Web Agent Guides › Web Agent Configuration Guide › Forms Authentication › How to Configure a CA SiteMinder® Agent to Support HTML Forms Authentication › Configure Advanced FCC Settings › Encrypt Query String Parameters in Redirection URLs

Encrypt Query String Parameters in Redirection URLs

The following parameter enables the Web Agent to encrypt all CA SiteMinder® query parameters in a redirect URL:

SecureURLs

Specifies whether the Web Agent encrypts the CA SiteMinder® query parameters in a redirect URL. You can use this setting to provide additional security for requested resources protected by an advanced authentication scheme, Password Services, or when a request invokes the Cookie Provider.

Important! The Web Agent only encrypts data sent between CA SiteMinder® components. The data sent for redirects to non-CA SiteMinder® applications is not encrypted.

The following CA SiteMinder® credential collectors and applications support the SecureUrls functionality:

• HTML Forms authentication
• Cert And Forms authentication
• SSL Authentication
• Cert or Forms authentication
• NTLM authentication
• ACE authentication
• SafeWord authentication
• User self registration
• Multi-domain Single Sign-on with Cookie Provider
• FCC-based Password Services (not CGI- or JSP-based)

Default: No

Follow these steps:

1. Set the value of the SecureURLs parameter to yes.
2. To encrypt query string parameters in redirection URLs within a single sign-on environment, ensure that all Web Agents in the single sign-on environment have the SecureURL parameter set to the same value.
3. If you are using custom FCCs, add the smquerydata directive with the other FCC directives (such as TARGET) to the custom FCC.

   Query string parameters are encrypted in CA SiteMinder® redirection URLs.