This documentation supports the 9.0 version of BMC Atrium Single Sign-On, which is in "End of Version Support." However, the documentation is available for your convenience. You will not be able to leave comments.

Click here to view the documentation for a supported version of Remedy Single Sign-On.

Integrating BMC MyIT

This topic describes how to configure the integration of BMC Atrium Single Sign-On to provide SSO authentication for BMC MyIT. This procedure does not apply to multi-tenant environment. 

BMC Atrium SSO authentication applies to both the Universal Client and to the mobile applications. When a user logs in on mobile devices, the user is prompted to enter the Hostname and Port. If this server has SSO enabled, the mobile client opens a browser to the SSO login page. The SSO server sets the SSO cookies after authentication on to the device browser. When the user relaunches the application and if the cookies are not expired, the mobile client displays the application. If the SSO cookies are expired, then the user is shown the login page again for authentication.

Before you begin

  • Install BMC Atrium Single Sign-On and configure realms to support the needed authentication methods. For more information, see BMC Atrium Single Sign-On 9.0 online documentation.
  • Install BMC MyIT.
  • Verify access to the BMC MyIT and the BMC Atrium Single Sign-On servers use the same domain. Otherwise, deploying the BMC Atrium Single Sign-On agent will not work.
  • Verify the location of the Webagent folder or compressed file in the BMC Atrium Single Sign-On installation files at the following location. 

    AtriumSSOinstallerDirectory\BMCAtriumSSO\Disk1\files\webagent
    Example:
    location webagent

To enable Atrium Single Sign-On in the BMC MyIT database

  1. Using the business schema login credentials, log on to the Oracle or Microsoft SQL database configured for BMC MyIT during installation.
    BMC MyIT is installed with two logins, one for business schema and one for system schema. If you do not know login details, look at the database configuration files at TomcatInstallationPath/Tomcat7.0/conf/catalina/localhost/ux.xml

  2. In the TENANT table for all the tenants (all the entries in the table), set the SAML Authentication field to True

    Microsoft SQL Example: Setting SAML_AUTHENTICATION

  3. Repeat this step each time that you add a tenant to the Single Sign-On configuration.  

To deploy the BMC Atrium Single Sign-On agent and web.xml

For clusters, complete the following procedure for each BMC MyIT server.

  1. Stop the Tomcat server.

  2. Copy the WebAgent folder to any location on the BMC MyIT server, and, if a compressed file, extract the files. 

  3. In a Linux shell or DOS command window, go to the WebAgent/Deployer folder. 
  4. Specifying the ssoServer:port, myitUrl, tomcatServerPath, ssoAdminName, and ssoAdminPassword values, run the following command with the fully qualified domain names:

    JavaInstallationPath\java -jar deployer.jar --install --container-type tomcatv7 --atrium-sso-url https://ssoServer:port/atriumsso --web-app-url http://myitUrl/ux --container-base-dir tomcatServerPath --admin-name ssoAdminName --admin-pwd ssoAdminPassword

    Tip

    Create a .bat or .sh file with the command so that, if needed, you can modify and run the command, such as in clusters, or server groups. 

    Example: /usr/java/jdk1.7.0_01/bin/java -jar deployer.jar --install --container-type tomcatv7 --atrium-sso-url https://vm-sso1.calbro.com:443/atriumsso --web-app-url http://vm1-03.calbro.com/ux --container-base-dir /opt/bmc/apache/tomcat7.0 --admin-name admin --admin-pwd Pass1234

  5. Look at the output for errors.
  6. Verify that the atssoAgents folder is created in the Tomcat folder. 
    Example: Apache Software Foundation\Tomcat7.0\atssoAgents
  7. Log on to the BMC Atrium Single Sign-On server, and verify /ux@myitServer:port in the agent list.

  8. Extract the ux.war file so that you can edit web.xml.  
  9. Edit the web.xml in Smart_IT_MyIT/ux/WEB-INF
    Linux example:  /opt/bmc/Smart_IT_MyIT/Smart_IT_MyIT
    Windows example: C:\Program Files\BMC Software\Smart_IT_MyIT\Smart_IT_MyIT\ux\WEB-INF  
  10. Uncomment the Atrium SSO webagent <filter> and <filter-mapping> elements (by deleting <!--  and -->) and save the file. 

