This documentation supports the 18.08 version of BMC Digital Workplace Basic.

To view the latest version, select the version from the Product Version menu.

Configuring BMC Digital Workplace for Remedy Single Sign-On

Remedy Single Sign-On (Remedy SSO) is an authentication system for a multi software environment that enables users to present credentials for authentication only once. After Remedy SSO authenticates the users, they can gain access to any other application with automatic authentication without providing the credentials again.

Remedy SSO supports the following authentication methods:

  • BMC Remedy AR System Server
  • SAMLv2
  • LDAP
  • Kerberos (Starting from version 9.1.01)
  • Certificate-based (Starting from version 9.1.01)
  • Remedy SSO authentication or Local authentication (Starting from version 9.1.02)
  • OAuth 2.0 (Starting from version 9.1.04)
  • OpenID Connect (Starting from version 9.1.04)

Related topics

Remedy Single Sign-On  

Troubleshooting

KA 000159409: RSSO 18.08 not working

This topic describes how to configure the integration of Remedy Single Sign-On with BMC Digital Workplace.

Based on your organization’s requirement, you can configure any of the authentication methods to authenticate the users for various BMC applications.

As an administrator you can integrate Remedy SSO with BMC Digital Workplace. After the integration, you can configure the required protocol for authentication. BMC does not support the Kerberos authentication for mobile apps, but you can configure the Kerberos authentication for web apps.

Remedy Single Sign-On authentication applies to both the universal client and to mobile applications. When a user logs in to on a mobile device, the user is prompted to enter the host name and port. If the server has SSO enabled, the mobile client opens a browser to the SSO login page. The SSO server sets the SSO cookies after authentication on to the device browser. When the user relaunches the application, if the cookies are not expired, the mobile client displays the application. If the cookies are expired, the user is shown the login page again for authentication.

Before you begin

  • Install Remedy Single Sign-On and configure realms. For more information, see the  Remedy Single Sign-On  online documentation.
  • Install BMC Digital Workplace.
  • Verify that access to the Remedy SSO servers and the BMC Digital Workplace server requires the same domain. Otherwise, deploying the Remedy Single Sign-On agent will not work.
  • Create the rsso-agent.properties file.

To integrate Remedy SSO with BMC Digital Workplace

For clusters, complete the following procedure for each BMC Digital Workplace server.

  1. Start the DWPTomcat service.
  2. Make sure single sign-on integration is enabled on BMC Digital Workplace database table.
  3. To enable the integration, go to the BMC Digital Workplace database table 'DWP_System.TENANT' and make sure that the value of the 'SAML_AUTHENTICATION' column is True(1).

    Run the following SQL query to update the SAML_AUTHENTICATION column:
    UPDATE DWP_System.TENANT  SET SAML_AUTHENTICATION = 1 where SAML_AUTHENTICATION = 0

    OR

    Run the following command using Java 1.8 or later:
    java -jar <DigitalWorkplace_path>/tenant-config/tenant-config-3.1.00.000-jar-with-dependencies.jar updateTenant -server http://<DigitalWorkplaceServer>:<PortNumber>/dwp -username <DigitalWorkplace_Super_Admin_username> -password <DigitalWorkplace_Super_Admin_password> -tenantName 000000000000001 -hostname localhost -samlAuthentication true

  4. Restart the Tomcat service.

Was this page helpful? Yes No Submitting... Thank you

Comments

  1. Petr Turek

    Hi BMC Docs team,

    In the Before you begin section above, you have "Create the rsso-agent.properties file.". This step is related to DWP Catalog only, what if I do not plan to install Catalog? Why is the configuration of RSSO integration for Catalog presented here as a condition for Configuring BMC Digital Workplace for Remedy Single Sign-On?

    Thanks in advance, Petr

    Dec 11, 2018 08:12
  2. Ievgeniia Afinogenova

    Hi Petr,

    Thank you for your comment again. The incorrect link was removed. The changes will become public later this week.

    Dec 17, 2018 09:08