Hi Rebecca,
Maybe you have something more advanced than we have, but we've
customized areasamp.c to take the user supplied login id and passcode
and call a module to authenticate it. It works great for both the
WUT and mid-tier.
Let me know if you have any questions.
Julie
At 08:45 PM 10/5/2006, Rebecca Hammond wrote:
Nothing, yet. Based on research, seems that it can't be done - you can set
up a "trust" (which our security people get indignant at calling it that) -
meaning, if you want to "trust" that just because someone got on to a
machine with a smart card, you could grab the user name get them into the
system that way. But you can't have the AR Server and the client
communicate with certificates.
However, on the mid-tier, we can use certificates, as we'll do all of the
authentication work using SiteMinder...
-----Original Message-----
From: Action Request System discussion list(ARSList)
[mailto:[EMAIL PROTECTED] On Behalf Of Davis, David CTR NAVSURFWARCENDIV
Crane, Code 0552
Sent: Thursday, October 05, 2006 1:24 PM
To: [email protected]
Subject: Re: Authenticate an ARS user using a certificate stored on a smart
card
Rebecca
Have you been able to integrated ARS authentication with the PKI
SmartCard yet? If so, what tools did you use.
Thanks,
Dave Davis
Software Systems Engineer - SAIC
-----Original Message-----
From: Action Request System discussion list(ARSList)
[mailto:[EMAIL PROTECTED] On Behalf Of Rebecca Hammond
Sent: Wednesday, September 13, 2006 13:39
To: [email protected]
Subject: Re: Authenticate an ARS user using a certificate stored on a
smart card
Am I the only one who isn't totally confused by the white paper? I'm
just not clear on how I'm supposed to write an Authenticator of my own,
that handles PKI or SmartCard technology.
Is it just because with SSO, it pulls the information from your OS?
Does anyone have any samples of what these Authenticators might look
like?
Thanks in advance!
-Rebecca Hammond
On Fri, 11 Aug 2006 14:11:45 -0700, Easter, David <[EMAIL PROTECTED]>
wrote:
>Daniel,
>
> You may want to take a look at the "Integrating BMC Remedy Action
>Request System with Single Sign-On (SSO)" white paper that was updated
>for AR System 7.00.00. It also applies to other client-side login
>intercept technologies like smart cards or PKI.
>
>It is available on http://supportweb.remedy.com in the Documents
>section.
>
>David J. Easter
>Sr. Product Manager - BMC Software
>
>-----Original Message-----
>From: Action Request System discussion list(ARSList)
>[mailto:[EMAIL PROTECTED] On Behalf Of CONDREA, Daniel
>Sent: Thursday, August 10, 2006 10:53 PM
>To: [email protected]
>Subject: Authenticate an ARS user using a certificate stored on a smart
>card
>
>Hi All,
>
>Can anybody suggest a way to authenticate an ARS user using a
>certificate stored on a smart card?
>
>The end user can not authenticate with a username and a password.
>He/she can only authenticate using the certificate stored in the
smartcard.
>
>Best regards,
>Daniel Condrea
>
>--
>
>*****DISCLAIMER*****
>
>The information contained in this communication is confidential and may
>be legally privileged. It is intended solely for the use of the
>individual or entity to whom it is addressed and others authorized to
>receive it. If you are not the intended recipient you are hereby
>notified that any disclosure, copying, distribution or taking action in
>reliance of the contents of this information is strictly prohibited and
>may be unlawful. Orange Romania S.A. is neither liable for the proper,
>complete transmission of the information contained in this
>communication nor any delay in its receipt.
>
>*****END OF DISCLAIMER*****
>
>_______________________________________________________________________
>_
>_______
>UNSUBSCRIBE or access ARSlist Archives at http://www.wwrug.org
>
>_______________________________________________________________________
>____
____
>UNSUBSCRIBE or access ARSlist Archives at http://www.wwrug.org
>=======================================================================
>=
________________________________________________________________________
_______
UNSUBSCRIBE or access ARSlist Archives at http://www.wwrug.org
____________________________________________________________________________
___
UNSUBSCRIBE or access ARSlist Archives at http://www.wwrug.org
_______________________________________________________________________________
UNSUBSCRIBE or access ARSlist Archives at http://www.wwrug.org
_______________________________________________________________________________
UNSUBSCRIBE or access ARSlist Archives at http://www.wwrug.org
