×
 
 

This documentation supports the 20.02 version of Remedy Action Request (AR) System.

To view an earlier version, select the version from the Product version menu.


Remedy Action Request System 20.02 Configuring after installation

Configuring Double Authentication

The process of double authentication is as follows:

  1. After the first level of authentication, the user's browser sends a re-authentication request to BMC Remedy Mid Tier URL.

  2. BMC Remedy Single Sign-On (BMC Remedy SSO) agent redirects the user to BMC Remedy SSO server URL for reauthentication. For SAML authentication, BMC Remedy SSO redirects the user to the SAML IdP for reauthentication. If the SAML IdP supports the ForceAuthn feature on an authentication request, the IdP requests the user for reauthentication.

    Note

    • BMC Remedy SSO agent identifies a reauthentication request by the query parameter reauth, which is set to true by default.  
    • For a reauthentication request, the agent identifies the BMC Remedy SSO server and the application realm the same way that the agent identifies these for any other authentication request. 
  3. For BMC Remedy AR System authentication, the BMC Remedy SSO server prompts the user to confirm the password. For SAML authentication, the IdP prompts the user for both username and password. If the authentication is successful, the IdP redirects the user back to the BMC Remedy SSO server with a SAML response. The BMC Remedy SSO server checks if the user in the SAML response is the same user who is currently logged in to BMC Remedy SSO. If they are not the same users, the reauthentication fails.
  4. If the reauthentication process is successful, the BMC Remedy SSO server generates a reauthentication token and redirects the user to the BMC Remedy Mid Tier URL. Note that the reauthentication token is valid only for a short period and is specific only to the reauthentication process. It cannot be used for the usual authentication process.
  5. The BMC Remedy SSO agent retrieves the reauthentication token and passes it on to BMC Remedy Mid Tier servlet.
  6. BMC Remedy Mid Tier servlet retrieves the reauthentication token and passes it on to the BMC Remedy AR System as an authentication string.
  7. BMC Remedy AR System verifies the user's credential, user name and reauthentication token, through BMC Remedy SSO AREA plugin.
  8. The BMC Remedy SSO AREA plugin verifies the reauthentication token through an API call to the BMC Remedy SSO server.

   



Was this page helpful? Yes No Submitting... Thank you
Last modified by Anagha Deshpande on Jan 02, 2020
configuration single_sign_on remedy_single_sign_on sso rsso server_configuration server administering_single_sign_on administering

Comments

Configuring the Assignment Engine server settings
Securing BMC Remedy AR System
© Copyright 1991-2021 BMC Software, Inc. © Copyright 1991-2021 BladeLogic, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2021 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.