search cancel

How does siteminder support just-in-time provisioning with SAML 2.0 ?

book

Article ID: 189751

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On Agents (SiteMinder) CA Single Sign On Federation (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) SITEMINDER

Issue/Introduction


Can you please tell me how does siteminder support  just-in-time provisioning with SAML 2.0 ? 

Let me know how we can get it configured if we use siteminder to configure the  Service Provider.

Environment

Release : 12.8.03

Component : SITEMINDER -WEB AGENT FOR APACHE

Resolution

Siteminder used to have user provisioning feature long time ago, but now this has been removed and offloaded to IdentityManager.

what siteminder does is, if the JITP need to be performed then it will redirect to the whatever configured
(yes, configurable and there is a section in the partnership) URL whichever application that will be handling the user provisioning.

Once the user provisioning application completes the task and redirects back to federation, the processing of user search and authentication will be performed
and as the user had been provisioned, the user is found and authenticated.

SiteMinder does not have user provisioning feature and it is only possible in case if SSO and IDM ( the feature is now in IDM ) gets integrated, but not only with SSO