CA SSO Toolkit

Optimize your CA Single Sign-On implementations with tools from IDF Connect

The IDF Connect CA Single Sign-On (formerly SiteMinder) Toolkit is a resource center to can help you optimize your CA Single Sign-On implementations and administration.

These extensions of the CA SSO Toolkit tools and templates were all built specifically for our CA Single Sign-On customers and offered by IDF Connect as a resource.

CA Single Sign-On Extensions

Policy Compare Tool – Quickly pinpoint differences between CA Single Sign-On environments such as QA vs. Production. Provides a convenient GUI for comparing two policy stores, and presents all of the differences found in a tree structure that is easily navigated.

Custom Plugins for CA Single Sign-On – IDF Connect-developed plugins that are designed for platforms that CA does not natively out-of-the-box support. Currently available plugins include Apache Tomcat, JBoss, RedHat Firefly, and Apache Webserver on Mac OSX. The plugin base is pure Java and is portable so new plugins can be written for a variety of platforms through our Custom Plugin Development services.

Policy Wizard – The IDF Connect Policy Wizard is an intuitive alternative to CA Single Sign-On Policy Store scripts. The Policy Wizard is an automated way of generating polices with policy migration and uses CA Single Sign-On Policy APIs to auto-generate policies based on previously created. Enables users to copy apps and use them elsewhere as well as apply universal changes.

Custom Monitoring Tool – Provides network-level Monitoring of CA Single Sign-On by“standing up” and “tearing down” active connections and determine if CA Single Sign-On is functioning properly. Outputs log file and/or can provide email alerts and will work with existing management tools.

Advanced Desktop Integration and Authentication Module (Desktop SSO ) – The Desktop SSO the ability to integrate a desktop login form instead of the standard CA Single Sign-On pop-up login window and works in and expanded set of browsers and various versions of IE.

Ping Federate CA Single Sign-On Adaptor – Our adaptor creates a trust between CA Single Sign-On and PingFederate so that PingFederate recognizes that user has passed through the CA Single Sign-On front-end. Revalidation can be offered through SSO/Rest.

Business Logic Task Handlers (BLTH)

  • LoginNameGenerator – a BLTH to generate a login name based upon the user’s first and last names
  • UniqueAttributeCheck – a BLTH that checks if a single attribute is unique or not

Logical Attribute Handlers (LAH)

  • CNHandler – A logical attribute handler to generate the common name (cn) attribute. The logic is as follows: By default, it will use: “firstname lastname”. If provided, it will also insert the middle initial “firstname middleinitial. Lastname”. Then, if the resulting value is not unique, it will append the login name: firstname middleinitial. lastname (loginname)
  • CountrySelector – Logical attribute to populate a drop-down of country names and set the corresponding 2-letter ISO-3166-1 code
  • EmailConfirmHandler – Takes two fields (name and domain) to create an e-mail address, and includes confirmation fields
  • FullNameHandler – Generates the user’s full name attribute by combining the first and last name, and middle initial if provided
  • FullyQualifiedAddressHandler – This class takes an identifier and appends “@” to populate an attribute. Two common use cases are: Creating an e-mail address based upon the user id, and Creating the AD userPrincipleName based upon the samAccountName
  • PhoneNumberHandler – Creates a phone number by concatenating country code, area code, and local number
  • StateSelector – Logical attribute to populate a drop-down of U.S. states
  • TempPasswordHandler – Generates a temporary password for use in out-of-band delivery (m
  • TermsAndConditionsHandler – Enforces that the user has accepted the most recent version of the terms and conditions

Contact Us for Assistance