Previous Topic: Agent Error CodesNext Topic: Web Agent Option Pack Guide


Agent Parameters

This section contains the following topics:

List of Agent Configuration Parameters

List of Agent Configuration Parameters

The following table lists the agent configuration parameters:

To set this parameter:

See this procedure:

AcceptTPCookie

Configure Support for SDK Third-Party Cookies

AgentConfigObject

Parameters Found Only in Local Configuration Files

AgentName

Set the AgentName and DefaultAgentName Values

AgentNamesAreFQHostNames

Configure Credential Collectors in a Mixed Environment

AgentWaitTime

Accommodate Network Latency

AllowCacheHeaders

Control How HTTP Header Resources are Cached

AllowLocalConfig

Implement Local Configuration

Restrict Changes to Local Configuration Parameters

AppendIISServerLog

Record the User Name and Transaction ID in IIS Server Logs

autoauthorizeoptions

Allow Automatic Access to Resources that use the OPTIONS Method

BadCSSChars

Protect Web Sites Against Cross-Site Scripting

BadFormChars

Specify Bad Form Characters

BadQueryChars

Specify Bad Query Characters

BadUrlChars

Specify Bad URL Characters

CacheAnonymous

Cache Anonymous Users

CCCExt

Specify the Cookie Provider

ConformToRFC2047

Disable Conformance to RFC 2047

ConstructFullPwsvcUrl

Use a Fully Qualified URL for Password Services Redirects

CookieDomain

How to Configure Single Sign-On

CookieDomainScope

Implement Cookie Domain Resolution

CookiePath

Specify the Cookie Path for Agent Cookies

CookiePathScope

Specify the Cookie Path for Agent Cookies

CookieProvider

How to Configure Single Sign-On

CookieValidationPeriod

Protect Session Cookies from Misuse with Validation Periods and Expired Cookie URLs

CSSChecking

Configure the Web Agent to Check For Cross Site-Scripting

CSSErrorFile

How to Set Up Error Handling

Custom401ErrorFile

How to Set Up Error Handling

CustomIpHeader

Configure IP Address Validation

DecodeQueryData

Decode Query Data

DefaultAgentName

Set the AgentName and DefaultAgentName Values

DefaultHostName

Accommodate Testing Tools that do not send HOST Headers

DefaultPassword

Use an IIS Proxy User Account

DefaultUsername

Use an IIS Proxy User Account

DeleteCerts

Delete Certificates from Stronghold Servers

DisableAuthSrcVars

Disable Default HTTP Header Variables

DisableDirectoryList

Restrict Directory Browsing on a Sun Java System Server

DisableDNSLookups

Help Prevent DNS DOS Attacks

DisableDotDotRule

Handle Complex URIs

DisableSessionVars

Disable Default HTTP Header Variables

DisableUserNameVars

Disable Default HTTP Header Variables

DisableWindowsSecurityContext

Disable Windows Security Context on Agents for IIS.

DisallowUTF8NonCanonical

Protect J2EE Applications against Cross-Site Scripting Attacks

DLPExclusionList

Exclude Resources from the DLP Content Classifications

Note: For more information, see the CA SiteMinder® Implementation Guide.

DLPSupportEnabled

Modify the SharePoint Agent Configuration Object

Note: For more information, see the CA SiteMinder® Implementation Guide.

DominoDefaultUser

Authenticate Users with the Domino Server

DominoLegacyDocumentSupport

Handle User-Requested Actions on Lotus Notes Documents

DominoLookUpHeaderForLogin

Use a SiteMinder Header for Authentication

DominoMapUrlForRedirect

Map URLs for FCC Redirects with a Domino Web Agent

DominoNormalizeUrls

Map URLs for FCC Redirects with a Domino Web Agent

DominoSuperUser

Authenticate as the Domino Super User

DominoUseHeaderForLogin

Use a SiteMinder Header for Authentication

DominoUserForAnonAuth

Use an Anonymous CA SiteMinder® Authentication Scheme with Domino

EarlyCookieCommit

Determine when the Agent for IIS Sets Cookies

EnableAuditing

Configure Auditing to Track User Activity

EnableCookieProvider

Disable Cookie Providers

EnableFCCWindowsAuth

Configure the FCC to allow Windows authentication

EnableFormCache

Configure the Form Cache

EnableIntroscopeApiSupport

Use CA Technologies Wily Introscope to Monitor Web Agents

EnableMonitoring

Monitor Web Agents with the OneView Monitor

EnableOtherAuthTrans

Handle Multiple AuthTrans Functions

EnableWebAgent

Enable a Web Agent

EncryptAgentName

Encrypt the Agent Name

EnforceRealmTimeouts

How to Enforce Timeouts across Multiple Realms

ExpiredCookieURL

Protect Session Cookies from Misuse with Validation Periods and Expired Cookie URLs

