ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.
Issues when federating Zscaler with Siteminder
Article ID: 200479
Updated On:
Products
CA Single Sign On Secure Proxy Server (SiteMinder)
CA Single Sign On Agents (SiteMinder)
CA Single Sign On Federation (SiteMinder)
CA Single Sign On SOA Security Manager (SiteMinder)
SITEMINDER
Issue/Introduction
We're integrating SiteMinder with Zscaler as SP using the Zscaler
documentation here :
SAML Configuration Guide for CA Single Sign-On
https://help.zscaler.com/zia/saml-configuration-guide-ca-single-sign-on
We'd like to know where to set the parameter :
<% String msg = (String)request.getParameter("RelayState");
String redirectURL = "https://myidpserver.mydomain.com/affwebservices/public/saml2sso?SPID=zscaler
.saml2&ProtocolBinding=urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST&RelayState="+msg;response.sendRedirect(redirectURL);
%>
Which WAR file is the one this string have to be added ? In
affwebservices.war deployed on the SPS's Tomcat? the path would be
webapp/WEB-INF/ ?
Environment
Release : 12.8
Component : SITEMINDER -WEB AGENT FOR APACHE
Resolution
At first glance, it seems to be on the Zscaler component, to give to
build the URL to redirect to the IDP which you run.
More, Broadcom has also a document about this integration which
relates the same as above :
CA SiteMinder Federation Runbook for Zscaler
Obtain SiteMinder Redirection script from Zscaler document and add
the jsp page to realm protected folder which is used for
redirecting purpose
p.6
https://ftpdocs.broadcom.com/phpdocs/1/8231/runbooks/CASM-ZScalerFederationRunbook-ver1.pdf
So in order to get more precision about the targeted .war file or
other file, please get in touch with Zscaler support.
Feedback
Yes
No
Powered by
