Previous Topic: Install the Web Agent Option PackNext Topic: Deploy Federation Web Services as a Web Application


Deploy Federation Web Services for Federation

This section contains the following topics:

Federation Web Services Application Overview

Properties File for Federation Web Services

Agent Configuration Object Settings Used by FWS

Set up the LoggerConfig.properties File

Deploy Federation Web Services as a Web Application

Federation Web Services Application Overview

Federation Web Services (FWS) is a collection of servlets that are packaged as a web application in accordance with the Java Servlet API 2.3 specification. The Federation Web Services application is installed with the Web Agent Option Pack. The application is deployed within an application server, or deployed inside the Tomcat web server, which is embedded in the SPS federation gateway.

The web application is rooted at a specific URL within the web server, http://www.your_webserver.com/affwebservices/. URLs for the servlets included with the FWS application have this same root.

The Federation Web Services application provides these services:

Note: Session synchronization and notification alert services are only used when the CA SiteMinder® SAML Affiliate Agent is at the relying party. These services are not supported with the SPS federation gateway.

Properties File for Federation Web Services

The AffWebServices.properties file contains all the initialization parameters for Federation Web Services. For deploying FWS, set only the parameter that specifies the location of the WebAgent.conf file. For the other settings, accept the default values or modify the values as needed.

Note: The AffWebServices.properties file is in UTF-8 format. If you plan to modify this file, use an editor that supports this format.

The settings are as follows:

AffWebServices.properties Settings

Value

NotificationLibraryType

Specifies the library type the Web Agent uses for notification alerts.

Note: The SPS federation gateway does not support this setting.

NotificationLibraryDetails

Indicates the Java classname or the C library and function name.

Note: The SPS federation gateway does not support this setting.

SMserverPort

Determines which Policy Server service at the producer processes the notification tunnel calls.

AgentConfigLocation

Indicates the location of the WebAgent.conf file. You must specify the location of the configuration file.

The installed location of the AffWebServices.properties file is in the following locations:

web_agent_home

Indicates the installed location of the Web Agent.

sps_home

Indicates the installed location of CA SiteMinder® SPS.

Agent Configuration Object Settings Used by FWS

For partnership federation, Federation Web Services (FWS), installed by the Web Agent Option Pack uses the following agent configuration object settings for federated communication. You configure agent configuration objects in the Administrative UI.

For the descriptions of each setting, see the CA SiteMinder® Web Agent Configuration Guide.

Set up the LoggerConfig.properties File

The LoggerConfig.properties file lets you enable logging so the Federation Web Services application can record the following information:

The log file shows activity at the asserting party and the relying party, depending on how your site is configured.

Note: The LoggerConfig.properties file is in UTF-8 format. If you plan to modify this file, use an editor that supports this format.

The installed location of the LoggerConfig.properties file is:

web_agent_home

Indicates the installed location of the Web Agent.

deployment_directory

Indicates the default deployment directory for your application server.

sps_home

Indicates the installed location of CA SiteMinder® SPS.

Modify the settings as needed. If a value is not specified, the default value for the default locale is used.

The following table shows the settings in the LoggerConfig.properties file.

LoggerConfig.properties Settings

Description

EnableDNSLookup

Instructs the FWS application whether to do a DNS or reverse DNS lookup when processing an incoming SAML request at the consuming site. Select Y or N.

When an incoming SAML request is received at a consumer site, FWS logs the details of the request, including the requesting host name. The DNS lookup call collects the host name.

The default behavior is to do the DNS lookup. If you select N for this heading, the DNS call is not made and the IP address is logged instead.

LoggingOn (required)

Enables log output. Select Y or N.

LocalFileName (required)

Names the file to use for log output.

LogLocalTime

Enables use of local time for log messages. Select Y or N.

LogRollover

Defines the type of rollover functionality. Select Y or N then define the LogSize or LogCount parameter.

LogSize

Specifies the maximum file size, in megabytes, when rolling over log files by size.

LogCount

Specifies how many log output files to leave when roll-over is enabled.

TracingOn

Enables trace log output. Select Y or N.

TraceFileName

Names the file to use for trace log output.

TraceConfig

Specifies the trace configuration file. For more information, see Trace Logging.

TraceRollover

Defines the type of rollover functionality for tracing. Select Y or N and then specify a TraceSize or TraceCount value.

TraceSize

Specifies the maximum file size, in megabytes, when rolling over trace log files by size.

TraceCount

Specifies how many trace log output files to leave when roll-over is enabled.

TraceFormat

Specifies the trace output file format (default, fixed-width fields, delimited format, XML)

TraceDelim

Defines the character to use as a delimiter when using fixed-width fields as the trace format.