|
|
|
The federation settings in the server.conf file enable the SPS to act as a federation gateway within a SiteMinder federation network.
The code excerpt that follows is the <federation> section on the server.conf file:
# Provide the values for the Federation related parameters here
#
# enablefederationgateway - "yes" or "no" - Enable or Disable SPS Federation Gateway
# fedrootcontext - Name of the Federation root context ("affwebservices" by default)
# authurlcontext - Path of the Authentication URL (without the jsp file name)
(siteminderagent/redirectjsp by default)
# protectedbackchannelservices - Names of protected Backchannel services
<federation>
enablefederationgateway="yes" fedrootcontext="affwebservices" authurlcontext="siteminderagent/redirectjsp" protectedbackchannelservices="saml2artifactresolution,saml2certartifactresolution, saml2attributeservice,saml2certattributeservice,assertionretriever,certassertionretriever"
</federation>
The federation parameters are as follows:
Enables the SPS to act as a federation gateway proxy server.
Limits: yes or no
This parameter is set during the installation.
Specifies the root context of the federation web services application. Do not change this parameter.
Default: affwebservices
Specifies the alias to the redirect.jsp file. When a user requests a protected federation resource and they do not have a SiteMinder session at the site that produces assertions, the user is sent to this URL which points to a redirect.jsp file. The user is redirected to the Web Agent at the producing site where they are presented with an authentication challenge and upon successfully logging in, establish a session.
Default: siteminderagent/redirectjsp.
Lists the services that require a secure back channel for communication.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |