KB Article #178196

How to run the 100% CA Siteminder Java agent in the Gateway


Historically the integration with CA Siteminder used a JNI java agent which meant that both java (jars) and binaries (*.so on unix systems and *.dll on windows) needed to be added to the runtime of the Gateway.

The following integration mechanism is simpler and requires only 3 jars to be added to the Gateway's classpath.

The approach given here has been tested with Siteminder 12.52.


  1. Install the CA SDK on the machine running the API Gateway.
  2. Please ensure that any Siteminder binaries that were previously added to the Gateway classpath have been deleted (do not rename, they must be removed from the directory).
  3. Copy the following jars only from the CA SDK into the /ext/lib of the Gateway install. These jars are located in <SDK Install Directory>/java
    1. cryptoj.jar
    2. smagentapi.jar
    3. smjavasdk2.jar
  4. Restart the Gateway
  5. Run smreghost on the Gateway machine
    smreghost -i <siteminder host> -u Siteminder -p *******-hc V6HostConfObject -hn AxwayHN
  6. Configure the Siteminder integration in Policy Studio as per integration guide

*Take care to copy these jars only. It's very easy to accidentally copy the JNI versions, which will cause the integration to fail.


To enable debug output out the Siteminder agent then run with the following jvm.xml
<VMArg name="-DSMJAVASDK_LOG_INFO=true"/>