Agent Guide › Verify the SiteMinder Agent Installation and Configuration › Set Up the Test Scenario › Configure the Policy Server for the Security Application

Configure the Policy Server for the Security Application

Configure realms, rules, and a policy to protect the WebLogic Sample Security Application.

Note: The following procedure provides an overview of the steps required to create the required policy objects with appropriate parameter settings. For detailed procedural information, see the Policy Server Configuration Guide.

To configure the Policy Server to protect the Security Application

1. Start the SiteMinder Administrative UI.
2. Verify that the domain that contains the realms that you created for the SiteMinder Agent Providers are associated with the user directory that contains the user that you want to use for the test.
3. Create a rule for the Authorization Provider Realm with the following properties:
   • Domain

     The domain that contains the realms that you created for the SiteMinder Agent Providers.

   • Realm

     The realm that you created for the Authorization Provider.

   • Name

     Authorization Provider Rule Test Rule.

   • Resource

     *

   • Action

     Select the Web Agent Actions option button and highlight the GET action.

4. Modify the realm that you created for the Authorization Provider to create a subrealm with the following properties to Protect URL Resources:
   • Name

     A unique name for the subrealm.

   • