To ensure interoperability if you use multiple products, such as SiteMinder, Identity Manager, and Federation Manager check the Platform Support Matrices for the required releases of each product.
To install and configure a CA SiteMinder® component to a non-English directory, set the system to the same locale as the directory. Also, make sure that you installed the required language packages so the system can display and users can type localized characters in the installer screens.
For the details on how to set locale and required language packages, refer to respective operating system documents.
Linux does not support connections to link-scoped IPv6 addresses without additional information: The name of the interface on which to do the networking. This means that when registering a Linux system as a trusted host during SiteMinder WSS Agent configuration, it fails with the following error when the IP address of the Policy Server is link-scoped:
Registration failed (bad ipAddress[:port] or unable to connect to Authentication server (-1)).
Workaround
Use global or site-scoped IPv6 addresses.
r12.0 SOA Agents encrypt and decrypt SAML Session Tickets using the RC2 algorithm. However, 12.52 SP1 SiteMinder WSS Agents encrypt and decrypt SAML Session Ticket using the Advanced Encryption Standard (AES) algorithm by default. As a result, r12.1 SOA Agents and 12.52 SP1 SiteMinder WSS Agents cannot consume SAML Session Tickets produced by the other agent version.
To configure a 12.52 SP1 SiteMinder WSS Agent to use the RC2 encryption algorithm to exchange SAML Session Tickets with r12.0 SOA Agents, set the BackwardEncryption parameter in the XmlToolkit.properties file for that agent.
Follow these steps:
Note: The addresses that are provided are for Windows platforms. Substitute forward slashes (/) on UNIX platforms.
backwardencryption=yes
The following considerations apply to supported Windows operating environments:
For Windows Server 2008, the User Account Control feature helps prevent unauthorized changes to your system. When the User Account Control feature is enabled on the Windows Server 2008 operating environment, prerequisite steps are required before doing any of the following tasks with a CA SiteMinder® component:
Note: For more information about which CA SiteMinder® components support Windows Server 2008, see the CA SiteMinder® Platform Support matrix.
To run CA SiteMinder® installation or configuration wizards on a Windows Server 2008 system
The User Account Control dialog appears and prompts you for permission.
The wizard starts.
To access the CA SiteMinder® Policy Server Management Console on a Windows Server 2008 system
The User Account Control dialog appears and prompts you for permission.
The Policy Server Management Console opens.
To run CA SiteMinder® command–line tools or utilities on a Windows Server 2008 system
Cmd
The User Account Control dialog appears and prompts you for permission.
A command window with elevated privileges appears. The title bar text begins with Administrator:
If you are deploying CA SiteMinder® components on Windows 2008 SP2, we recommend installing and managing the components with the same user account. For example, if you use a domain account to install a component, use the same domain account to manage it. Failure to use the same user account to install and manage a CA SiteMinder® component can result in unexpected behavior.
The following considerations apply to Solaris.
The following table lists required and recommended patches by version:
Version |
Required |
Recommended |
Solaris 9 |
|
none |
You can find patches and their respective installation instructions at SunSolve (http://sunsolve.sun.com).
The following considerations apply to Red Hat Enterprise Linux AS and ES.
To use Apache 2.0 Web Server and ServletExec 5.0 on Red Hat AS
The ServletExec AS Java instance is created.
mod_servletexec2.c
Note: The directives are also present in the httpd.conf file of your Apache 1.3.x if you allowed the ServletExec installer to update the httpd.conf during installation. For more information on editing the httpd.conf file, refer to the New Atlanta Communication ServletExec documentation.
/servlet/TestServlet
Copyright © 2014 CA.
All rights reserved.
|
|