What are the pre-requisite to have SSO with a separate key store?

book

Article ID: 19815

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

Description:

In an architecture where you have multiple policy server connected to individual policy store and individual key store, if you want to do Single Sign On between the different policy server / environments. You need to make sure that all Policy Server will share have the same keys.

Solution:

In order to have SSO between your 2 environment (multiple Policy Store with separate key store) you should set the same static key and session ticket key for each policy server.

You can check the following documentation:

Policy Server Guides : Policy Server Administration Guide:
Configuring and Managing Encryption Keys : Key Management Scenarios: Multiple Policy Stores with Separate Key Stores
https://support.ca.com/cadocs/0/CA%20SiteMinder%20r12%20SP3-ENU/Bookshelf_Files/HTML/idocs/238500.html

Environment

Release:
Component: SMPLC