Out of support This documentation supports the 8.1 version of BMC Atrium Single Sign-On, which is in "End of Version Support." However, the documentation is available for your convenience. You will not be able to leave comments.Click here to view the documentation for a supported version of Remedy Single Sign-On.

Managing the server configuration

BMC Atrium Single Sign-On server parameters can be modified or enabled including the server session, cookie name and domain, the password for accessing the server, the FQDN, logging level, FIPS-140 enablement, CAC usage of Online Certificate Status Protocol (OCSP) enablement.

To modify the server configuration

  1. On the BMC Atrium SSO Admin Console, click Edit Server Configuration.
  2. Modify the BMC Atrium Single Sign-On server parameters.
  3. Click Save.
     Committed changes take effect immediately. A server restart is not necessary.

Server configuration parameters

The Server Configuration Editor provides the parameters that must be updated when you install or configure BMC Atrium Single Sign-On server.

The following topics are provided:

Server Configuration Editor parameters

HTTP Only and HTTPS Only

With the release of BMC Atrium Single Sign-On 8.1 Patch 3, the Server Configuration Editor provides two new options: HTTP Only and HTTPS Only.

The HTTP Only parameter marks the BMC Atrium Single Sign-On cookie to prevent non-HTTP APIs such as, JavaScript from accessing the cookie. When you enable the HTTPS Only parameter, it marks the cookie with the Secure option, which ensures that the cookie is transmitted only over HTTPS connections from the browser to the server.

The default value of these check boxes is false. When set to true, the option prevents scripts and third-party programs from accessing the cookies.

To secure BMC Atrium Single Sign-On as a stand-alone server

  1. Open the Edit Server Configuration tab on the BMC Atrium Single Sign-On Admin Console.
  2. Select the HTTP Only and HTTPS Only check boxes, and click Save.
  3. Restart the BMC Atrium Single Sign-On server.
  4. Clear all the existing cookies from the browser history.

To secure BMC Atrium Single Sign-On as a high-availability cluster

  1. Open the HA Node Details tab on the BMC Atrium Single Sign-On Admin Console.
  2. Select the node for which the HTTP Only and HTTPS Only options are to be enabled.

  3. Select the HTTP Only and HTTPS Only check boxes for each node, and click Save

    Note

    Configuration warnings appear, saying that the HTTP Only and HTTPS Only features are out of sync for some nodes. You can ignore the warnings and click OK.

  4. Restart the server.
  5. Clear all the existing cookies from the browser history.

Note

A warning is displayed after the configuration change is saved when the HTTP Only, HTTPS Only, Cookie Name, or Cookie Domain setting is out of sync with other nodes. The warning message includes a list of other nodes that do not match the currently saved value.

Session parameter defaults

The session parameters defaults for the BMC Atrium Single Sign-On server are:

  • Max Session Time (Default: 120 minutes)
  • Idle Timeout (Default: 30 minutes)
  • Cache Time (Default: 3 minutes)
  • Max Session Count per User (Default: 5)

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*