BMC Atrium Single Sign-On architecture
The benefit to BMC products that have BMC Atrium Sign-On as an authentication option is that all of the authentication protocols supported by BMC Atrium Sign-On are available to the product and any new protocols added are available without any product changes. The BMC Atrium Single Sign-On server and agents provide the needed integration into these systems so a product does not need any adjustments.
The following diagram shows a high level implementation of BMC Atrium Single Sign-On integration with BMC Dashboards for BSM, BMC Analytics for BSM, and BMC Remedy IT Service Management.
BMC Atrium Single Sign-On Architecture
Workflow
- User accesses the protected application from a mobile device or through a web browser.
- Web Agent redirects the user to BMC Atrium Single Sign-On console.
- BMC Atrium Single Sign-On presents a login page to the user.
- The user enters her/his credentials.
- BMC Atrium Single Sign-On verifies the user’s credentials with the authentication store.
- The store authenticates the user.
- BMC Atrium Single Sign-On provides access to the user.
- The user accesses the application.
Role of AR plugin in the authentication process
After authentication, the BMC Remedy Mid Tier connects to BMC Remedy AR System to send the user name and BMC Atrium Single Sign-On token id to the BMC Remedy AR System Server. Then, the AR plugin uses the BMC Atrium Single Sign-On SDK to connect and validate the token. After validation, the plugin sends the information to BMC Remedy AR System Server which allows the API call to load the user's view in the front end.
Web agents
Starting BMC Atrium Single Sign-On 8.1 release, a web agent is available for use by BMC applications. In addition to functioning as the central server, BMC Atrium Single Sign-On uses web agents which are integrated into each of the BMC products.
For more information, see Web-agents.