Automation of user authenticate /authorize with ASM On Prem & SaaS
search cancel

Automation of user authenticate /authorize with ASM On Prem & SaaS

book

Article ID: 192021

calendar_today

Updated On:

Products

CA App Synthetic Monitor DX Application Performance Management

Issue/Introduction

Looking to find a way that Active Directory users can access ASM (On-Prem and SaaS)
Almost a 4000 user environment, cannot perform manual configuration for each user to authenticate and authorize to ASM 


Environment

Release : 10.1

Component : CA APP SYNTHETIC MONITOR (WATCHMOUSE)

Cause

ASM cannot integrate directly to LDAP.

 

Resolution

ASM only supports SAML2 for SSO.  End users must have an identity provider supporting SAML2,

Once SAML2 compliance is confirmed,  provide the information that Broadcom needs:

1) An entity ID

2) SSO URL

3) SLS URL (optional)

4) The public certificate

 

Once Broadcom has it, we provide

1) ACS

2) our SLS

3) some configuration details (e.g. what format we support etc.)

This is everything in one XML file (metadata).

 

The admin configures their service to send us in the response the user email in the samlNameId object or in attribute 0.9.2342.19200300.100.1.1. The email must be the same as in the ASM email.

 

 

Additional Information

Very short but clear overview what SAML is can be found here: 

SAML Simplified