×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')

Unsupported content

 

This version of the product is in limited support. However, the documentation is available for your convenience. You will not be able to leave comments.
Remedy Single Sign-On 19.02 Integrating

Manually integrating Remedy SSO with BMC applications

This topic was edited by a BMC Contributor and has not been approved.  More information.


You manually integrate Remedy Single Sign-On with BMC applications when you want to install Remedy SSO server and Remedy SSO agents on platforms that are not supported by the Remedy SSO installer. 

In addition, compared to the Remedy SSO installer, the manual integration steps are easier to execute in various automation and deployment scripts.

The Remedy SSO agent is usually configured to communicate with only one Remedy SSO server. For information about how to configure the web agent to communicate with multiple servers, see Configuring Remedy SSO agent supporting multiple servers.

You can integrate Remedy SSO with the following BMC applications:

  • Remedy AR System Server
  • Remedy Mid Tier
  • BMC Analytics
  • TrueSight Presentation Server
  • BMC Configuration Management Database

Related topics

Performing the installation

Removing Remedy SSO integration from Remedy AR System and Remedy Mid Tier

Before you begin

  1. Manually install Remedy SSO
  2. Create a system backup. If there is a need to remove the Remedy SSO integration from a BMC application, you will need to restore files to their previous state.

To manually integrate Remedy SSO with Remedy AR System server

  1. Make sure the following AREA settings (<AR>/Conf/ar.cfg) are configured on the AR Server (can be set from the Server Information form > EA tab):

    External-Authentication-RPC-Socket: 390695
Authentication-Chaining-Mode: 1
Crossref-Blank-Password: T
  2. Copy rsso.cfg from rsso-area-plugin to <AR>/Conf.

  3. In rsso.cfg, adjust the value of your Remedy SSO server service url:

    SSO-SERVICE-URL: <rsso_service_url>

    You must set the sso-service-url in the configuration file only if you integrate Remedy AR System with a single Remedy SSO server.

    To integrate AR System with multiple Remedy SSO servers, you must configure this setting for each server in the Remedy SSO Admin Console.

  4. Copy rsso-area-plugin-all.jar file from rsso-area-plugin to <AR>/pluginsvr directory.

  5. Copy gson-2.3.1.jar and slf4j-api-1.7.25.jar from lib to <AR>/pluginsvr directory.

  6. Edit <AR>/pluginsvr/pluginsvr_config.xml, and add Remedy SSO AREA plug-in by replacing <AR> with the corresponding path:

    <plugin>
    <name>ARSYS.AREA.RSSO</name>
    <classname>com.bmc.rsso.plugin.area.RSSOPlugin</classname>
    <pathelement type="location"><AR>/pluginsvr/rsso-area-plugin-all.jar</pathelement>
    <pathelement type="location"><AR>/pluginsvr/gson-2.3.1.jar</pathelement>
    <pathelement type="location"><AR>/pluginsvr/slf4j-api-1.7.25.jar</pathelement>
    <userDefined>
        <configFile>{AR}/Conf/rsso.cfg</configFile>
    </userDefined>
</plugin>
  7. Restart the AR System server.

To manually integrate Remedy SSO with Remedy Mid Tier

  1. Stop the Tomcat service installed on Mid Tier.
  2. Configure the Authenticator as follows:

    1. Edit the following line in the config.properties file (<Mid_Tier>/WEB-INF/classes) to use the RSSOAuthenticator:

      arsystem.authenticator=com.bmc.rsso.plugin.authenticator.RSSOAuthenticator
    2. Copy the rsso-authenticator-plugin-all.jar file from rsso-authenticator-plugin to the <Mid_Tier>/WEB-INF/lib folder.
    3. Copy the gson-2.3.1.jar file from Remedy SSO installation package Disk1\files\lib to the <Mid_Tier>/WEB-INF/lib folder.
  3. Configure the Web Agent as follows:
    1. Copy the rsso-agent-all.jar file from /rsso-agent to the <Mid_Tier>/WEB-INF/lib folder.

    2. Copy /rsso-agent/rsso-agent.properties file to the <Mid_Tier>/WEB-INF/classes folder, and modify it as required:

      logout-urls=/atssologout.html

sso-external-url=${sp-services-url}
# sso-external-url is a public user-facing URL exposed for end-users for authentication. 
# In standalone mode, sso-external-url must be an HTTPS URL. For example, https://my-rsso.bmc.com/rsso
# If Remedy SSO is installed in an HA mode, sso-service-url must be a Load Balancer (LB) URL.

sso-service-url=${sp-services-internal-url}
# If Remedy SSO is installed in an HA mode, sso-service-url must be a Load Balancer (LB) URL.
# In standalone mode, sso-service-url is recommended to be an HTTP URL. For example, http://my-rsso.bmc.com/rsso.

