Customize Collaborative Services user credentials for eTrust SiteMinder

 

+

Search Tips   |   Advanced Search

 

If you protect the portal and any of the Domino and Extended Products Portlets with Computer Associates eTrust SiteMinder, set the Lotus Collaborative Services to use the eTrust SiteMinder token instead of the default LTPA token.

In addition to this procedure, the Common PIM portlets require the addition of a parameter, CPP_PassHttpCookies , to handle custom cookies.

Modify the CSEnvironment.properties file.

The following are custom credential settings with the possible values shown as variables:

CS_SERVER_CUSTOM_CRED.enabled=true/false CS_SERVER_CUSTOM_CRED.useridAttribSource=header/cookie CS_SERVER_CUSTOM_CRED.useridAttrib=useridAttribName CS_SERVER_CUSTOM_CRED.ssoTokenAttribSource=header/cookie CS_SERVER_CUSTOM_CRED.ssoTokenAttrib=tokenAttribName 

 

Overriding the logged in user credential with a custom user name

The settings in this example show how to customize or override the logged in user's credentials through a custom user name.

These settings are useful for mapping principal user identities (fully-qualified user names or DNs) between two LDAP systems. In this case, the user name (USERID) is retrieved from the header. USERID is the name of the attribute that holds the data.

CS_SERVER_CUSTOM_CRED.enabled=true CS_SERVER_CUSTOM_CRED.useridAttribSource=header 
CS_SERVER_CUSTOM_CRED.useridAttrib=USERID 

 

Overriding the logged in user credential with a custom SSO token

The settings in this example show how to customize or override the logged in user's credentials with a custom SSO token that is generated from an external security manager, such as eTrust SiteMinder. In this case, the tokenAttribName setting is retrieved from the cookie.

CS_SERVER_CUSTOM_CRED.enabled=true CS_SERVER_CUSTOM_CRED.ssoTokenAttribSource=cookie CS_SERVER_CUSTOM_CRED.ssoTokenAttrib=SESSION

 

Enabling settings when both a custom SSO token and a custom user name are required

If the configuration requires the use of a custom SSO token and two LDAP servers, we can enable the settings as shown below.

CS_SERVER_CUSTOM_CRED.enabled=true CS_SERVER_CUSTOM_CRED.useridAttribSource=header 
CS_SERVER_CUSTOM_CRED.useridAttrib=USERID 
CS_SERVER_CUSTOM_CRED.ssoTokenAttribSource=cookie CS_SERVER_CUSTOM_CRED.ssoTokenAttrib=SESSION

 

Parent topic:

Collaborative Services environment properties

 

Related concepts


Messaging: the Common PIM portlets

 

Related tasks

Setting Lotus Sametime to use a Lotus Sametime token for user login