Automating Siteminder configuration on Layer7

book

Article ID: 212192

calendar_today

Updated On:

Products

CA API Gateway

Issue/Introduction

We're trying to automate everything we can and we're having problems with the siteminder (CA Single Sign-On Configuration). We can successfully populate all the information we need via restman, but after clicking manually the Register button, all the "Cluster Settings" get overwritten with only one server even if we had 4 servers before the Registering. If we try to push the config again, we lose the Secret, which breaks everything.

Is there a way to keep the Secret when we reinsert the settings or is there a way to not lose the settings when we register?

 

Environment

Release : 10.0

Component : API GATEWAY

Resolution

File bug on the registration of APIM SSO agent to SSO Policy server - it does not populate all the HostConfigurationObjects to GW properties 

DE498853

Workaround: 

In the SSG DB there are two tables for SSO

Siteminder_configuration - contains the registration info (secrets)

Siteminder_configuration_property - contains the cluster info 

Work around is to export the siteminder_configuration_property from the mysql ssg db, then restore after registration 

Dump, registered, then restore a single table from .sql

Dump

mysqldump -u root -p ssg siteminder_configuration_property > ssg.siteminder_configuration_property.sql

 

Register APIM SSO Agent to SSO policy server

Restore tables in one line

mysql -u root -p ssg < ssg.siteminder_configuration_property.sql