×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')

 

This documentation supports the 9.0 version of BMC Atrium Single Sign-On, which is in "End of Version Support." However, the documentation is available for your convenience. You will not be able to leave comments.

Click here to view the documentation for a supported version of Remedy Single Sign-On.

BMC Atrium Single Sign-On 9.0 Administering

Enabling and disabling multi-tenancy support

You can configure BMC Remedy Mid Tier multi-tenancy support in the BMC Atrium Single Sign-On server. The BMC Atrium Single Sign-On server and agents provide the needed integration into the BMC Remedy Mid Tier so that the tenant configuration does not need any adjustments.

Multi-tenancy support for Mid Tier in Atrium Single Sign-On

For authenticating users of BMC Remedy Mid Tier in a multi-tenant environment, BMC Atrium Single Sign-On support for multi-tenancy is necessary to identify and redirect logon requests from various tenants to the appropriate realms. A realm is a virtual Identity Provider (IdP) that is used for authenticating tenants. Each realm is mapped to a web agent in the BMC Remedy Mid Tier. The web agent interacts with the mid tier and redirects the user to the appropriate tenant logon page. Deploying multiple realms for tenants is supported through the web agent and BMC Atrium Single Sign-On server. You can update the web agent without redeployment or scripts. You can deploy BMC Atrium Single Sign-On as a shared service that is implemented in High Availability (HA) mode.

The following diagram illustrates the deployment architecture.

Deployment_architecture_diagram

The web agent maps the server host name (used by the user to access a protected application) to the full logon and logoff URLs. The logon and logoff URLs contain the information (for example, realm name and IdP ID) required to separate different tenants from each other.

Note

When multi-tenancy support is enabled, the default logon and logoff URLs specified for the web agent configuration from the BMC Atrium SSO Admin Console are not used. Instead of default URLs, logon and logoff URLs for specific realms are used for each tenant.

To enable multi-tenancy support

  1. Set the value of the allow.tenant.admin and allow.multiple.realms parameters to true in the web.xml file available at the following location:

    • (For Microsoft Windows) <installationDirectory>\tomcat\webapps\atriumsso\WEB-INF\

    • (For UNIX) <installationDirectory>/tomcat/webapps/atriumsso/WEB-INF/

  2. Clear the Enable check box on the FQDN Mapping tab from the BMC Atrium SSO Admin Console.
    For more information about disabling FQDN mapping, see Agent Manager in multi realm environment.

After you enable multi-tenancy support, you can manage realms from the Realms panel that appears in the BMC Atrium Admin Console.

To disable multi-tenancy support

Set the value of the allow.tenant.admin and allow.multiple.realms parameters in the web.xml file in the Atrium SSO installation directory to false.

Where to go from here

Was this page helpful? Yes No Submitting... Thank you
Last modified by Kamalakannan Srinivasan on Mar 31, 2015
bmc_remedy_ar_system shared_service multi_tenancy

Comments

Log in or register to comment.

Editing custom realms
Configuring BMC Atrium Single Sign-On with mid tier deployed as a shared service
© Copyright 2023 BMC Software, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2023 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.