The simple_url schemes support simple URL rewriting, which can be accomplished without any custom work.
Note: The CGI-based and FCC-based password schemes are supported with the simple_url session scheme.
Example
A user accesses a host and the user session is established through the simple URL rewriting session scheme. An initial request can look like the following example:
http://banking.company.com/index.html
If the user provides appropriate credentials and is authenticated and authorized, the URL requested by the user is rewritten and returned to the user in a form similar to the following:
http://banking.company.com/SMID=nnnnnnnnnn/index.html
Represents a hashed, randomly generated token that the SPS uses to identify the user session.
Important! For the simple URL rewriting session scheme to work, any links defined in the enterprise must be relative links. If links are absolute, the simple URL rewriting scheme fails. Also, the token that the SPS appends to a URL is stripped from the URL when the request is forward. The token is only appended at the SPS interaction level so that it does not interfere with back-end server processing.
The format of the SimpleURL scheme is:
<SessionScheme name="simple_url">
class="com.netegrity.proxy.session.SimpleURLSessionScheme" accepts_smsession_cookies="false" session_key_name="SMID"
</SessionScheme>
The directives in the SimpleURL scheme are listed following.
Specifies the Java class that defines the session scheme. This directive is not modified when you want to use the cookieless rewriting session scheme.
Default: com.netegrity.proxy.session.SimpleURLSessionScheme
Indicates whether SMSESSION cookies are accepted. Specify one of the following values:
Indicates that SMSESSION cookies are accepted and used by the session scheme.
Indicates that SMSESSION cookies are not supported by the session scheme. Use this setting to verify that only a cookieless rewriting session is used for this session scheme.
Specifies the SiteMinder ID (SMID) session identifier.
Note: When a cookieless federation transaction is being processed by the SPS federation gateway and the simple_url session scheme is used, the SMID is added to the request as a query parameter instead of the being appended to the URI.
Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |