ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.
How to deploy CA SSO with PaaS system like Openshift
Article ID: 103781
Updated On:
Products
CA Single Sign On Secure Proxy Server (SiteMinder)
CA Single Sign On SOA Security Manager (SiteMinder)
CA Single Sign-On
Issue/Introduction
We'd like to know if you support Web Agent with OpenShift software to
dynamically be able to register the Web Agent. What is important for
us to know, is the process to register every Apache instance that
OpenShift wake up during high work peaks with CASSO and how to
unregister that instance when OpenShift takes it down during low
peaks. If there is any way to do that.
Environment
Release: MSPJBO99000-12.52-Single Sign-On-Agent for JBoss-for MSP
Component:
Component:
Resolution
At first glance, OpenShift is supported.
Administration, Internals and Supportability
https://communities.ca.com/servlet/JiveServlet/download/241807667-1-189327/why-upgrade-to-ca-single-sign-12.8.pdf
Using Web Agent in Dynamically Scaled Environments
CA SSO Web Agents can be used in dynamically scaled environments
such as Docker containers and OpenShift. Using these technologies
require taking a different approach to register the Web Agent
instances. For more information, see Use Web Agent in Dynamically
Scaled Environments.
https://docops.ca.com/ca-single-sign-on/12-7/en/release-notes/new-features
and here the doc about registration :
Use Web Agent in Dynamically Scaled Environments
For each application, create a trusted host using Java Agent API
SDK. Using this method you can create a new trusted host and obtain
its generated shared secret in an unencrypted string format. You
must save this shared secret to use as part of the data
initialization of the application. You can use this approach to
register all versions of the Web Agents (6x and later). The
following sample code can be used to register an application, the
sample code uses SDK versions 12.5 and up. You can also use SDK
version 12.0 by removing the lines that handle FIPS mode:
https://docops.ca.com/ca-single-sign-on/12-7/en/configuring/policy-server-configuration/agents-and-agent-groups/use-web-agent-in-dynamically-scaled-environments
Administration, Internals and Supportability
https://communities.ca.com/servlet/JiveServlet/download/241807667-1-189327/why-upgrade-to-ca-single-sign-12.8.pdf
Using Web Agent in Dynamically Scaled Environments
CA SSO Web Agents can be used in dynamically scaled environments
such as Docker containers and OpenShift. Using these technologies
require taking a different approach to register the Web Agent
instances. For more information, see Use Web Agent in Dynamically
Scaled Environments.
https://docops.ca.com/ca-single-sign-on/12-7/en/release-notes/new-features
and here the doc about registration :
Use Web Agent in Dynamically Scaled Environments
For each application, create a trusted host using Java Agent API
SDK. Using this method you can create a new trusted host and obtain
its generated shared secret in an unencrypted string format. You
must save this shared secret to use as part of the data
initialization of the application. You can use this approach to
register all versions of the Web Agents (6x and later). The
following sample code can be used to register an application, the
sample code uses SDK versions 12.5 and up. You can also use SDK
version 12.0 by removing the lines that handle FIPS mode:
https://docops.ca.com/ca-single-sign-on/12-7/en/configuring/policy-server-configuration/agents-and-agent-groups/use-web-agent-in-dynamically-scaled-environments
Feedback
Yes
No
Powered by
