Making a local user not to login in Federation environment

Article Id: 16792

Status: Published

Updated On: 14-02-2018 07:47

Legacy Id: TEC1686517

Products:

CA Single Sign On Secure Proxy Server (SiteMinder) , AXIOMATICS POLICY SERVER , CA Single Sign On SOA Security Manager (SiteMinder) , CA Single Sign-On , CA Single Sign-On

Issue/Introduction:

An environment is a Federation setup of SiteMinder SP and Third-party IDP. A Configuration is seamless between SiteMinder SP and Third-party IDP.

SiteMinder acquires mapping information (NameID attribute) from Third-party IDP, and maps it to the user directory of SiteMinder.

How to setup to implement following requirement?

Although a user accessing from the Third-party IDP can log in, a local user cannot login to a resource protected by SiteMinder.

Environment:

Release: ETRSWK99000-12.7-SiteMinder-Web Access Manager-SmWalker
Component:

Resolution:

If it is made to log in only at the time of the Federation use from Third-party IDP and you do not want a local user to log in, a method of setting up a password which cannot be entered by keyboard can be considered for a user.