You can configure Computer Associates eTrust SiteMinder to perform both
authentication and authorization for IBM® WebSphere® Portal. Using eTrust SiteMinder to perform only
authorization is not supported at this time.
About this task
Install Computer Associates eTrust SiteMinder Trust Association
Interceptor (TAI) distribution on the same machine as WebSphere Portal. If you are completing
this task in a clustered environment, you must install the eTrust SiteMinder TAI distribution
on each node in the cluster.
Complete the following steps to
configure eTrust SiteMinder for
authentication and authorization:
Procedure
- Copy the smagent.properties file
from the eTrust SiteMinder application
server agent installation directory to the wp_profile_root/properties directory.
Clustered environments: Complete this step
on all nodes.
- By default, the Application
Server Agent installation enables agents other than the one used for
authentication. These agents are not tested with WebSphere Portal and must be disabled.
Modify the following files in the eTrust SiteMinder installation directory
to set EnableWebAgent=no:
- Asa-Agent-az.conf
- Asa-Agent-auth.conf
Clustered environments: Complete this step
on all nodes.
- Start the WebSphere Portal Customization dialog.
- From the Portal configuration
panel, select Advanced configuration tasks.
- Select Security
configuration tasks.
- Select Configure external security.
- Select Configuring eTrust SiteMinder.
- Select Configuring eTrust SiteMinder
for both authentication and authorization.
- Select Define
variables.
Reminder: If you need assistance to define
the variables, press F1 to display the help
panel.
- Generate the customization
jobs.
- Follow the Customization
dialog instructions for submitting the customization jobs. If the
job ends abruptly or is canceled without a failure message, remove
all log files from the ConfigEngine/log directory
before you rerun the job.
What to do next
Depending on your configuration, the XML configuration
interface might not be able to access WebSphere Portal through eTrust SiteMinder. To allow the
XML configuration interface access, use eTrust SiteMinder to define the configuration
URL (/wps/config) as unprotected. Refer to the eTrust SiteMinder documentation for
specific instructions.