×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')

Unsupported content

 

This version of the product is in limited support. However, the documentation is available for your convenience. You will not be able to leave comments.
Remedy Single Sign-On 18.08 Administering

Enabling cross launch for applications integrated with different Remedy SSO servers

You can enable single sign-on during cross launch to an application integrated with a Remedy Single Sign-On server from another application integrated with a different Remedy SSO server. Both applications must be deployed on two different Remedy SSO servers in two different domains.

Related topic

Troubleshooting cross launching application issues on different RSSO servers

Single Sign-on cross launch overview

The following table describes the cross launch components and their role:

ComponentRole
Originating applicationThe application that performs the target application cross launch.
Originating domainThe domain where the originating application is deployed.

Originating Remedy SSO server

The Remedy SSO server integrated with the originating application.

Target applicationThe application that is cross launched by the originating application.
Target domainThe domain where the target application is deployed.

Target Remedy SSO

The Remedy SSO server integrated with the target application.

A trust relationship is required between the originating and target Remedy SSO servers to support single sign-on between the two applications that are integrated with two different Remedy SSO servers as shown in the following image. 


The target server relies on the JWT public certificate to validate the incoming cross launch request from the originating application. 

Before you begin

Ensure that the following component prerequisites are met:

ComponentsPrerequisites
Originating application
  • Must be located in a different domain than the target application
  • Must be able to construct a URL in the following format to cross launch:
    <protocol>:<target_rsso_host>:<target_rsso_port>/rsso/cross-sso?goto=<target_app_url>#jwt=<jwt>
  • Iframe must be available to allow the originating application to open the target application

Originating Remedy SSO server

The originating Remedy SSO server on which an originating application is deployed must be configured for any of the supported authentication mechanisms:

  • AR
  • SAML 2.0
  • LDAP
  • Kerberos 
  • Certificate-based 
  • Local
  • OpenID Connect
  • Pre-authentication
Target application

Must be located in a domain that is different from the domain of the originating application.

Target Remedy SSO server

  • Must be configured only for the PREAUTH authentication type
  • The public certificate must be applicable to the target Remedy SSO server
    Note: This public certificate must be configured manually.

Process for enabling single sign-on for cross launching

The following table explains the process of enabling single sign-on for cross launch.

TaskReference

Configuring an application on the originating Remedy SSO server.

Configuring Remedy SSO for authentication

Configuring an application on the target Remedy SSO server.

Configuring the pre-authentication mechanism

Test cross launching to the application on the target Remedy SSO server

To access a target application, click on a link in an originating application. You will be redirected to the target application without a request to log in to the target server.  

Was this page helpful? Yes No Submitting... Thank you
Last modified by Olha Horbachuk on Oct 05, 2020
cross_launch integration

Comments

Log in or register to comment.

Invalidating end user sessions
Adding applications to the Digital Service Management page
© Copyright 1991 – 2018 BMC Software, Inc.
© Copyright 1991 – 2018 BladeLogic, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.