CA SiteMinder Integration
Computer Associate’s (CA) SiteMinder is a centralized web access management system that enables user authentication and single sign-on, policy-based authorization, identity federation, and auditing of access to Web applications and portals.
Liferay has out of box SiteMinder integration as of version 5.1.2. The integration is based on CAS integration and only supports authenticating with screenName. It also knows how to properly terminate SiteMinder session. SiteMinder is usually connected to a LDAP so this integration is also able to import users from LDAP.
Enabling SiteMinder Integration #
You can enable it either throught portal-ext.properties or UI just like with CAS or OpenSSO.
To enable it through portal-ext.properties just add following sniplet
- Set this to true to enable CA SiteMinder single sign on. If set to true,
- then the property "auto.login.hooks" must contain a reference to the class
- com.liferay.portal.security.auth.SiteMinderAutoLogin and the
- "logout.events.post" must have a reference to
- com.liferay.portal.events.SiteMinderLogoutAction for logout to work.
- A user may be authenticated from SiteMinder and not yet exist in the
- portal. Set this to true to automatically import users from LDAP if they
- do not exist in the portal.
- Set this to the name of the user header that SiteMinder passes to the
Enabling through UI just go to Enterprise Admin portlet to Settings -> Authentication -> SiteMinder
SiteMinder integration pre 5.1.2 #
SiteMinder integration does not exist prior to Liferay 5.1.2 release but it is quite easy to create yourself. You can find some information about that from Integration with Siteminder SSO.