search cancel

OAuth Authentication Scheme in Siteminder without SAML federation

book

Article ID: 214317

calendar_today

Updated On:

Products

CA Single Sign On Agents (SiteMinder) SITEMINDER CA Single Sign On Federation (SiteMinder)

Issue/Introduction

 

When running CA Access Gateway (SPS), one might like to know if
there's an OAuth Authentication Scheme in 12.8. This will be useful
to federate legacy application access with OAuth, without using SAML
Federation.

 

Resolution

 

At first glance, since Policy Server 12.6, the OAuth Authentication
Scheme is deprecated (1).

Now, it seems that API Gateway provides a toolkit to protect your
application with OAuth (2) and a Communities gives some details about
its implementation (3).

In order to get "a cleaner way to create an authentication scheme to use an
OAuth or OIDC flow" we invite you to open an Enhancement Request (Idea) :

  1. Go to the "All Ideas" page :
     https://community.broadcom.com/ideation/allideas
  2. Click on the "Add" button.
  3. In the "Select categories...", select "Symantec Access Management".
  4. Write a title in the "title" box.
  5. Write a complete description of the Enhancement Request or
     Certification you'd like to post.
  6. Click on "Save" to get the Idea submitted !

 

Additional Information

 

(1)

    Deprecated Authentication Schemes

    The following authentication schemes are no longer supported:

      OAuth

    https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/siteminder/12-6-01/release-notes/changes-to-existing-features/policy-server-changed-features.html

(2)

    OAuth Toolkit

       It is a complete OAuth implementation that includes:

       - An authorization server that supports various types of handshaking with API-consuming applications
       - A resource server that protects access to APIs at runtime
       - A token management system which can be deployed in a distributed architecture.

    https://techdocs.broadcom.com/us/en/ca-enterprise-software/layer7-api-management/api-gateway/10-0/apis-and-toolkits/oauth-toolkit.html

(3)

    Layer7 API Gateway OAuth - using CA Siteminder/SSO as external login
    https://community.broadcom.com/communities/community-home/digestviewer/viewthread?MessageKey=1e6d9c81-a2c3-4321-a224-9bbc5f5dfc83#bm1e6d9c81-a2c3-4321-a224-9bbc5f5dfc83