Previous Topic: Add Users to a PolicyNext Topic: Add Resources to your Application

Agent for SharePoint GuideHow to Configure your CA SiteMinder Policy ServerCreate an Authentication Scheme for the Agent for SharePointCreate a CA SiteMinder Application to Protect SharePoint Resources that CA DataMinder also Protects

Create a CA SiteMinder Application to Protect SharePoint Resources that CA DataMinder also Protects

CA SiteMinder applications protect resources by combining access privileges with specific conditions. Users who have the privileges and meet the conditions are granted access to the resources they request.

This section describes creating an application with the following components:

These components meet the minimum requirements of the CA SiteMinder Agent for SharePoint. We recommend creating few applications and components during evaluation, testing, or initial-deployment environments. You can add more applications and components at any time.

Note: Resources protected with CA DataMinder require applications. Do not use policy domains.

Follow these steps:

  1. Click Policies, Applications.

    The applications screen appears.

  2. Click Create Application.

    The Create Application: screen appears, with the General tab selected.

  3. Enter a distinctive name and optional description.
  4. Create the component for the authentication URL by doing the following steps:
    1. Click the Component Name field, and type a distinctive name describing the SharePoint resources that you want to protect, such as, "Protected SharePoint Resources."
    2. Verify that Web Agent appears in the Agent Type drop-down list.
    3. Click Lookup Agent/Agent Group.

      The Select Agent or Agent Group screen appears.

    4. Click the option button that corresponds to your Agent Object, and then click OK.

      Important: Do not add the 4.x agent object to any agent group, application, or component. This agent object exists only to support the internal operations of the Agent for SharePoint.

    5. Click the Resource Filter field, and then enter the following value: 
      affwebservices/redirectjsp/redirect.jsp

      Verify that the field begins with one forward slash as shown in the following example:

      /affwebservices/redirectjsp/redirect.jsp
    6. Click the Authentication Scheme drop-down list, and then select the authentication scheme that you want.
    7. Click OK.
  5. Create the component for the ClaimsWS by doing the following steps:
    1. Click Create Component.

      The Create Component screen appears, with the cursor in the Component Name field.

    2. Type a distinctive name describing the SharePoint resources that you want to protect, such as, "Claims Web Service."
    3. Verify that Web Agent appears in the Agent Type drop-down list.
    4. Click Lookup Agent/Agent Group.

      The Select Agent or Agent Group screen appears.

    5. Click the option button that corresponds to your Agent Object, and then click OK.

      Important: Do not add the 4.x agent object to any agent group, application, or component. This agent object exists only to support the internal operations of the Agent for SharePoint.

    6. Click the Resource Filter field, and then enter the following value: 
      ClaimsWS/services/WSSharePointClaimsServiceImpl
    7. Verify that the field begins with one forward slash as shown in the following example: 
      /ClaimsWS/services/WSSharePointClaimsServiceImpl
    8. Click the Unprotected option button.
    9. Click OK.
  6. Add your user directory connection by doing the following steps:
    1. Click Add/Remove.

      The Choose user directories screen appears.

    2. Under the Available Members, click the directory connections that you want, and then click the arrow icon between the lists.

      Your directory connections move to the Selected Members list.

    3. Click OK.

      The Choose user directories screen closes, and the Create Application: screen appears.

    Note: The components in Steps 5 and 6 are the basic components the Agent for SharePoint requires to operate. For testing or production environments, create components for the other SharePoint URLs resources you want to protect. Possible examples of components include the following items:

  7. Click Submit.

    The application is created and a confirmation message appears.