Configuring eTrust SiteMinder to perform authentication | HCL Digital Experience
HCL Digital Experience includes a configuration task called enable-sm-tai. This task interacts with IBM WebSphere Application Server security configuration to enable the eTrust SiteMinder TAI and to create it as one of the interceptors. You can configure eTrust SiteMinder to provide authentication independently from configuring it to provide authorization. Using it to perform authorization only is not supported at this time.
Before you begin
Important: If you have completed
the TAI installation and configuration instructions included with
the Computer Associates eTrust SiteMinder distribution,
including registering the TAI with WebSphere® Application Server, execution of
this configuration task is not required.
About this task
Procedure
- Copy the smagent.properties file from
the eTrust SiteMinder application
server agent installation directory to the wp_profile_root/properties directory:
Clustered environments: Complete this step on all nodes.
-
By default, the Application Server Agent installation enables agents
other than the one used for authentication. These agents are not tested with HCL
Digital Experience and must be disabled. Modify the following files in the
eTrust SiteMinder installation directory to set
EnableWebAgent=no:
- AsaAgent-az.conf
- AsaAgent-auth.conf
Clustered environments: Complete this step on all nodes. - Run the following task to enable eTrust SiteMinder TAI:
- Windows™: ConfigEngine.bat enable-sm-tai -DWasPassword=password from the wp_profile_root\ConfigEngine directory
- AIX®SolarisLinux™: ./ConfigEngine.sh enable-sm-tai -DWasPassword=password from the wp_profile_root/ConfigEngine directory
- Stop and restart the appropriate servers to propagate the changes. For specific instructions, see Starting and stopping servers, deployment managers, and node agents.
- Go to the Verifying Trust Association Interceptors for authentication file to verify that the TAI is working properly.