Integrate CA Single Sign-on with CA Identity Manager
When the policy administrator and the identity administrator work together to integrate CA SSO with an existing installation, the architecture expands to include the following components:
When the policy administrator and the identity administrator work together to integrate CA SSO with an existing
Identity Managerinstallation, the
Identity Managerarchitecture expands to include the following components:
- CA SSO Web AgentProtects theIdentity ManagerServer. The Web Agent is installed on the system where theIdentity Managerserver is installed.
- CA SSO Policy ServerProvides advanced authentication and authorization forIdentity Manager.
The following diagram is an example of a
Identity Managerinstallation with a CA SSO Policy Server and Web Agent:
Note: We recommend that you install
Identity Managerand CA SSO on different computers. The components can be installed on different platforms. The
Identity Managerdatabases are on Microsoft SQL Server and the user store is on the IBM directory Server. The CA SSO Policy Store is on AD LDS on Windows.
The following diagram illustrates the complete process of integrating CA SSO with
Identity Manager. Completing this process requires two roles: the
Identity Manageridentity administrator and the CA SSO policy administrator. In some organizations, one person fills both roles. When two people are involved, close collaboration is required to complete the procedures in this scenario.
Identity Managerrequires Java Cryptography Extension Unlimited Strength Jurisdiction Policy Files (JCE libraries). Download these libraries from the Oracle website, and load them at <Java_path>\<jdk_version>\jre\lib\security\.
Follow these steps: