Out of support

 

This documentation supports the 8.1 version of BMC Atrium Single Sign-On, which is in "End of Version Support." However, the documentation is available for your convenience. You will not be able to leave comments.

Click here to view the documentation for a supported version of Remedy Single Sign-On.

Server Configuration Editor

The Server Configuration Editor provides the parameters that must be updated when you install or configure BMC Atrium Single Sign-On server.

The following topics are provided:

Server Configuration Editor parameters

Field

Parameters

Description

Cookies

Cookie Name

The cookie name is automatically created at install time for the BMC Atrium Single Sign-On server. It is generated based upon the FQDN of the Atrium BMC Atrium Single Sign-On host.

Cookie Domain

The default cookie domain value is the network domain of the computer you are installing the server on. The default cookie domain specifies the most restrictive access. This value is used to control cookie visibility between servers within the domain. For more information about the default cookie domain, see Default cookie domain.

 HTTP Only

Select the HTTP Only check box to mark the BMC Atrium Single Sign-On cookie to prevent non-HTTP APIs such as, JavaScript from accessing the cookie. For more information about HTTP Only parameter, see  HTTP Only and HTTPS Only .

 HTTPS OnlySelect the HTTPS Only check box to mark the cookie with the Secure option, which ensures that the cookie is transmitted over only HTTPS connections from the browser to the server. For more information about the HTTPS Only parameter, see HTTP Only and HTTPS Only. 

amAdmin

Password & Confirm Password

The password for accessing the BMC Atrium Single Sign-On server.

External URL

FQDN for the BMC Atrium Single Sign-On server.

Logging Level

Logging level options are Off, Error, Warning, or Message. Error returns the least amount of information and Message contains the most amount of information.

Enable FIPS-140

Be sure to configure FIPS-140 before enabling, see Configuring FIPS-140 mode.

Online Certificate Status Protocol

CAC can use OCSP. If CAC is using OCSP, be sure to configure CAC before enabling. If CAC isn't using OCSP, configuration is not required.
To enable, provide the Server URL and select Enable OCSP.

Session

Max Session Time

Time after which your session will be logged out even when you are active. The default time in 120 minutes. The time constraints are automatically enforced when this value is selected.

Note: The Max Session Time value should be more than the Idle Timeout value.

Idle Timeout

Time after which your session will be logged out if you are inactive or away. The default time in 30 minutes. The time constraints are automatically enforced when this value is selected.

Note: When you have integrated BMC Atrium SSO with BMC Remedy AR System, you the Idle Timeout value should be 3 minutes more than the BMC Mid Tier idle timeout value.

Cache Time

Time after which the cache will be cleared. Time constraints are automatically enforced. The default time is 3 minutes.

Max Session Count per User

Maximum number of concurrent sessions allowed for a user. The default value is 5.
Click Enable to enable Max Session Count per User.

When the session limit is exceeded, select the desired behavior. The two options are Delete Oldest or Block New.

HTTP Only and HTTPS Only

With the release of BMC Atrium Single Sign-On 8.1 Patch 3, the Server Configuration Editor provides two new options: HTTP Only and HTTPS Only.

The HTTP Only parameter marks the BMC Atrium Single Sign-On cookie to prevent non-HTTP APIs such as, JavaScript from accessing the cookie. When you enable the HTTPS Only parameter, it marks the cookie with the Secure option, which ensures that the cookie is transmitted only over HTTPS connections from the browser to the server.

The default value of these check boxes is false. When set to true, the option prevents scripts and third-party programs from accessing the cookies.

To secure BMC Atrium Single Sign-On as a stand-alone server

  1. Open the Edit Server Configuration tab on the BMC Atrium Single Sign-On Admin Console.
  2. Select the HTTP Only and HTTPS Only check boxes, and click Save.
  3. Restart the BMC Atrium Single Sign-On server.
  4. Clear all the existing cookies from the browser history.

To secure BMC Atrium Single Sign-On as a high-availability cluster

  1. Open the HA Node Details tab on the BMC Atrium Single Sign-On Admin Console.
  2. Select the node for which the HTTP Only and HTTPS Only options are to be enabled.
  3. Select the HTTP Only and HTTPS Only check boxes for each node, and click Save

    Note

    Configuration warnings appear, saying that the HTTP Only and HTTPS Only features are out of sync for some nodes. You can ignore the warnings and click OK.

  4. Restart the server.
  5. Clear all the existing cookies from the browser history.

Note

A warning is displayed after the configuration change is saved when the HTTP Only, HTTPS Only, Cookie Name, or Cookie Domain setting is out of sync with other nodes. The warning message includes a list of other nodes that do not match the currently saved value.

Was this page helpful? Yes No Submitting... Thank you

Comments