Agent Guide › Verifying SiteMinder Agent Installation and Configuration › Set Up the Snoop Servlet Example (TAI-Only)

Set Up the Snoop Servlet Example (TAI-Only)

Note: Ignore this section if you are configuring an All-modules environment and proceed directly to Set Up the Snoop Servlet Example (All Modules).

The goal of this example is to create a SiteMinder realm using an HTML forms authentication scheme so that the SiteMinder TAI intercepts the HTTP request for the Snoop servlet and challenges the user for credentials and authenticates the user. The role of the SiteMinder TAI is to verify that the user is authenticated or has a valid SiteMinder token (SiteMinder session cookie). If the TAI authenticates the user, then WebSphere also does so because the Policy Server and WebSphere share the same user store. Once this criteria is met, WebSphere authorizes the user to access the Snoop servlet.

Note: The following procedure provides an overview of the steps required to create the required policy objects with appropriate parameter settings. For detailed procedural information, see the Policy Server Configuration Guide.

To set up the example and protect the Snoop Servlet

1. Start the SiteMinder Administrative UI.
2. Create an HTML Forms authentication scheme.
3. Create a user directory connection to the same LDAP user store as the one used by WebSphere.
4. Create a domain and assign the user directory from Step 3 to this domain.
5. Create a realm with the following properties:

   Domain

   The domain you created in step 4.

   Name

   Default Snoop Realm.

   Description

   Default Snoop Realm.

   Agent

   The Agent Identity for the SiteMinder TAI. (The Agent name value specified for the DefaultAgentName parameter in the Agent Configuration Object used for the SiteMinder TAI.)

   Resource Filter

   /snoop.

   Default Resource Protection

   Protected.

   Authentication Scheme

   The HTML Forms authentication scheme you created in Step 2.

   Forms authentication must be hosted on the Web Agent.