Siteminder IDP saml2sso URL IP Address and port

book

Article ID: 224981

calendar_today

Updated On:

Products

SITEMINDER CA Single Sign On Federation (SiteMinder)

Issue/Introduction

 

When running a Policy Server and CA Access Gateway (SPS), what should
be the IP and port of the server listening here ?

  http://idp_server:port/affwebservices/public/saml2sso?SPID=sp_id&ProtocolBinding=URI_for_binding&RelayState=target_URL

As per documentation it's mentioned a Web Server and Port (1).

 

Resolution

 

At first glance, the idp_server:port will be :

  - The IP of CA Access Gateway (SPS) or Web Agent Option Pack which
    provides the Federation Services. The port value will also be the
    one of CA Access Gateway (SPS) or Web Agent Option Pack;

    Usually they are 443, 8443, 80 or 8080. 

    44441, 44442, 44443 and 44444 are Policy Server ports. Federation
    Services to communicate with the Policy Server on these ports. The
    Policy Server can't be reached directly by the browser.

 

Additional Information

 

(1)

    IdP-initiated SSO (SAML 2.0 Artifact or POST)

      To specify the use of artifact or POST profile in the unsolicited
      response, the syntax for the unsolicited response link is:

      http://idp_server:port/affwebservices/public/saml2sso?SPID=sp_id&ProtocolBinding=URI_for_binding&RelayState=target_URL

      idp_server:port
      Identifies the web server and port hosting SiteMinder.

    https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/siteminder/12-8/configuring/partnership-federation/urls-to-initiate-single-sign-on.html#concept.dita_bc3e821f1db4451ff9ca883ebb3f41b4968c830f_IdPinitiatedSSOSAML20ArtifactorPOST