        <!-- Atrium SSO webagent filter. Uncomment when needed -->
        <!--
    	<filter>
            <filter-name>Agent</filter-name>
            <filter-class>com.bmc.atrium.sso.agents.web.SSOFilter</filter-class>
        </filter>
        <filter-mapping>
    		<filter-name>Agent</filter-name> 
    		<url-pattern>/myitapp/*</url-pattern> 
    		<dispatcher>REQUEST</dispatcher> 
    		<dispatcher>INCLUDE</dispatcher> 
    		<dispatcher>FORWARD</dispatcher> 
    		<dispatcher>ERROR</dispatcher> 
    	  </filter-mapping>
    	  <filter-mapping>
    		<filter-name>Agent</filter-name> 
    		<url-pattern>/smart-it/*</url-pattern> 
    		<dispatcher>REQUEST</dispatcher> 
    		<dispatcher>INCLUDE</dispatcher> 
    		<dispatcher>FORWARD</dispatcher> 
    		<dispatcher>ERROR</dispatcher> 
    	  </filter-mapping>
    	  <filter-mapping>
    		<filter-name>Agent</filter-name> 
    		<url-pattern>/restapi/SSOLogin/*</url-pattern> 
    		<dispatcher>REQUEST</dispatcher> 
    		<dispatcher>INCLUDE</dispatcher> 
    		<dispatcher>FORWARD</dispatcher> 
    		<dispatcher>ERROR</dispatcher> 
    	  </filter-mapping>
    	  <filter-mapping>
    		<filter-name>Agent</filter-name> 
    		<url-pattern>/restapi/users/sessions</url-pattern> 
    		<dispatcher>REQUEST</dispatcher> 
    		<dispatcher>INCLUDE</dispatcher> 
    		<dispatcher>FORWARD</dispatcher> 
    		<dispatcher>ERROR</dispatcher> 
    	  </filter-mapping>
    	  <filter-mapping>
    		<filter-name>Agent</filter-name> 
    		<url-pattern>/rest/SSOLogin/*</url-pattern> 
    		<dispatcher>REQUEST</dispatcher> 
    		<dispatcher>INCLUDE</dispatcher> 
    		<dispatcher>FORWARD</dispatcher> 
    		<dispatcher>ERROR</dispatcher> 
    	  </filter-mapping>
    	  <filter-mapping>
    		<filter-name>Agent</filter-name> 
    		<url-pattern>/rest/users/sessions</url-pattern> 
    		<dispatcher>REQUEST</dispatcher> 
    		<dispatcher>INCLUDE</dispatcher> 
    		<dispatcher>FORWARD</dispatcher> 
    		<dispatcher>ERROR</dispatcher> 
    	  </filter-mapping>
    	  <filter-mapping>
    		<filter-name>Agent</filter-name> 
    		<url-pattern>/atssologout.html</url-pattern> 
    		<dispatcher>REQUEST</dispatcher> 
    		<dispatcher>INCLUDE</dispatcher> 
    		<dispatcher>FORWARD</dispatcher> 
    		<dispatcher>ERROR</dispatcher> 
    	  </filter-mapping>
    	  -->
  11. Add the edited web.xml to the ux.war archive. 

  12. Restart the Tomcat server for BMC MyIT.

  13. Log on to BMC MyIT with BMC Atrium Single Sign-On. 

Related topics

Was this page helpful? Yes No Submitting... Thank you

Comments

  1. Avinash Ramesh

    Hi Team,

     

    What needs to be done when we have tomcat V8 as the code mentioned above doesnt accepts tomcatv8 as container Type.

     

    Regards

    Avinash

    Oct 05, 2015 02:33
    1. Kamalakannan Srinivasan

      Hi Avinash,

      Thank you for your comment. I will discuss with the technical team and then keep you posted.

      With best regards,

      Kamal

      Oct 05, 2015 04:39
    1. Kamalakannan Srinivasan

      Hi Avinash,

      Our technical team informed that even though you may use Tomcat 8, still specify the details as "--container-type tomcatv7". It should work then.

      Regards,

      Kamal

       

      Oct 05, 2015 05:37