This section contains the following topics:
Federation Web Services Application Overview
Properties File for Federation Web Services
Agent Configuration Object Settings Used by FWS
Set up the LoggerConfig.properties File
Deploy Federation Web Services as a Web Application
Federation Web Services (FWS) is a collection of servlets that are packaged as a web application in accordance with the Java Servlet API 2.3 specification. The Federation Web Services application is installed with the Web Agent Option Pack. The application is deployed within an application server, or deployed inside the Tomcat web server, which is embedded in the SPS federation gateway.
The web application is rooted at a specific URL within the web server, http://www.your_webserver.com/affwebservices/. URLs for the servlets included with the FWS application have this same root.
The Federation Web Services application provides these services:
Note: Session synchronization and notification alert services are only used when the CA SiteMinder® SAML Affiliate Agent is at the relying party. These services are not supported with the SPS federation gateway.
The AffWebServices.properties file contains all the initialization parameters for Federation Web Services. For deploying FWS, set only the parameter that specifies the location of the WebAgent.conf file. For the other settings, accept the default values or modify the values as needed.
Note: The AffWebServices.properties file is in UTF-8 format. If you plan to modify this file, use an editor that supports this format.
The settings are as follows:
AffWebServices.properties Settings |
Value |
---|---|
NotificationLibraryType |
Specifies the library type the Web Agent uses for notification alerts. Note: The SPS federation gateway does not support this setting. |
NotificationLibraryDetails |
Indicates the Java classname or the C library and function name. Note: The SPS federation gateway does not support this setting. |
SMserverPort |
Determines which Policy Server service at the producer processes the notification tunnel calls. |
AgentConfigLocation |
Indicates the location of the WebAgent.conf file. You must specify the location of the configuration file. |
The installed location of the AffWebServices.properties file is in the following locations:
web_agent_or_webagent_option_pack_home/affwebservices/WEB-INF/classes
sps_home/secure-proxy/Tomcat/webapps/affwebservices/WEB-INF/classes
web_agent_home
Indicates the installed location of the Web Agent.
sps_home
Indicates the installed location of CA SiteMinder® SPS.
For partnership federation, Federation Web Services (FWS), installed by the Web Agent Option Pack uses the following agent configuration object settings for federated communication. You configure agent configuration objects in the Administrative UI.
For the descriptions of each setting, see the CA SiteMinder® Web Agent Configuration Guide.
Note: The FWS application uses the value of the defaultagentname parameter and not the agentname parameter.
The LoggerConfig.properties file lets you enable logging so the Federation Web Services application can record the following information:
The log file shows activity at the asserting party and the relying party, depending on how your site is configured.
Note: The LoggerConfig.properties file is in UTF-8 format. If you plan to modify this file, use an editor that supports this format.
The installed location of the LoggerConfig.properties file is:
web_agent_home/affwebservices/WEB-INF/classes
deployment_directory/affwebservices/WEB-INF/classes
sps_home/secure-proxy/Tomcat/webapps/affwebservices/WEB-INF/classes
web_agent_home
Indicates the installed location of the Web Agent.
deployment_directory
Indicates the default deployment directory for your application server.
sps_home
Indicates the installed location of CA SiteMinder® SPS.
Modify the settings as needed. If a value is not specified, the default value for the default locale is used.
The following table shows the settings in the LoggerConfig.properties file.
LoggerConfig.properties Settings |
Description |
---|---|
EnableDNSLookup |
Instructs the FWS application whether to do a DNS or reverse DNS lookup when processing an incoming SAML request at the consuming site. Select Y or N. When an incoming SAML request is received at a consumer site, FWS logs the details of the request, including the requesting host name. The DNS lookup call collects the host name. The default behavior is to do the DNS lookup. If you select N for this heading, the DNS call is not made and the IP address is logged instead. |
LoggingOn (required) |
Enables log output. Select Y or N. |
LocalFileName (required) |
Names the file to use for log output. |
LogLocalTime |
Enables use of local time for log messages. Select Y or N. |
LogRollover |
Defines the type of rollover functionality. Select Y or N then define the LogSize or LogCount parameter. |
LogSize |
Specifies the maximum file size, in megabytes, when rolling over log files by size. |
LogCount |
Specifies how many log output files to leave when roll-over is enabled. |
TracingOn |
Enables trace log output. Select Y or N. |
TraceFileName |
Names the file to use for trace log output. |
TraceConfig |
Specifies the trace configuration file. For more information, see Trace Logging. |
TraceRollover |
Defines the type of rollover functionality for tracing. Select Y or N and then specify a TraceSize or TraceCount value. |
TraceSize |
Specifies the maximum file size, in megabytes, when rolling over trace log files by size. |
TraceCount |
Specifies how many trace log output files to leave when roll-over is enabled. |
TraceFormat |
Specifies the trace output file format (default, fixed-width fields, delimited format, XML) |
TraceDelim |
Defines the character to use as a delimiter when using fixed-width fields as the trace format. |
Copyright © 2013 CA.
All rights reserved.
|
|