Single Sign-On Properties

The following SiteMinder specific properties should be configured to enable authentication with SiteMinder.

These properties can be set using the Configurator.

Single Sign-On Properties
Property in Configurator Description
Authentication > Site Minder > SiteMinder User Name HTTP Header

(authentication.sm.user=
SM_USERNAME)

Login-ID/Username.
Authentication > Site Minder > SiteMinder Last Name HTTP Header
(authentication.sm.lastName=
SM_LASTNAME)

Authentication > Site Minder > SiteMinder First Name HTTP Header
(authentication.sm.firstName=
SM_FIRSTNAME)

Last name and first name.
Authentication > Site Minder > SiteMinder Role HTTP Header
(authentication.sm.role=
GROUP) Role List.
Authentication > Site Minder > 
Role List separator
(authentication.sm.role.separator
=SM_SEPARATOR) Separator between role names. This property extracts each role from the role list.
Authentication > Site Minder > SiteMinder Enterprise HTTP Header
(authentication.sm.enterprise=
SM_ENTERPRISE) Enterprise.
Authentication > Site Minder > SiteMinder Vendor Identifier (authentication.sm.VendorID=
VENDORID) Vendor ID.
Authentication > Site Minder > SiteMinder HTTP Session Vars (authentication.sm.sessionVariables=VendorID) SiteMinder HTTP Headers added to user sessions and in business rules.
Authentication > Site Minder > SiteMinder User Parser Pattern

(authentication.sm.user.parsepattern)

Pattern to apply on header to obtain user name. If no pattern is specified, no parsing is done.
Authentication > Site Minder > SiteMinder Role Parser Pattern

(authentication.sm.role.parsepattern)

Pattern to apply on header to obtain role name. If no pattern is specified, no parsing is done.
Authentication > Site Minder > SiteMinder First Name Parser Pattern

(authentication.sm.firstName.parsemethod.awk)

Pattern to apply on header to obtain the first name. If no pattern is specified, no parsing is done.
Authentication > Site Minder > SiteMinder Last Name Parser

(authentication.sm.lastName.parsepattern)

Parser to use for parsing the last name. If none specified, no parsing will be done.
Authentication > Site Minder > Web service header extractor Refers to the Java class that is used to extract headers from web service. For details on the header extractor, refer to the section Header Extractors.

The default value is com.tibco.mdm.integration.webservice.HeaderExtractor.

Following table lists the map of single sign-on properties to user attributes.

Single Sign-On Properties for Mapping
Property User Attribute Description Optional?
authentication.sm.firstName First Name First name of the user Yes, if not provided during creation, defaults to login name.
authentication.sm.middleName Middle Name Middle name of the user Yes, if not provided during creation, defaults to null.
authentication.sm.lastName Last Name Last name of the user Yes, if not provided during creation, defaults to login name.
authentication.sm.role List of roles Roles assigned to user, these roles are mapped to the internal TIBCO MDM roles Mandatory for create, optional for update.
authentication.sm.dateFormat Date format User preferred date format - no validation is done Yes, if not provided, null
authentication.sm.timeFormat Time format User preferred time format - no validation is done Yes, if not provided, null
authentication.sm.locale Locale User preferred locale - no validation is done Yes, if not provided, null.
authentication.sm.language Language User preferred language - no validation is done Yes, if not provided, null.
authentication.sm.partitioningKey Partitioning Key User preferred Partitioning Key - no validation is done Yes, if not provided, null.

Other properties which control the login process similar to LDAP are described in Other Login Properties.