BookmarkSubscribeRSS Feed
skaur
Calcite | Level 5

Has anyone tried to configure dual authentication for SAS 9.4 VA 7.3 version deployed on Linux?

 

We want to use SAML that can enable authentication against OKTA Identity management provider. Any help is greatly appreciated. 

I have a load balanced web server in front of VA deployment and open to use either

external web server or SAS Web server to configure SAML for OKTA.

3 REPLIES 3
JuanS_OCS
Amethyst | Level 16

Hello @skaur,

 

yes I did tried with a lot of nice support  from SAS Technical Support (from several countries), R&D and a few other teams, and I did not managed, yet.

 

To be clear, the SAML configuration, is not officialy supported by SAS in SAS 9.4. However, Mike Roda (SAS Employee) managed to do a configuration with SAML, using Active Directory Federation Server (AD FS 2.0), using  Sibboleth IdP as "broker", and that is what is documented out there.

 

The main challenge is the understanding and translation of the interface (inputs and outputs) of the IdPs and what SAS takes/sends as well. We did not managed to find the right people. 

 

I will keep an eye to this post and your progress. Could you please keep us us posted? I think it might be very useful.

 

Kind regards,

Juan

skaur
Calcite | Level 5

Juan,

 

you mentioned you tried it with lot of SAS technical support. I have read the document provided by Mike on enabling SAML with Shibboleth IP. But that is more like single sign on and I want to enable MFA. I also read a document about MFA with Symantec VIP but nothing so far using OKAT and DUO.

 

Any help you or SAS Technical support can provide is much appreciated!

SimonDawson
SAS Employee
There is no SAML providers shipped from SAS that are officially supported with a SAS 9.4 based solutions. Therefore there is little support you'll be able to get from SAS Technical Support with such a setup.

Web server authentication with SAS 9.4 is covered in the SAS 9.4 Middle Tier Administration Guide, that part would be support by support. If the SAML identity provider you are using can provide you with (and setup) a client modules that can be loaded by a standard web server like Apache HTTP Server you might be able to leverage that and integrate it with SAS 9.4 using the web server authentication that available.

suga badge.PNGThe SAS Users Group for Administrators (SUGA) is open to all SAS administrators and architects who install, update, manage or maintain a SAS deployment. 

Join SUGA 

Get Started with SAS Information Catalog in SAS Viya

SAS technical trainer Erin Winters shows you how to explore assets, create new data discovery agents, schedule data discovery agents, and much more.

Find more tutorials on the SAS Users YouTube channel.

Discussion stats
  • 3 replies
  • 4193 views
  • 5 likes
  • 3 in conversation