Java System Solutions

Technical data

The SSO Plugin contains features not found in other products, both in terms of SSO technologies and BMC product integration.

Designed specifically for BMC and HP products

• True to BMC design: The only product in the market to provide SSO support following the BMC whitepaper and best practices.
• Removing the login page: Login without entering your username and password through easy to configure plugins.
• User aliasing: Mis-matched SSO and product usernames can be resolved through the user aliasing feature.
• SSO Administration Console: The console runs alongside BMC AR System Administration consoles to provide easy management of the AREA plugin.
• Web based SSO console: Comprehensive configuration user interface integrates with BMC and HP web platforms, tightly integrating SSO as if it was a core feature of the product.
• Access logging: All authentication events are logged in the BMC AR System with additional information (such as browser type, authentication protocol, remote IP address), to provide detailed user management reports.
• Centralised configuration: Both the AREA and Mid Tier plugins store the configuration in the AR System allowing easy deployment to new AR System servers and Mid Tiers.

Supports many single sign on implementations

• Integrated Windows Authentication: Out of the box support for Kerberos and NTLMv2, across multiple domains, with no requirement for third party products or licensing.
• Microsoft IIS: Supports a Microsoft IIS front end.
• Integration to corporate SSO solutions: Seamless integration with RSA Access Manager (ClearTrust), CA Siteminder and other similar third party systems.
• Common Access Cards and X509: US Military Common Access Cards are supported through integration with the Windows Active Directory.
• SAML v2: Acts as a SAML Service Provider for Identity Providers such as Microsoft ADFS 2.0.
• FIPS 140-2: Federal Information Processing Standard (FIPS) 140-2 compliant.
• OpenID: Integrate with OpenID providers such as Google, Yahoo, MyOpenID, etc.
• JAAS support: Integrates with Java Authentication and Authorization Service modules.
• Delegation: Identity Federation Service allows other BMC and non-BMC products to delegate authentication to SSO Plugin running on the Mid Tier.
• Ping Federate: Support for the Ping Federate corporate SAML solution.

One solution for many products

• BMC AR System: Comprehensive support for BMC ITSM and AR System based products, incluing direct access and user synchronisation to:
• BMC Dashboards
• BMC Analytics
• BMC IT for Business Management (ITBM)
• BMC RKM
• JasperServer Reports
• HP Service Manager: Comprehensive support for HP Service Manager and self service, incluing direct access and user synchronisation to:
• SAP Business Objects XI
• JasperServer Reports
• HP Service Request Catalog: Quick and easy integration with Service Request Catalog.
• Kinetic Request: Supported standalone or via an existing SSO Plugin enabled BMC Mid Tier.

SSO Plugin will also act as a user integration layer between BMC and HP products, allowing HP Service Manager to drive BMC Dashboards, etc.

Platforms and versions

• Supports all versions of the BMC AR Systems since version 6.3.
• Supports all versions of the HP Service Manager since 7.1.
• Platforms including Windows, Linux, Solaris, AIX and HP-UX
• Java EE web containers including Apache Tomcat, JBoss, Weblogic and Websphere.
• Web browsers including Microsoft Internet Explorer and Mozilla Firefox.

Installation

Typical install time: under two hours.

BMC AR System / ITSM

SSO Plugin is installed as an AREA plugin to the AR System sserver installation, a plugin to the Mid Tier, and both installations are typically simple: a file copy into the relevant locations and a little configuration.

Configuration of the AREA plugin is performed through an installer and the SSO Administration Console.

Configuration of the Mid Tier plugin is performed using a web interface provided with SSO Plugin.

Once installation is complete, you can access your Mid Tier via the normal URLs. Direct access to AR System applications will be protected; the SSO system protects Mid Tier URLs (such as /home, /forms and /apps).

HP Service Manager

SSO Plugin is installed by enabling trusted sign on for Serivce Manager, copying a set of files to the Web Tier and configuring SSO Plugin.

Once installation is complete, you can access your Web Tier via the normal URLs, ie /index.do and /ess.do.

Kinetic Request

SSO Plugin requires an adapter supplied by Kinetic and can be installed in two ways:

• Using a version of SSO Plugin that integrates directly with Kinetic Request.
• Using an SSO Plugin module for Kinetic that will delegate SSO to a local BMC Mid Tier instance.