ExpireForProxy

Configure Agents that Sit behind Proxy Servers

FCCCompatMode

Use FCCs and NTCs in a Mixed Environment

FCCExt

Set Up Credential Collectors for IIS and Domino web servers

FCCForceIsProtected

Force an FCC to Establish Realm Context for Forms Authentication

Fcchtmlencoding

Prevent Cross-Site Scripting Attacks in Web Agent FCC Pages

ForceCookieDomain

Force the Cookie Domain

ForceFQHost

Force the Cookie Domain

ForceIISProxyUser

Use an IIS Proxy User Account

FormCacheTimeout

Configure the Form Cache

GetPortFromHeaders

Use the HTTP HOST Request for the Port Number

HostConfigFile

Parameters Found Only in Local Configuration Files

HTTPHeaderEncodingSpec

Set the HTTP Header Encoding Spec

HttpsPorts

Define HTTPS Ports

IdleTimeoutURL

Redirect a User after a Session Time-out

IgnoreCPForNotprotected

Ignore the Cookie Provider for Unprotected Resources

IgnoreExt

Reduce Overhead by Ignoring File Extensions of Unprotected Resources

IgnoreHost

Specify Virtual Servers to be Ignored by the Web Agent

IgnoreQueryData

Ignore Query Data

IgnoreUrl

Allow Unrestricted Access to URIs

IISCacheDisable

Prevent Caching of Server Responses Containing Cookies

LegacyCookieProvider

Disable FCC Realm Context Confirmation to Improve Performance

LegacyEncoding

Accommodate Legacy URL Encoding

LegacyStreamingBehavior

Choose How Content Types are Transferred in POST Requests

LegacyTransferEncodingBehavior

Use Legacy Applications with an Apache Web Agent

LegacyVariables

Enable Legacy Variables for HTTP Headers

LimitCookieProvider

Restrict Cookie Provider Functions

LoadPlugin

WebAgent.conf file for Framework Agents

localconfigfile

WebAgent.conf file for Framework Agents

LogAppend

Set Up and Enable Error Logging

LogFile

Set Up and Enable Error Logging

LogFileName

Set Up and Enable Error Logging

LogFileSize

Set Up and Enable Error Logging

LogFilesToKeep

Limit the Number of Log Files Saved

LogLocalTime

Set Up and Enable Error Logging

LogoffUri

How to Configure Full Logoff for Single Sign-on

LowerCaseHTTP

Use Lower Case HTTP in Headers

LowerCaseProtocolSpecifier

Specify URL Protocols with Lowercase Characters

MasterCookiePath

Specify the Cookie Path for Agent Cookies

MaxResourceCacheSize

Set the Maximum Resource Cache Size

MaxSessionCacheSize

Set the Maximum User Session Cache Size

MaxTimeoutURL

Redirect a User after a Session Time-out

MaxUrlSize

Set a Maximum URL Size

NTCExt

Specify an NTLM Credential Collector

OverlookSessionAsPattern

Prevent Session Cookie Creation or Updates

OverlookSessionForMethods

Prevent Session Cookie Creation or Updates

OverlookSessionForMethodUri

Prevent Session Cookie Creation or Updates Based on Method and URI

OverlookSessionForUrls

Prevent Session Cookie Creation or Updates

OverrideIgnoreExtFilter

Protect Resources Without Extensions

P3PCompactPolicy

Configure your Web Agent to Accommodate P3P Compact Policies

PersistentCookies

Set Persistent Cookies

PersistentIPCheck

Compare IP Addresses to Prevent Security Breaches

PostPreservationFile

Enable Post Preservation between Framework and Traditional Agents

PreserveHeaders

Preserve HTTP Headers

PreservePostData

Enable or Disable POST Preservation

ProxyAgent

CA SiteMinder® Reverse Proxy Deployment Considerations

ProxyDefinition

CA SiteMinder® Reverse Proxy Deployment Considerations

ProxyHeadersAutoAuth

Customize the Cache-Control and ExpireForProxy Header Settings

ProxyHeadersAutoAuth10

Customize the Cache-Control and ExpireForProxy Header Settings

