public/wsfeddispatcher?wa=wsignin1.0&wtrealm=https%3a%2f%2fd3apservidesk%3a443%2fCAisd%2fpdmweb.exe&wctx=rm%3d0%26id%3dpassive%26ru%3d%252fCAisd%252fpdmweb.exe&wct=2019-01-14T23%3a11%3a52Z&wreply=https%3a%2f%2fd3apservidesk%3a443%2fCAisd%2fpdmweb.exe I have an error , and I didn’t find documentation about how to configure the federation […]