What are the pre-requisite to have SSO with a separate key store?

Article Id: 19815

Status: Published

Updated On: 14-02-2018 07:47

Legacy Id: TEC601271

Products:

CA Single Sign On Secure Proxy Server (SiteMinder) , AXIOMATICS POLICY SERVER , CA Single Sign On SOA Security Manager (SiteMinder) , CA Single Sign-On , CA Single Sign-On

Issue/Introduction:

Description:

In an architecture where you have multiple policy server connected to individual policy store and individual key store, if you want to do Single Sign On between the different policy server / environments. You need to make sure that all Policy Server will share have the same keys.

Solution:

In order to have SSO between your 2 environment (multiple Policy Store with separate key store) you should set the same static key and session ticket key for each policy server.

You can check the following documentation:

Policy Server Guides : Policy Server Administration Guide:
Configuring and Managing Encryption Keys : Key Management Scenarios: Multiple Policy Stores with Separate Key Stores
https://support.ca.com/cadocs/0/CA%20SiteMinder%20r12%20SP3-ENU/Bookshelf_Files/HTML/idocs/238500.html

Environment:

Release:
Component: SMPLC