Configuration Guides › Agent Configuration Guide › SOA Agent for IBM WebSphere › Configure Policies for the SOA Agent › Policy Considerations for Coexistence With SiteMinder Agent for IBM WebSphere
Policy Considerations for Coexistence With SiteMinder Agent for IBM WebSphere
If a SiteMinder Agent for IBM WebSphere coexists with a SOA Agent for IBM WebSphere on the same IBM WebSphere Application Server platform, you must consider the following when implementing authorization policies:
- Web Resources protected by the SiteMinder TAI must be configured in a separate realm from web services (the SiteMinder TAI is not called when invoking web service endpoints even if they are implemented as servlets).
- EJB resources that are protected by the SiteMinder Agent Login Module should be in a separate realm from EJBs that act as endpoints for web services protected by the SOA Agent.
- All resources protected by the SiteMinder Agent JACC module should be in separate realms than web service resources (the SOA Agent handles its own authorization functions).
