Tomcat Plugin

A custom CA SSO plugin for the Apache Tomcat servlet container

The Tomcat Plugin for CA Single Sign-On (formerly SiteMinder) enables you to bring your Tomcat applications into your Single Sign-On and Authentication/Access Control solution. It directly integrates the Tomcat container with CA Single Sign-On, allowing you to define authentication and access policies in CA Single Sign-On that are enforced within Tomcat. Your application can use J2EE native security in the Tomcat container — such as isUserInRole and getUserPrincipal — and the results will be based upon the identity authenticated by SiteMinder. Declarative security can also be utilized within your deployment descriptor, and whether a user meets your role definitions are determined by the CA Single Sign-On identity.

The Tomcat Plugin is implemented at the container, so it is automatically available to all applications deployed on the Tomcat server.


  • Single Sign-On with many different web servers supported by CA Single Sign-On
  • Standalone Plugin — no front-end web agent requirement
  • URL-based authorization
  • Session management
  • Various supported authentication schemes
  • Native J2EE integration

Scalability & Failover

IDF Connect’s Tomcat Plugin leverages CA Single Sign-On native clustering and failover capabilities. Your users will not experience an issue if a CA Single Sign-On Policy Server becomes unavailable because of the standard CA Single Sign-On native clustering and automatic failover capability.

Supported Environments

  • CA Single Sign-On: Version 6.x or higher
  • Tomcat Server: Tomcat 5.5, 6.0, 7.0
  • Operating Systems: Any that support SiteMinder™ SDK 6.x

Contact Us for Assistance