|
|
|
If your SiteMinder TAI is configured to challenge HTTP requests for credentials (the challengeforcredentials Agent configuration parameter is set to yes), you configure standard SiteMinder protection domains and realms to protect your Web container resources.
If you are also configuring the SiteMinder JACC Provider, you do not need to create realms for challenged requests now, but can do so later as part of the policy configuration process.
If you are configuring a TAI-only environment, you should familiarize yourself with SiteMinder resource mapping conventions for web applications. In general, realms to protect your web applications should have properties similar to the following:
|
Name: |
Example Web App Protection Realm. |
|
Description: |
SiteMinder realm for validating/authenticating identities using the TAI. |
|
Agent: |
The Agent identity associated with the SiteMinder TAI. |
|
Resource Filter: |
/web_app_context Where web_app_context is the J2EE web application context for the protected web application. For example, /mywebapp |
|
Authentication Scheme: |
The authentication scheme to use to collect credentials from and authenticate user requests. The SiteMinder TAI handles Basic authentication itself; other authentication schemes must be processed by a Web Agent. |
To implement user mapping, set an authentication response attribute, and then configure appropriate policies for the assertion realm.
| Copyright © 2010 CA. All rights reserved. | Email CA Technologies about this topic |