Searching the Help
To search for information in the Help, type a word or phrase in the Search box. When you enter a group of words, OR is inferred. You can use Boolean operators to refine your search.
Results returned are case insensitive. However, results ranking takes case into account and assigns higher scores to case matches. Therefore, a search for "cats" followed by a search for "Cats" would return the same number of Help topics, but the order in which the topics are listed would be different.
Words and Phrases
| Search for | Example | Results |
|---|---|---|
| A single word | cat
|
Topics that contain the word "cat". You will also find its grammatical variations, such as "cats". |
|
A phrase. You can specify that the search results contain a specific phrase. |
"cat food" (quotation marks) |
Topics that contain the literal phrase "cat food" and all its grammatical variations. Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase. |
Using Boolean Operators
| Search for | Operator | Example |
|---|---|---|
|
Two or more words in the same topic |
|
|
| Either word in a topic |
|
|
| Topics that do not contain a specific word or phrase |
|
|
| Topics that contain one string and do not contain another | ^ (caret) |
cat ^ mouse
|
| A combination of search types | ( ) parentheses |
|
Integrate CSA with a Single Sign-On Solution
There are a variety of scenarios where you may need to perform the integration with CSA using Single Sign-On solution. For example, you may be using:
-
A different deployment architecture than what is provided by CSA.
-
An entirely different architecture than that which is supported.
In such cases it makes sense to create a custom Single Sign-On solution so that you can extend the provided implementation to your own.
For the Cloud Service Management Console and for the Marketplace Portal, Single Sign-On cannot be enabled at the same time as CAC.
Verify the CSA Provider Organization's LDAP Server Configuration
You should verify that an LDAP user can log into the Cloud Service Management Console and the Marketplace Portal, which should already be configured. By performing this verification, you can be confident that any login issues that occur after integration have nothing to do with this particular configuration.
If there are any login issues, then update or configure the LDAP server for both the provider organization and the consumer organization from the Cloud Service Management Console, which is the interface from which you perform all administration tasks for both the Cloud Service Management Console and the Marketplace Portal.
To configure or update the provider organization's LDAP server:
-
Launch the Cloud Service Management Console by typing the following URL in a supported web browser:
https://<csahostname>:8444/csawhere<csahostname>is the fully‑qualified domain name of the system on which the Cloud Service Management Console resides.Launch the Cloud Service Management Console using an IPv6 address by typing the following URL in a supported web browser:
https://<ipv6_address>:8444/csa/login -
Log in to the Cloud Service Management Console as a CSA Administrator.
-
Click the Administration tile.
-
In the left-navigation frame, select the provider organization.
-
From the provider organization's navigation frame, select LDAP.
-
Update the LDAP server information.
-
Click Save.
Verify the CSA Consumer Organization's LDAP Server Configuration
Note The same LDAP server must be used by the CSA Provider organization, CSA consumer organization and custom SSO Server.
To configure or update the consumer organization's LDAP server:
-
Launch the Cloud Service Management Console by typing the following URL in a supported web browser:
https://<csahostname>:8444/csawhere<csahostname>is the fully‑qualified domain name of the system on which the Cloud Service Management Console resides.Launch the Cloud Service Management Console using an IPv6 address by typing the following URL in a supported web browser:
https://<ipv6_address>:8444/csa/login -
Log in to the Cloud Service Management Console as the CSA Administrator.
-
Click the Administration tile.
-
In the left-navigation frame, select a consumer organization.
-
From the consumer organization's navigation frame, select LDAP.
-
Update the LDAP server information.
-
Click Save.
-
Repeat these steps for every consumer organization configured in CSA.
Only the /csa and /mpp contexts are supported (this is required by the SSO proxy setup).
Configure the Custom SSO Server to Work with CSA
To configure your custom SSO server to work with CSA, follow the instructions provided with your SSO application.
Stop CSA
See Stop CSA for instructions.
Configure the Cloud Service Management Console
To configure the Cloud Service Management Console:
-
Update the applicationContext-security.xml file as appropriate for your custom SSO solution (based on the Spring Security Framework documentation).
-
Update the hcm-csa.yaml file by uncommenting the string enableSSO=true and setting the value of csa.subscriber.portal.url to {<protocol>}://{<host>}/mpp/org/{<orgName>}.
Refer Add or edit CSA properties for details.
Configure the Marketplace Portal
To configure the Marketplace Portal:
-
Change
proxyin the mpp.json file to the IP address of the proxy to be used by SSO. See the Configure Proxy Mapping section for details. -
Update the applicationContext-security.xml file as appropriate for your custom SSO solution (based on the Spring Security Framework documentation).
-
Update the applicationContext.xml file as appropriate for your custom SSO solution (based on the Spring Security Framework documentation).
Refer Add or edit CSA properties for details.
Configure Proxy Mapping
To configure proxy mapping:
-
Map the
/csaproxy to the CSA deployment.Caution Use only
/csaas the alias. Using another alias may cause CSA to fail.
For example, when configuring the alias in an Apache proxy server, set the following:ProxyPass /csa/ https://<csahostname>:8444/csa/ProxyPassReverse /csa/ https://<csahostname>:8444/csa/ -
Map the
/idm-serviceproxy to the Identity Management component deployment. -
Map the
/mppproxy to the Marketplace Portal deployment.
Verify the Single Sign-On Integration
You should verify that the Single Sign-On integration works by logging into both the Cloud Service Management Console and the Marketplace Portal using the newly-integrated Single Sign-On solution.
We welcome your comments!
To open the configured email client on this computer, open an email window.
Otherwise, copy the information below to a web mail client, and send this email to clouddocs@hpe.com.
Help Topic ID:
Product:
Topic Title:
Feedback: