This documentation supports the 9.0 version of Remedy Action Request System.

To view the latest version, select the version from the Product version menu.

How BMC Remedy Single Sign-On manages single sign-on

This section discusses the following topics:

BMC Remedy Single Sign-On is an authentication system that supports SAML V2.0 and BMC Remedy Action Request System (BMC Remedy AR System) authentication protocols and provides single sign-on and single sign-off for users of BMC products. BMC Remedy Single Sign-On allows users to present credentials only once for authentication and subsequently be automatically authenticated by every BMC product that is integrated into the system. BMC Remedy Single Sign-On supports authentication with traditional system such as Active Directory through SAML authentication. BMC Remedy Single Sign-On is the central integration point that performs integration with local enterprise systems.

BMC Remedy Single Sign-On is a lightweight web application. BMC products such as BMC Remedy IT Service Management (BMC Remedy ITSM), BMC MyIT, and BMC Analytics applications use BMC Remedy Single Sign-On agents that redirect unauthenticated user requests to the BMC Remedy Single Sign-On web application. BMC Remedy Single Sign-On can provide SAML-based authentication wherein the BMC Remedy Single Sign-On web application acts as a SAML service provider. It redirects logon requests to the SAML identity provider.

BMC Remedy Single Sign-On is easy to deploy, configure, and maintain. You can deployed it in the failover cluster, which allows you to easily add or remove nodes on demand. BMC Remedy Single Sign-On persists user sessions in a database instance, sharing sessions between all nodes. BMC Remedy Single Sign-On works with Microsoft SQL and Oracle. Additionally, you can use existing BMC Remedy AR System database infrastructure to leverage BMC product deployments and decrease maintenance costs.

Components of BMC Remedy Single Sign-On

BMC Remedy Single Sign-On contains the following major components:

  • BMC Remedy Single Sign On agent — The agent filters protected resources from unauthenticated logins. When it detects an unauthenticated request, it redirects the user to the Remedy Single Sign On server web application. The agent defines the right domains for the users depending on their domains. It defines the right server to communicate in a multi server environment.
  • BMC Remedy Single Sign-On web application — Authenticates users and gets validation requests from agents. If authentication succeeds, the BMC Remedy Single Sign-On web application generates authentication tokens and stores them in its database. It now supports SAML V2.0 and BMC Remedy AR System authentications. If SAML is selected, BMC Remedy Single Sign-On acts like a SAML service provider and redirects authentication requests to the SAML IDP to display the logon page with an encoded SAML authentication request. The BMC Remedy Single Sign-On web application then processes the authentication response by allowing or disallowing the authentication request.
  • BMC Mid Tier Remedy Single Sign On authenticator plugin - It validates the token from the user request and extracts user information from the context. It then passes the information to the BMC Remedy AR System Server through the BMC Remedy Mid Tier authentication infrastructure. The authentication request is then processed on the BMC Remedy AR system side by BMC Remedy Single Sign-On AREA plugin.
  • BMC Remedy Single Sign-On AREA plug-in — Gets user information from the BMC Remedy Mid Tier API call as an authentication token and then makes a REST API call to the BMC Remedy Single Sign-On web application to verify the token's validity.

Related topics

Was this page helpful? Yes No Submitting... Thank you

Comments