agent-id=${agent-id}
# agent-id must be a unique identifier. Agent-id must be the same on all nodes in a Mid Tier HA cluster. 
# BMC recommends to set this value to a simple identifier instead of a HTTP URL. For example, agent-id=analytics_agent.

use-in-memory-cache=true
# Allows to choose between HttpSession and in-memory cache to store token data.
# Option can't be changed at run time

  4. Edit the <Mid_Tier>/WEB-INF/web.xml file and add the following Remedy SSO filter configuration:

    <filter>
    <filter-name>RSSOFilter</filter-name>
    <filter-class>com.bmc.rsso.agent.RSSOFilter</filter-class>
</filter>
<filter-mapping>
    <filter-name>RSSOFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
    <listener-class>com.bmc.rsso.agent.RSSOListener</listener-class>
</listener>


    You must disable Atrium SSO filter if it exists in the web.xml file by commenting it. 

  5. Copy the rsso-agent/rsso-log.cfg file to the <Mid_Tier>/WEB-INF/classes folder.
  6. Copy the following files from the lib folder to the <Mid_Tier>/WEB-INF/lib folder:
    • caffeine-<version>.jar
    • jjwt-impl-<version>.jar
    • org.apache.oltu.oauth2.client-<version>.jar
    • jjwt-jackson-<version>.jar
    • jjwt-api-<version>.jar
    • json-<version>.jar
    • slf4j-api-<version>.jar
    • jackson-annotations-<version>.jar
    • jackson-core-<version>.jar
    • jackson-databind-<version>.jar
  7. Copy rsso-agent-all.jar from the Disk1/files/rsso-agent folder to the <Mid_Tier>/WEB-INF/lib folder.
  8. Restart Mid Tier/ Tomcat.

To manually integrate Remedy SSO with BMC Analytics

Before executing the following steps to configure BMC Analytics for Single Sign-On, ensure that the prerequisites are met.

  1. Stop Analytics Tomcat service.
  2. Copy rsso-agent/rsso-agent-all.jar to <TOMCAT>/webapp/BI/WEB-INF/lib.

  3. Copy rsso-agent/rsso-agent.properties file to <TOMCAT>/webapp/BI/WEB-INF/classes, and modify it as required:

    logout-urls=/atssologout.html

sso-external-url=${sp-services-url}
# sso-external-url is a public user-facing URL exposed for end-users for authentication. 
# In standalone mode, sso-external-url must be an HTTPS URL. For example, https://my-rsso.bmc.com/rsso
# If Remedy SSO is installed in an HA mode, sso-service-url must be a Load Balancer (LB) URL.

sso-service-url=${sp-services-internal-url}
# If Remedy SSO is installed in an HA mode, sso-service-url must be a Load Balancer (LB) URL.
# In standalone mode, sso-service-url is recommended to be an HTTP URL. For example, http://my-rsso.bmc.com/rsso.

agent-id=${agent-id}
# agent-id must be a unique identifier. Agent-id must be the same on all nodes in a Mid Tier HA cluster. 
# BMC recommends to set this value to a simple identifier instead of a HTTP URL. For example, agent-id=analytics_agent.

use-in-memory-cache=true
# Allows to choose between HttpSession and in-memory cache to store token data.
# Option can't be changed at run time.
  4. Copy the following jar files into <TOMCAT>/webapp/BI/WEB-INF/lib:
    • caffeine-<version>.jar
    • jjwt-impl-<version>.jar
    • org.apache.oltu.oauth2.client-<version>.jar
    • jjwt-jackson-<version>.jar
    • jjwt-api-<version>.jar
    • json-<version>.jar
    • slf4j-api-<version>.jar
    • jackson-annotations-<version>.jar
    • jackson-<version>.jar
    • jackson-databind-<version>.jar
  5. Copy the following files from the Disk1/files/rsso-agent folder to the <Mid_Tier>/WEB-INF/lib folder:
    • rsso-client-impl.jar
    • rsso-sdk-atsso.jar
    • rsso-agent-all.jar
  6. Copy rsso-sdk/sso-sdk.properties into <TOMCAT>/webapp/BI/WEB-INF/classes.
  7. Delete the following BMC Atrium Single Sign-On JAR files in <TOMCAT>/webapp/BI/WEB-INF/lib:
    • atsso-common-<version>.jar
    • atsso-sdk-<version>.jar
    • atsso-webagent-<version>.jar
  8. Restart the Analytics Tomcat service.

