I’ve posted a question to the Datapower external newsgroup asking about how Siteminder can be used to authenticate users. The documentation is pretty thin on the subject.
https://www.ibm.com/developerworks/forums/thread.jspa?threadID=315235
Basically, i have a username and password that I’d like Siteminder to authenticate. I’m sure that Datapower invokes a URL and posts the information to the given URI. It then inspects the response cookie and determines if Siteminder was successful.
The usual Siteminder usage pattern is for someone to hit a page with a web browser and then be issued a challenge.. So it’s possible Siteminder requires this step into order to validate.
We are having issues with siteminder integration. Today, an html form is used with a username field and password field. We would like to leverage DataPower within this flow. So, which checkbox would be checked in order to get to the authenticate step of filling in the SiteMinder step? Possibly the “html form” option? I think I’m going to start over witha webapp firewall and then use the AAA policy there. First time dealing with Siteminder. Any comments?