This documentation supports the 20.02 version of Remedy Single Sign-On.

To view an earlier version, select the version from the Product version menu.

Configuring settings for the Remedy SSO server

Review the following settings for Remedy SSO server, and configure them as required.

To set the cookie domain

The cookie domain controls the cookie visibility between servers within the same domain or different domains.

By default, the parent domain of a computer on which the Remedy SSO server is installed is set as the cookie domain value. The default cookie domain provides the most restrictive access to applications protected by Remedy SSO.

You can set a child domain name of a server where Remedy SSO is installed as the cookie domain value. For example, if your Remedy SSO server is on rsso.yourcompany.com, you can set the cookie domain to rsso.yourcompany.com instead of just yourcompany.com.

However, if your ITSM and BMC Digital Workplace applications are available on itsm.yourcompany.com and dwp.yourcompany.com, and Remedy SSO is on sso.yourcompany.com, then the cookie domain must be set to sso.yourcompany.com.

  1. In the Remedy SSO Admin Console, click General > Basic.
  2. In the Cookie Domain field, enter the cookie domain value.

    Note

    The cookie domain value must contain a dot (".").

    Ensure that the value is correct because a wrong value can cause a redirection loop.

  3.  Click Save.

To set the cookie name

The cookie name is automatically created during the installation of Remedy SSO, and the name is shared between all applications that use Remedy SSO.

If you configure Remedy SSO across multiple staged environments within the same domain, you must specify a unique cookie name for each environment. For example, if you have four environments (DEV, QA, STAGING, and PRODUCTION), each group of applications within the same domain must have the environment's unique cookie name.

  1. In the Remedy SSO Admin Console, click General > Advanced.
  2. In the Cookie Name field, enter a unique value.

    The default cookie name is a timestamp value, which is generated when the Remedy SSO database is installed. 

  3. Click Save.

To secure the cookie

You might need to secure the cookie if all integrated applications run on HTTPS, and are accessed only through HTTPS. 

  1. In the Remedy SSO Admin Console, click General > Advanced.
  2. Select the Enable Secured Cookie check box.
  3. Click Save.

To enable a secured cross site cookie

You might need to enable a cross site cookie if you have Remedy SSO integrated with applications hosted on different domains or applications not integrated with the same Remedy SSO server. For information about these deployment cases, see Deployment scenarios.

Remedy SSO uses cookies to ensure that your users are able to seamlessly access all integrated applications. As browsers implement changes to their default SameSite attributes, cross-site cookie requests will not be sent, and as a result, your users will be prevented from accessing your applications.

To enable a cross site cookie for a browser, perform the following steps:

  1. In the Remedy SSO Admin Console, click General > Advanced.
  2. Select the Enable Secured Cookie check box.
  3. Select the Use Cross Site Cookie check box.
  4. Click Save.

To set the service URL on the Remedy SSO server

The service URL provides information about the location of the Remedy SSO server, and the Remedy SSO server uses the service URL to generate session tokens. 

  1. In the Remedy SSO Admin Console, click General > Advanced.
  2. In the Service URL field, set the Remedy SSO service URL. 
  3. Click Save.

If you do not set the service URL on the Remedy SSO server, you can specify the sso-service-url in the rsso-agent.properties configuration file on the Remedy SSO agent and the AREA plugin file for generating session tokens.

To configure the log level for the Remedy SSO server

  1. In the Remedy SSO Admin Console, click General > Basic.
  2. From the Server Log Level list, select a severity level for logging messages.

    Note

    The DEBUG level affects the Remedy SSO server performance.

  3. Click Save.

To configure the maximum session time for end users

  1. In the Remedy SSO Admin Console, click General > Basic.
  2. In the Max Session Time field, set the time after which the user session should expire.
    By default, the session timeout is set as 24 hours. When this value is selected, time constraints are automatically enforced. 

    Note

    The time that you set must be more than the time that is set for session token validation on the Remedy SSO agent.

  3. Click Save.

Was this page helpful? Yes No Submitting... Thank you

Comments