To manually integrate Remedy SSO with TrueSight Presentation Server

  1. Stop the TrueSight Presentation Server.

  2. Place theRemedy SSO filter into ${truesight.home}/modules/tomcat/conf/web.xml as the first filter:

    <filter>
    <filter-name>RSSOFilter</filter-name>
    <filter-class>com.bmc.rsso.agent.RSSOFilter</filter-class>
</filter>
<filter-mapping>
    <filter-name>RSSOFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

  3. Create the following folder: 
    <TrueSightPServer>\truesightpserver\modules\tomcat\rsso_agent.

  4. Copy the following files into the created folder:
    • caffeine-<version>.jar
    • jjwt-impl-<version>.jar
    • org.apache.oltu.oauth2.client-<version>.jar
    • jjwt-jackson-<version>.jar
    • jjwt-api-<version>.jar
    • json-<version>.jar
    • slf4j-api-<version>.jar
    • jackson-annotations-<version>.jar
    • jackson-core-<version>.jar
    • jackson-databind-<version>.jar
    • rsso-client-impl.jar
    • rsso-sdk-atsso.jar
    • rsso-agent-all.jar
  5. Delete rsso-agent.properties file from rsso-agent-all.jar.
  6. Open the file <TrueSightPServer>\truesightpserver\conf\services\csr.conf, and make the following changes: 
    1. Add the following paths to the classpath list:
      • ${truesight.home}/modules/tomcat/rsso_agent/caffeine-<version>.jar
      • ${truesight.home}/modules/tomcat/jjwt-impl-<version>.jar
      • ${truesight.home}/modules/tomcat/rsso_agent/org.apache.oltu.oauth2.client-<version>.jar
      • ${truesight.home}/modules/tomcat/rsso_agent/jjwt-jackson-<version>.jar
      • ${truesight.home}/modules/tomcat/rsso_agent/jjwt-api-<version>.jar
      • ${truesight.home}/modules/tomcat/rsso_agent/json-<version>.jar
      • ${truesight.home}/modules/tomcat/rsso_agents/slf4j-api-<version>.jar
      • ${truesight.home}/modules/tomcat/rsso_agents/jackson-annotations-<version>.jar
      • ${truesight.home}/modules/tomcat/rsso_agents/jackson-core-<version>.jar
      • ${truesight.home}/modules/tomcat/rsso_agents/jackson-databind-<version>.jar
      • ${truesight.home}/modules/tomcat/rsso_agents/rsso-client-impl.jar
      • ${truesight.home}/modules/tomcat/rsso_agents/rsso-sdk-atsso.jar
      • ${truesight.home}/modules/tomcat/rsso_agents/rsso-agent-all.jar
    2. Comment the following line with path:
      ${truesight.home}/lib/dependencies/gson-<version>.jar.
  7. Configure the Remedy SSO agent. 

    • Open the file <TrueSightPServer>\truesightpserver\modules\tomcat\rsso_agent\rsso-agent.properties and add the following configuration:

      agent-id=tsps_agent
sso-external-url=https://<RSSO_HOST_PORT>/rsso
sso-service-url=https://<RSSO_HOST_PORT>/rsso
  8. Generate new SSL certificate with CN=<TSPS_HOST> and replace the existing certificate in keystore <TrueSightPServer>\truesightpserver\conf\secure\loginvault.ks.
  9. Start the TrueSight Presentation Server.

To manually integrate Remedy SSO with BMC Configuration Management Database

If you have integrated Remedy SSO with Remedy AR System and Remedy Mid Tier, Remedy SSO is automatically integrated with new BMC Configuration Management Database UI (CMDB UI). If the integration fails, integrate Remedy SSO with new CMDB UI manually. See Manually integrating Remedy Single Sign-On with Jetty server Open link .

To remove the integration of Remedy SSO from a BMC application

To remove the integration of Remedy SSO from a BMC application, perform the manual integration steps in reverse order. 

For information about how to remove integration between Remedy SSO and Remedy AR System, see Removing Remedy SSO integration from Remedy AR System and Remedy Mid Tier.

Was this page helpful? Yes No Submitting... Thank you
Last modified by Olha Horbachuk on Jul 29, 2020
integration contributor_unapproved task

Comments

  1. Eric Wuensche

    Please extend the section of manually integrating RSSO with AR Server about the files rsso-agent.properties, rsso-agent-osgi.jar from the Innovation Suite. Those files are neceesary to integrate the CMDB login.

    May 09, 2019 07:47
    1. Olga Kutetska

      Thank you for the comment. I will validate with the development team how to update the procedure correctly.

      May 17, 2019 08:36
    1. Olga Kutetska

      Hello, Eric!

      We have updated the page as you requested.

      Jul 04, 2019 08:26
  2. Eric Wuensche

    The list of libraries for the manual MidTier integration is missing the gson library.

    May 14, 2019 04:51
  3. Olga Kutetska

    Hello! Thank you for the comment. I have updated the document. The update will be published next week.

    May 17, 2019 08:35

Log in or register to comment.

Integrating Remedy SSO with BMC Discovery
Removing Remedy SSO integration from Remedy AR System and Remedy Mid Tier
© Copyright 1991 – 2019 BMC Software, Inc.
© Copyright 1991 – 2019 BladeLogic, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.