最后，我已经能够使用下面的方法：

Finally I have been able to get it working with the following approach:

1. 所有的REST资源网址必须受到siteminder的保护。



2. GET服务，它也是受保护的资源，并将用于启动siteminder会话。
   例如

1. All the REST resources URL must be protected by siteminder.

2. Define a GET service which is also a protected resource and will be used for initiating the siteminder session. e.g

@Context private HttpServletRequest httpRequest;

@GET  
@Path("/OAMSSO")
@Produces(MediaType.APPLICATION_JSON)
public Response getOAMSSO() {
URI uri = null;  UriBuilder uriBuilder = null;
String redirectHost = "https://localhost/callback";     
uri = uriBuilder.queryParam("statusCode", "100")
                .queryParam("authenticated", "true")
                .queryParam("userName",                              
headers.getHeaderString("SM_USER")).build();
return Response.seeOther(uri).build();

}

JS，以下代码将在InAppBrowser中启动siteminder SSO认证。 InAppBrowser是一个Cordova插件，需要添加到您的项目中。

In your JS, the following code will initiate the siteminder SSO Authentication in an InAppBrowser. InAppBrowser is a Cordova plugin which needs to be added to your project.

cordova插件add cordova-plugin -inappbrowser

function getParameterByName(url, name) {
  var match = RegExp('[?&]' + name + '=([^&]*)').exec(url);
  return match && decodeURIComponent(match[1].replace(/\+/g, ' '));
}

document.addEventListener("deviceReady", "onDeviceReady",false);
function onDeviceReady() {
    callOAMSSO();
}

function callOAMSSO() {     
       var url = **<<yourProtectedServiceURL>>**/OAMSSO";
       var target = '_blank';
       var options = "location=yes,toolbar=yes,clearcache=yes,clearsessioncache,enableViewportScale=yes";
       var redirectURL = "https://localhost/callback";

       var ref = cordova.InAppBrowser.open(url, target, options);

       ref.addEventListener('loadstart', loadstartCallback);
       ref.addEventListener('exit', exitCallback);

       function loadstartCallback(event) {                                       
           var url = event.url;            
           if(url.indexOf(redirectURL) > -1){
               ref.close();                
               var statusCode = getParameterByName(url, 'statusCode');
               var authenticated = getParameterByName(url, 'authenticated');
               var userName = getParameterByName(url, 'userName');

               if(statusCode && userName){
                   sessionStorage.userName = userName.toUpperCase();
                   sessionStorage.userNameisValid = "Y";               

                   setTimeout(**invokeYourFunctionForOtherTasks**, 10);
               }
            }
       }

       function exitCallback() {
           alert('Browser is closed...');
       }        
}

1. 当应用程序打开时，InAppBrowser将打开，并尝试获取OAMSSO保护的资源。 Sicne是siteminder保护，没有会话可用，SSO页面在浏览器中打开，用户可以在其中输入凭据并提交。如果凭据成功，siteminder将添加一个SMSESSION cookie，然后重定向到OAMSSO REST资源。 OAMSSO REST资源会提取siteminder已验证的用户名，并将其作为查询参数附加到回调方法，即重定向到 localhost / callback 。这只是一个虚拟网址，用于标识用户已通过siteminder身份验证。在JS中，您可以检查此URL加载，提取用户名，然后继续执行应用程序的其他任务。由于siteminder会话已处于活动状态，因此您可以通过应用访问REST服务的其他受保护资源。

1. when your app opens, an InAppBrowser will open, and will try to fetch the OAMSSO protected resource. Sicne it is siteminder protected and no session is available, the SSO page opens up in the browser where the user can put in the credentials and submit. If the credentials are successful, siteminder will add a SMSESSION cookie and then redirect to the OAMSSO REST resource. The OAMSSO REST resource extracts the siteminder authenticated username and appends as a query param to the callback method i.e redirects to localhost/callback. This is just a dummy URL to identify that the user has been authenticated by siteminder. In the JS, you can check for this URL load, extract the username and then proceed to other tasks of your application. since the siteminder session is already active, you can access other protected resources of your REST service from you app.

希望这有助于处理Javascript的siteminder SSO身份验证的任何人。

Hope this helps anyone dealing with siteminder SSO authentication from Javascript.