Did you use the MidTier integration utility to perform the integration or did it manually.
If you performed the integration manually then you will need to set a parameter while running the deployer command
This list contains URLs which SSO agent will not intercept. The urls which are used here are as below
If you have already integrated SSO with MidTier, then go to the individual agent details in SSO and add these entries to the 'Not-Enforced' list and Save. Restart MidTier for these changes to come into effect.
Hope this helps
That is fine!! It is already there and I can navigate to config.jsp without being intercepted by ASSO. But my concern is when we integrate it with MT LB then it will be the LB URL always when you navigate to config.jsp not the individual MT URL. Even if you hit individual MT URL, it will navigate you to MT LB url.
In this case, we will not get to know which MT cache we are going to flush.
Which version of AR/MT and SSO are you using?
While configuring with Midtier LB URL make sure the webapp URL is set to the LB URL and notify-url as individual MT URL.
--notify-url = http://mt1.remedy.com/arsys
Also, try disabling the FQDN check for each MT agent that is registered on the SSO Server. By doing this you will no longer get redirected to LB URL and go to the individual MT url.
I had enabled FQDN check and that is why it was considering the hostname which was mentioned as LB FQDN,
After unchecking it, now it is disabled and working as expected.
Also wanted to check with you regarding single logout feature in SAML, We have integrated ASSO with Site Minder using SAML 2.0 but Site Minder version 12 does not support Single Logout Service. Hence we need to find a workaround where all the applications like ITSM,MyIT,Chat,Analytics and Dashboard should redirect to single common URL when we click on Logout button. SO ITSM is working fine where I click on Logout button and its redirecting me to common URL mentioned in agent Logout URI. But its not working for MyIT,Analytics and Dasboard and going again into the same application without redirecting to common URL. Do you know is there any possibility to redirect to common URL for those application as well?
I am able to login with test`users by hitting MT load balancer URL having /arsys/shared/login.jsp URI.
But after entering the credentials it is again redirecting to the IDP page.
Do you have any idea how to login with test users without SAML?