LATEST VERSION: 1.4 - CHANGELOG
Single Sign-On v1.3

CA Single Sign-On Integration Guide Overview

CA Single Sign-On (formally known as CA SiteMinder) is a Web Access Management system that supports advanced authentication, risk-based security policies, and federated identities. This documentation describes how to configure a single sign-on partnership between CA Single Sign-On as the Identity Provider (IdP) and the Single Sign-On Service (SSO) for Pivotal Cloud Foundry as the Service Provider (SP).

SSO supports service provider-initiated authentication flow and single logout. It does not support identity provider-initiated authentication flow. All SSO communication takes place over SSL.

Prerequisites

To integrate CA Single Sign-On with Pivotal Cloud Foundry (PCF), you need the following:

Pivotal

  • PCF, version 1.7.0 or later

  • Single Sign-On, version 1.1.0 or later

CA Single Sign-On

  • CA Single Sign-On 12.52

  • A Signed Certificate by a Certificate Authority

Note: To configure SAML, you must have the Single Sign-On service broker installed on your PCF deployment. You need to create a plan, grant any plan administrators, and specify any organizations this plan should be the authentication authority for. For help configuring plans, see the Manage Service Plans topic..

CA Single Sign-On Integration Guide

Configuring CA Single Sign-On with SSO

Complete both steps below to integrate your deployment with CA Single Sign-On and SSO.

  1. Configure CA Single Sign-On as an Identity Provider
  2. Configure a Single Sign-On Service Provider

Testing and Troubleshooting

Create a pull request or raise an issue on the source for this page in GitHub