Single Sign-On Properties
The following SiteMinder specific properties should be configured to enable authentication with SiteMinder.
These properties can be set using the Configurator.
| Property in Configurator | Description |
|---|---|
| Authentication > Site Minder > SiteMinder User Name HTTP Header (authentication.sm.user= SM_USERNAME) |
Login-ID/Username. |
| Authentication > Site Minder > SiteMinder Last Name HTTP Header
(authentication.sm.lastName=
SM_LASTNAME) Authentication > Site Minder > SiteMinder First Name HTTP Header (authentication.sm.firstName= SM_FIRSTNAME) |
Last name and first name. |
| Authentication > Site Minder > SiteMinder Role HTTP Header (authentication.sm.role= GROUP) | Role List. |
| Authentication > Site Minder > Role List separator (authentication.sm.role.separator =SM_SEPARATOR) | Separator between role names. This property extracts each role from the role list. |
| Authentication > Site Minder > SiteMinder Enterprise HTTP Header (authentication.sm.enterprise= SM_ENTERPRISE) | Enterprise. |
| Authentication > Site Minder > SiteMinder Vendor Identifier (authentication.sm.VendorID= VENDORID) | Vendor ID. |
| Authentication > Site Minder > SiteMinder HTTP Session Vars (authentication.sm.sessionVariables=VendorID) | SiteMinder HTTP Headers added to user sessions and in business rules. |
| Authentication > Site Minder > SiteMinder User Parser Pattern (authentication.sm.user.parsepattern) |
Pattern to apply on header to obtain user name. If no pattern is specified, no parsing is done. |
| Authentication > Site Minder > SiteMinder Role Parser Pattern (authentication.sm.role.parsepattern) |
Pattern to apply on header to obtain role name. If no pattern is specified, no parsing is done. |
| Authentication > Site Minder > SiteMinder First Name Parser Pattern (authentication.sm.firstName.parsemethod.awk) |
Pattern to apply on header to obtain the first name. If no pattern is specified, no parsing is done. |
| Authentication > Site Minder > SiteMinder Last Name Parser (authentication.sm.lastName.parsepattern) |
Parser to use for parsing the last name. If none specified, no parsing will be done. |
| Authentication > Site Minder > Web service header extractor | Refers to the Java class that is used to extract headers from web service. For details on the header extractor, refer to the section Header Extractors. The default value is com.tibco.mdm.integration.webservice.HeaderExtractor. |
Following table lists the map of single sign-on properties to user attributes.
| Property | User Attribute | Description | Optional? |
|---|---|---|---|
| authentication.sm.firstName | First Name | First name of the user | Yes, if not provided during creation, defaults to login name. |
| authentication.sm.middleName | Middle Name | Middle name of the user | Yes, if not provided during creation, defaults to null. |
| authentication.sm.lastName | Last Name | Last name of the user | Yes, if not provided during creation, defaults to login name. |
| authentication.sm.role | List of roles | Roles assigned to user, these roles are mapped to the internal TIBCO MDM roles | Mandatory for create, optional for update. |
| authentication.sm.dateFormat | Date format | User preferred date format - no validation is done | Yes, if not provided, null |
| authentication.sm.timeFormat | Time format | User preferred time format - no validation is done | Yes, if not provided, null |
| authentication.sm.locale | Locale | User preferred locale - no validation is done | Yes, if not provided, null. |
| authentication.sm.language | Language | User preferred language - no validation is done | Yes, if not provided, null. |
| authentication.sm.partitioningKey | Partitioning Key | User preferred Partitioning Key - no validation is done | Yes, if not provided, null. |
Other properties which control the login process similar to LDAP are described in Other Login Properties.
Copyright © Cloud Software Group, Inc. All rights reserved.