0

I am trying to determine how I can integrate with BMC Remedy via it's API.

The ARServerUser class seems to require the a username and password, given that I am driving this from an application behind an SSO solution (Oracle OAM/OIM) it's not possible for me to obtain the users password however I can keep the usernames in sync.

I guess I could use a single administrative account for API access however I suspect this will ruin the audit trails should any updates be made or does the API support impersonation perhaps?

Am I missing something it seems there should be support for other authentication options or impersonation via the API?

BЈовић
  • 62,405
  • 41
  • 173
  • 273
Jon
  • 1
  • 1
  • 1

3 Answers3

0

It is a little unclear what you want to do. are you pushing data to remedy? then https://stackoverflow.com/users/267749/user267749 's answer is relevant. You should be aware, that even though you are using an SSO solution, standard authentication still should work - we have a solution running in test at the moment where users failing SSO authentication are redirected to the login page /shared/login.jsp and then log in as usual. This is just to prove that normal authentication is still possible. When you access Remedy through the API your mid-tier setup is irrelevant.

If, on the other hand, you are trying to integrate with the Oracle SSO solution, ArServerUser is the wrong way to go. you need to write an AREA (AR External Authentication) plugin, and follow the whitepaper https://stackoverflow.com/users/926942/sk linked to (http://documents.bmc.com/supportu/documents/57/12/65712/65712.pdf).

When doing this, you will need to read up on the way your SSO solution works, in order to integrate it with Remedy.

Community
  • 1
  • 1
JoSSte
  • 2,953
  • 6
  • 34
  • 54
0

It's possible to integrate BMC ARS Remedy with Single Sign-On since at least version 7.0. AFAIK, it doesn't rely on the ARServerUser class. BMC has a white paper explaining the steps to enable it: http://documents.bmc.com/supportu/documents/57/12/65712/65712.pdf (you'll need an account on BMC's site to acces it).
Basically, you have to implement:

  • a login module on the mid-tier to catch the identifiers sent by your web sso
  • a module on the ARS Server to match this identifiers with accounts known by the server

We use a similar method to authenticate our user through X509 certificates.

sk_
  • 2,105
  • 17
  • 31
0

I believe you are looking for the ARAPI impersonate function:

http://www.javasystemsolutions.com/documentation/thirdparty/arapiv75/com/bmc/arsys/api/ARServerUser.html#impersonateUser%28java.lang.String%29

user267749
  • 71
  • 5