1 Reply Latest reply: Jul 23, 2010 6:17 PM by 807573 RSS

    Sun Role Manager and SSO Integration

    807573
      Hello,

      We've followed the instructions on http://wikis.sun.com/display/Srm503Docs/Configuring+Role+Manager+For+Web+Access+Control

      to setup SSO into Sun Role Manager. When I access SRM via http://oia_server/rbacx it always sends me to the login page with no error logged.

      If I click on logon with no user/password I get an exception "java.lang.IllegalArgumentException: Authentication.getDetails() required". However in the logs, I can clearly see my username that was passed via the header variable.

      Has anyone gotten SSO worthing with Sun SRM 5.0.3?

      Thanks,
      Steve
        • 1. Re: Sun Role Manager and SSO Integration
          807573
          There is a missing item in the doc at the wiki. The user should access the URL : http://oiahost:port/rbacx/j_acegi_security_check
          Instead of attempting to access the OIA default login page to access the application when the product is setup to integrate in an SSO situation like SiteMinder or OAM.

          Siteminder, OAM all redirect the user to the URL that was first access in the application that was being protected. So if you access the login page first, the request is intercepted by Siteminder or OAM and once login happens at Siteminder it redirects the user to the OIA login page which will result in the user not being displayed the main home page of the OIA application.

          Secondly you need to make sure the HTTP header set by Siteminder is same as the headers that were configured in security-context.xml
          -------------
          <property name="preAuthUsernameHeaderKey" value="sm-user"/>
          <property name="preAuthPasswordHeaderKey" value="sm-user"/>
          -------------
          If Siteminder is configured to send a different header than sm-user then these properties above need to be modified.

          FYI: OIA == SRM

          thanks,
          _raju