Previous Topic: Advanced ConfigurationNext Topic: Configure a SiteMinder WSS Agent to Enable Fine-Grain Resource Identification


SiteMinder WSS Agent Configuration Parameters

The following table lists configuration parameters for the SiteMinder WSS Agent.

Parameter Name

Value

Description

IgnoreXMLSDK

yes or no

If this parameter is added to the Agent Configuration Object and is set to Yes, the SiteMinder WSS Agent is disabled. This means that the Agent behaves as a Web Agent for all incoming requests.

If added to the Agent Configuration Object and set to No (or not added to to the Agent Configuration Object at all), the SiteMinder WSS Agent is enabled. That is, the Agent uses the XML SDK to process incoming HTTP requests under these conditions:

  • HTTP action is POST
  • HTTP MIME type is “text/xml” or, if the XMLSDKMimeTypes parameter is configured, any one of the MIME types specified by that parameter.
  • HTTP content is an XML document

XMLSDKMimeTypes

String

A comma-delimited list of MIME types that the SiteMinder WSS Agent will accept for processing by CA SiteMinder® Web Services Security. All POSTed requests having one of the listed MIME types are processed. Examples:

  • text/xml
  • application/octet-stream
  • text/xml,multipart/related

If you do not add this parameter to the Agent Configuration Object, the SiteMinder WSS Agent defaults to accepting only the text/xml MIME type.

ServerProductName

String

Description of the product name—for example, iPlanet Web Server. Provides a value for the SiteMinder WSS Agent variable property Server Product Name.

Note: For more information about setting this variable, see the CA SiteMinder® Web Services Security Policy Configuration Guide.

ServerVendor

String

Description of the Web Server vendor—for example, Sun. Provides a value for the SiteMinder WSS Agent Variable property Server Vendor.

Note: For more information about setting this variable, see the CA SiteMinder® Web Services Security Policy Configuration Guide.

ServerVersion

String

Description of the product version—for example, 6.0 SP2). Provides a value for the SiteMinder WSS Agent Variable property Server Version.

Note: For more information about setting this variable, see the CA SiteMinder® Web Services Security Policy Configuration Guide.

MaxXmlSdkRetries

Number

Defines the number of times the SiteMinder WSS Agent tries to contact the XML SDK server when it receives requests. The default is 3.

The Agent does not continually retry the server for the same request. If a request comes in and the Agent cannot contact the SDK server, that request is dropped and the Agent tries again when a subsequent request is made. The Agent attempts to connect for each new request until it reaches the number specified in this parameter.

If the SiteMinder WSS Agent does not connect to the XML SDK server, the Agent assumes the server is not running and stops trying to process CA SiteMinder® Web Services Security-specific requests.

Note: For the SiteMinder WSS Agent on Apache Web servers, this value applies to each process.

XMLSDKResourceIdentification

yes or no

Determines if the SiteMinder WSS Agent should identify the web service operation being requested by an incoming XML message as well as the resource identifier (that is, perform fine-grain resource identification).

The default is No.

Note: You must set this option to Yes if you want to use the Administrative UI to configure policies to protect resources with the SiteMinder WSS Agent.

XMLSDKAcceptSMSessionCookie

yes or no

Determines whether or not the SiteMinder WSS Agent accepts an CA SiteMinder session cookie to authenticate a client. The default is no.

If set to yes, the SiteMinder WSS Agent uses information in a session cookie sent as an HTTP header in the request as a means of authenticating the client.

If set to no, session cookies are ignored and the SiteMinder WSS Agent requests credentials required by the configured authentication scheme.

SAMLSessionTicketLogoffi

yes or no

Determines whether the SiteMinder WSS Agent should attempt to log off session tickets in SAML assertions. The default is yes.

XMLAgentSoapFaultDetails

yes or no

Determines whether or not the SiteMinder WSS Agent should insert the authentication/authorization rejection reason (if provided by the Policy Server) into the SOAP fault response sent to the Web service consumer. The default is no.