- Community Home
- >
- Servers and Operating Systems
- >
- HPE ProLiant
- >
- Server Management - Systems Insight Manager
- >
- SSO to CMS itself
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-21-2015 05:04 PM
01-21-2015 05:04 PM
SSO to CMS itself
We have a new policy which specifies that all web based applications (and this includes HP-SIM on the CMS) must authenticate with certificate based authentication. Every user is issed with a certifacate that is signed by the corporate CA.
The aim is that a user logins to their PC via a username/password or two factor hardware assisted authentication. But from that point access to web applications within the corporation is authenicated by the signed certificate. So this is a single signon to everything from the end-user device. The underlying issue is users having several strong passwords for different systems and not being able to remember them so things like writing them down etc. is seen as a huge security problem for some of the more sensitive applications.
There is much more to this policy but a lot of the other things like the CMS allowing access to the SMH on a managed client is already in place and quite acceptable, provided access to the CMS is secure in the first palce. But the missing bit is the user initial access to Insight Manager on the CMS.
We are currently running SIM V7.2 on Windows 2008R2.
Is it possible to do SSO into the CMS?
I have head from some the application maintainers that this is challenge in some legacy applications and what they have done is use certificate authentication prior to reaching the login page for the application (i.e. getting the web server between the broswer and application) and if successful drop into the normal username/password login page. This is not the intent but I'm not if either way is going to be achievable with HPSIM.
Has anyone done this or give me some pointers to how you might do this with SIM?
- Tags:
- certificate
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-31-2015 02:27 AM
01-31-2015 02:27 AM
Re: SSO to CMS itself
Andrew