ProxyHeadersProtected

Customize the Cache-Control and ExpireForProxy Header Settings

ProxyHeadersProtected10

Customize the Cache-Control and ExpireForProxy Header Settings

ProxyHeadersUnprotected

Customize the Cache-Control and ExpireForProxy Header Settings

ProxyHeadersUnprotected10

Customize the Cache-Control and ExpireForProxy Header Settings

ProxyTimeout

CA SiteMinder® Reverse Proxy Deployment Considerations

ProxyTrust

Configure Agents that Sit behind Proxy Servers

PSPollInterval

Change How Often an Agent Checks for Policy or Key Updates

RemoteUserVar

Configure the Web Agent to set the REMOTE_USER Variable

ReqCookieErrorFile

Set Up Error Handling

RequireClientIP

Configure IP Address Validation

RequireCookies

Require Cookies for Basic Authentication

ResourceCacheTimeout

Control How Long Resource Enteries Remain Cached

SaveCredsTimeout

Set a Timeout for Saved Credentials

SCCExt

Set Up Credential Collectors for IIS and Domino Web Servers

SecureApps

Secure Applications

SecureURLs

Configure SecureUrls with Single Sign-on

ServerErrorFile

Set Up Error Handling

SessionGracePeriod

Modify the Session Grace Period

SessionUpdatePeriod

Modify the Session Update Period

SetRemoteUser

Configure the Web Agent to set the REMOTE_USER Variable

SFCCExt

Set Up Credential Collectors for IIS and Domino Web Servers

SkipDominoAuth

Authenticate Users with the Domino Server

SSOTrustedZone

The Order of Trust and Failover

SSOZoneName

Configure Security Zones

StoreSessioninServer

Enable Single Use Session Cookies

SuppressServerHeader

Remove the Server HTTP Header if Using the URLScan Utility

TargetAsRelativeURI

Use a Relative Target for Credential Collector Redirects

TraceAppend

Configure Trace Logging

TraceConfigFile

Configure Trace Logging

TraceDelimiter

Configure Trace Logging

TraceFile

Configure Trace Logging

TraceFileName

Configure Trace Logging

TraceFileSize

Configure Trace Logging

TraceFilesToKeep

Limit the Number of Trace Log Files Saved

TraceFormat

Configure Trace Logging

TrackCPSessionDomain

Prevent Cookie Provider Replay Attacks

TrackSessionDomain

Validate a Session Cookie Domain

TransientIDCookies

Control Identity Cookies

TransientIPCheck

Compare IP Addresses to Prevent Security Breaches

UseAnonAccess

Enable Anonymous User Access

UseDominoUserForUnprotected

Force the Domino server to authenticate unprotected resources

UseHTTPOnlyCookies

Safeguard Information in Cookies with HTTP-Only Attribute

UseNetBIOSforIISAuth

Use the NetBIOS Name or UPN for IIS Authentication

UseSecureCookies

Set Secure Cookies

UseSecureCPCookies

Set Secure Cookies Across Multiple Domains

UseServerRequestIp

Resolve Agent Identity by IP Address

ValidFedTargetDomain

Define Valid Federation Target Domains

ValidTargetDomain

Define Valid Target Domains

WebAppClientResponse

Apply CA SiteMinder® Behavior to a Web Application Client

XFrameOptions

Ensure Custom Responses Comply with X-Frame Options

CA SiteMinder® Support Matrix

Locate the Platform Support Matrix

Use the Platform Support Matrix to verify that the operating environment and other required third-party components are supported.

Follow these steps:

  1. Log in to the CA Support site.
  2. Locate the Technical Support section.
  3. Enter CA SiteMinder® in the Product Finder field.

    The CA SiteMinder® product page appears.

  4. Click Product Status, CA SiteMinder® Family of Products Platform Support Matrices.

Note: You can download the latest JDK and JRE versions at the Oracle Developer Network.