This documentation supports the 9.0 version of BMC Atrium Single Sign-On, which is in "End of Version Support." However, the documentation is available for your convenience. You will not be able to leave comments.

Click here to view the documentation for a supported version of Remedy Single Sign-On.

Configuring a new user ID transformation

When you are integrating BMC Atrium Single Sign-On with existing legacy systems, the new authentication methods might not provide the same user ID format that was available with previous authentication methods. Some methods also return a user ID in a format that cannot be used directly, for example, when CAC is used for authentication. In these situations, you can modify the user ID format by using the UserId Transformer options on the Realm Authentication panel in the Realm Editor. By default, two transformation options are available. You can add complex transformations to the UserId Transformer list by creating customized plug-ins.

If more complex transformations are necessary, follow these processes:

Creating a new plug-in

To enable you to create a customized plug-in, a java class must implement the UserId Transformer interface. You can access the class file of this interface—which is used to develop and create the customized plug-in—from the atsso-auth.jar file at the following location: <installation-directory>/tomcat/webapps/atriumsso/WEB-INF/lib.

To create a new plug-in

  1. Create a new java class that implements the UserId Transformer interface.
  2. Customize the class file as per your requirements.

  3. Compile the java file to create a class file.
    You can create a jar library for the class file, if required.

Installing the plug-in

After you create a new plug-in, you must install it.

Pre-requisite

Before you install the plug-in on the Atrium SSO server, you must shutdown the server.

To install the plug-in

  1. You can install the plug-in class directly into the Atrium SSO server by copying the class file into the following directory:  <installation-directory>/tomcat/webapps/atriumsso/WEB-INF/classes.
  2. Alternatively, if you have packaged the class file in a jar library, copy the jar file into the following directory: <installation-directory>/tomcat/webapps/atriumsso/WEB-INF/lib.

    Note

    If you need any additional libraries for the transformation plug-in, you the libraries into the following directory: <installation-directory>/tomcat/webapps/atriumsso/WEB-INF/lib.

  3. Add the full canonical class name of the new plug-in to the com.bmc.atrium.sso.opensso.extensions.userid.UserIdTransformer file at the following location: <installation-directory>/tomcat/webapps/atriumsso/WEB-INF/classes/META-INF/services.
  4. Restart the server.

If you have deployed BMC Atrium Single Sign-On in a High Availability (HA) environment, install the plug-in on all nodes in the cluster before configuring the realm to use the new transformation.

Using the new user ID transformation

After you install the plug-in on the server, open the BMC Atrium SSO Admin console and edit the realm for which you want to configure user ID transformation.

  1. On the Realms panel, select the realm and click Edit. The Realm Editor is displayed.
  2. On the Realm Authentication panel, select the type of transformation that you created from the UserId Transformer list.  
    You do not need to restart the server after applying the transformation. In-progress logon sessions will display the specified configuration, but newly started logon sessions will see the user ID as per the updated transformation.

For more information about adding user ID transformation in the Realms panel, see Realm Editor or Editing custom realms.

Was this page helpful? Yes No Submitting... Thank you

Comments