This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

External user on boarding into developer portal

Posted on 06-06-2018 02:46 AM
sumiya96
New Member
Reply posted on --/--/---- --:-- AM

Hi,

We got a requirment to onboard an external(internet) users into developer portal using SiteMinder Registration and Login.

SAML Auth is already handled for all the Internal users and same will be applied to External users as well. Here comes the scenario for External users Registration and Login.

For the brand new user who is Registering into portal using Site Minder Registration and login to the SM and portal this works fine.Once the new users logs in.. user will be directed to developer portal.

In the other scenario User already has his login details which are not registered through the Site minder. In this case Developer portal will have this user details but this user might not have registered in the Site Minder. When user logs into Site minder,it should send this user details to the portal and portal needs to check if this user exists or not,if it exists then send success Message to Site Minder ,Site Minder will understand that this user is available in portal and needs to do Registration on Site Minder in order to have the same user entry in Site Minder.

This is my idea to implement in this way..Is it really achievable?or any ideas and suggestions would be appreciated..

0 2 326
Topic Labels
0 Likes
2 REPLIES 2

Posted on --/--/---- --:-- AM
dchiesa1
Staff
Reply posted on --/--/---- --:-- AM

Interesting question. The answer will combine aspects of the Apigee Edge devportal and Siteminder, as well as some custom user experience that you design and implement.

I can think of a couple different options.

  1. provide options

    ONE approach might be a user experience something like this:

    When the unauthenticated user arrives at the devportal, the person sees a screen providing two options:

    1- login with siteminder
    2- login with your devportal credentials.

    Then if the user selects option 2, you want to auto-provision that user into Siteminder.

    This can be done with a custom drupal module that implements hook_user. In your hook code, Check the operation; if it is not a login, then ignore it. If it is a login operation, then you need to look to see if the user has been authenticated by siteminder. I don't know exactly how you'd do that, but perhaps with a request header.

    If not logged in with siteminder, then you need to execute the logic that provisions the user in siteminder.

  2. hook_user

    ANOTHER approach might be to use hook_user or the rules module to inform people that have logged in with "regular" drupal credentials that this authentication method will be disabled in the future. And point them to a page that allows them to provision a new account manually in siteminder.

    At first, the unauthenticated user still gets the two login choices as above, but after some period of time, you would disable the "login with your devportal credentials" option and force all people to use the SAML login.

  3. auto provision

    A THIRD approach might be to bulk-export all the users and provision new accounts in Siteminder. Then you would allow only ONE option for logging in: "login with siteminder". And for those auto-provisioned accounts, Siteminder would force the users to reset their password before proceeding. I don't know how to do that'; I'm not a siteminder expert. But I suppose it would be straightforward.

This last option seems the easiest and clearest.

0 Likes

Posted on --/--/---- --:-- AM
jjjegath
New Member
Reply posted on --/--/---- --:-- AM

@sumiya Have you integrate site minder with developer portal .If it is working means can you please elaborate how you implemented ,which will be useful for us also.

0 Likes