CA Siteminder can be used to provide Single Sign On facility to web applications hosted on some webservers.
1. A user tries to access a web page eg. index.html from a web browser
http://www.simpletute.org/sitemap/index.html
2. The Web Agent installed on the webserver intercepts this request and checks with the policy server whether this web page (index.html) is protected or unprotected.
3.If this web page is un-protected the webserver returns the page to the web browser
which in turn displays it to the user.If the web page is protected than the policy server asks the web browser to ask the user to provide valid credentials to authenticate the user.
4. The users enters the credentials which are sent to the policy server by the web browser.The policy server sents a request to the policy store to confirm the validity of the credentails submitted by the user.
5. If the credentials are incorrect the policy server sents a insufficent access message to the web bowser.If the credentials are correct the policy server returns the web page to the web browser.
These is the very basic request flow.If we go indepth there are many more steps that are completed in this authentication process.
1. A user tries to access a web page eg. index.html from a web browser
http://www.simpletute.org/sitemap/index.html
2. The Web Agent installed on the webserver intercepts this request and checks with the policy server whether this web page (index.html) is protected or unprotected.
3.If this web page is un-protected the webserver returns the page to the web browser
which in turn displays it to the user.If the web page is protected than the policy server asks the web browser to ask the user to provide valid credentials to authenticate the user.
4. The users enters the credentials which are sent to the policy server by the web browser.The policy server sents a request to the policy store to confirm the validity of the credentails submitted by the user.
5. If the credentials are incorrect the policy server sents a insufficent access message to the web bowser.If the credentials are correct the policy server returns the web page to the web browser.
These is the very basic request flow.If we go indepth there are many more steps that are completed in this authentication process.
The
SiteMinder Test Tool is a Windows-based utility that can be used to verify
policy configurations. The Test Tool simulates the interaction between Agents
and Policy Servers, allowing you to test the functionality of the Policy Server
without having a Web Agent or Web server installed.The Test Tool acts as an
agent sending requests to the Policy Server. These requests enable us to
perform functional tests, such as verifying whether a resource is protected.
1.
Open SM Test Tool
2.
On the Site
Minder Agent panel, Select Version 5, enter Agent Name and SmHots.conf Path
3.
On the Netegrity
Policy Server panel, Enter IP address of the policy server you want to test
and check Override box
4.
On the Resource
Information panel, Enter Resource and Action (Get/Post)
5.
On the User
Information panel, Enter Username and Password in CAPS letter.
·
Username should be entered on this format
WHOLESALE.CompanyID.UserID
· For
Bank Operator, the user name should be entered on this format
WHOLESALE.WELLSFARGO.bankoperatorID
·
Password field value should be Password for
Level 1 resource and Token for Level 2 resource
1.
Click on the IsProtected button
·
If the resource is Protected, the Server
Response Message should display PROTECTED. Also, pay attention to the Redirect
url. If the application is accessed thru Portal, it’s should display CEO Portal
sign on page. If the application is accessed thru UAM, it should display UAM
Sign On page. If it’s a level 2 resource, it should display chsec (token page)
url.
·
Otherwise, the Server Response Message should
be displayed as UNPROTECTED
1.
Click on the IsAuthenticated button
·
If the user is authenticated, the Server
Response Message should display AUTHENTICATED
·
If the user is authenticated, the Server
Response Message should display NOT AUTHENTICATED
·
Pay attention to the Server Response
Attributes when it is necessary
A user is authenticated if the password or
token that is provided matches the user’s credential.
1.
Click on the IsAuthorized button should
display
·
If the user is authenticated, the Server
Response Message should display AUTHORIZED
·
If the user is authenticated, the Server
Response Message should display NOT AUTHORIZED
·
Pay attention to the Server Response
Attributes when it is necessary
A user is authorized if the user has the correct appstrings
attached to the user profile on LDAP.
How to run SM Automation
script
1. Step
1: Save the test_scenario spreadsheet in C:\Automation\Channel
Secure\scenarios. The file name must be
“test_scenarios.xls”
2. Open
Quick Test Pro Application
3. 
Connect to Quality Center,
click on the Green icon 
Connect to Quality Center,
click on the Green icon
4. The
Quality Center Connection – Server Connection Pop up window would be displayed.
Click on the Connect button
5. On
the Quality Center Connection window, enter your LAN ID and Password
6. Select
Domain: WQA, project: WQA_WAS
7. Click
on the Login button
8. Click
on the close button
9. Click
on the open icon
10. On
the Open Test Window, click on SM Test Tool Automation_Regular (without
password encryption) or SM Test Tool Automation (with encrypted password)
11. Click
on the Open button
12. 
Click on the run button to
start running the scripts
Click on the run button to
start running the scripts
Remote Machine Access for Running Automation
Scripts
·
Automation scripts should be run on remote
machine as it takes long time to execute the scripts.
·
From the Machine through which you are going
to run the scripts submit request to give access to your LAN-ID.
·
Once you get the approval, from your machine
connect to that remote machine and run the scripts.