Installation GuidesSOA Agent for IBM WebSphere GuideConfigure the SOA Agent › SOA Agent for Application Servers Configuration Parameters

Previous Topic: Agent Configuration Object

Next Topic: Configure the Username and Password Digest Token Age Restriction

SOA Agent for Application Servers Configuration Parameters

The following table contains a complete list of all Agent configuration parameters supported by SOA Agents for Application Servers.

Unless otherwise noted,you can define parameters in either the Agent Configuration Object or the Agent configuration file depending upon how you decide to configure the SOA Agent.

Parameter Name

Value

Description

AcceptTPCookie

 

YES or NO

(Optional) If set to yes, configures the SOA Agent to assert identities from third-party SiteMinder session cookies (that is, session cookies generated by custom Agents created using the SiteMinder and SOA Security Manager SDKs.

Note: AcceptTPCookie must be set to Yes to assert identities from session cookies generated by CA SOA Security Gateway.

Default is Yes.

AllowLocalConfig

(Applies only in the Agent Configuration Object)

YES or NO

If set to yes, parameters set locally in the Agent configuration file take precedence over parameters in the Agent Configuration Object.

Default is NO.

AuthCacheSize

 

Number

(Optional) Size of the authentication cache for the SOA Agent (in number of entries). For example:

authcachesize="1000"

Default is 0.

To flush this cache, use the Policy Server User Interface.

AzCacheSize

 

Number

(Optional) Size of the authorization cache (in number of entries) for the SOA Agent. For example:

authcachesize="1000"

Default is 0.

To flush this cache, use the Policy Server User Interface.

CacheTimeout

Number

(Optional) Number of seconds before cache times out. For example:

cachetimeout="1000"

Default is 600 (10 minutes).

ConfigObject

(Applies only in Agent configuration file)

String

The name of the Agent Configuration Object associated with the SOA Agent.

No default value.

CookieDomain

 

String

(Optional) Name of the cookie domain. For example:

cookiedomain="ca.com"

No default value.

For more information, see the cookiedomainscope parameter.

CookieDomainScope

 

Number

(Optional) Further defines the cookie domain for assertion of SiteMinder session cookies by the SOA Agent. The scope determines the number of sections, separated by periods, that make up the domain name. A domain always begins with a period (.) character. For example:

cookiedomainscope="2"

Default is 0, which takes the domain name specified in the cookiedomain parameter.

DefaultAgentName

(Applies only in the Agent Configuration Object)

String

The agent identity the Policy Server will use to associate policies with the SOA Agent.

Default is "SoaAgent"; this value should not changed.

EnableWebAgent

(Applies only in Agent configuration file)

YES or NO

Enables or disables the SOA Agent. When set to 'yes', the SOA Agent will protect resources using the Policies configured in the Policy Server for the configured agent identity.

Default is Yes.

LogOffUri

String

(Optional) The URI of a custom HTTP file that will perform a full log off (removing the session cookie from a user’s browser). A fully qualified URI is not required. For example, LogOffUri could be set to: /Web pages/logoff.html

No default value.

PsPollInterval

Number

(Optional) The frequency with which the SOA Agent polls the Policy Server to retrieve information about policy changes.

Default is 30 seconds.

ResourceCacheSize

Number

(Optional) Size (in number of entries) of the cache for resource protection decisions. For example:

resourcecachesize="1000"

Default is 2000.

To flush this cache, use the Policy Server User Interface.

SAMLSessionTicketLogoffi

YES or NO

(Optional) Determines whether the SOA Agent should attempt to log off session tickets in SAML assertions.

Default is Yes.

ServerName

(Applies only in Agent configuration file.)

String

A string to be used in the SOA Agent log to identify the target application server.

SessionGracePeriod

Number

(Optional) Grace period (in seconds) between the regeneration of session tokens.

Default is 30

SmHostFile

(Applies only in Agent configuration file)

String

Path to the local Host Configuration File (typically SOA_HOME\conf\SmHost.conf).

No default value.

XMLAgentSoapFaultDetails

YES or NO

(Optional) Determines whether or not the SOA Agent should insert the authentication/authorization rejection reason (if provided by the Policy Server) into the SOAP fault response sent to the web service consumer.

Default is No.

XMLSDKAcceptSMSessionCookie

YES or NO

(Optional) Determines whether or not the SOA Agent accepts an CA SiteMinder session cookie to authenticate a client.

Default is No.

If set to Yes, the SOA Agent uses information in a session cookie sent as an HTTP header in the request as a means of authenticating the client.

If set to No, session cookies are ignored and the SOA Agent requests credentials required by the configured authentication scheme.

XMLSDKMimeTypes

String

(Optional) A comma-delimited list of MIME types that the SOA Agent will accept for processing by SOA Security Manager. All POSTed requests having one of the listed MIME types are processed. Examples:

  • text/xml
  • application/octet-stream
  • text/xml,multipart/related

If you do not add this parameter to the Agent Configuration Object, the SOA Agent defaults to accepting text/xml and application/soap+xml MIME types.