Security Configuration to a SiteMinder-protected EIS

With SAP Mobile Platform, SiteMinder authentication is used in Network Edge and non-Network Edge configurations to authenticate the client of a Web service, SAP JCo, or NetWeaver service.

In your security configuration that integrates with SiteMinder applications, you need a ClientValuePropagatingLoginModule so you can save your SMSESSION cookie as a credential for EIS single sign-on. if the SiteMinder agent adds an sm_user header to client requests, use that header in the ClientValuePropagatingLoginModule to set a user Principal. If the SiteMinder agent does not add an sm_user header, then disable impersonization checking.

You should also have an HttpAuthenticationLoginModule configured for a SiteMinder-protected URL where SAP Mobile Platform can verify the validity of the user's SMSESSION cookie.

For a detailed example focusing on SiteMinder specific configurations for SAP Mobile Platform, see How-To: Set up SUP with SiteMinder at http://scn.sap.com/docs/DOC-29574.