Saturday, July 25, 2009

Single Sign-On fails with SiteMinder due to incorrect agent group settings

After configuring eTrust SiteMinder for WebSphere Portal, you still get prompted for the portal server login after authenticating via the SiteMinder login feature.

TAI not added to agent group in SiteMinder

Resolving the problem

Check the Agent Groups section via the SiteMinder Administration Console. Agent groups can be specified which allow you to add multiple TAIs into one SSO policy so that you aren't required to set up one policy for every server. If you fail to add the relevant TAI to the desired agent group, SSO can fail even after following the configuration steps in the WebSphere Portal Information Center.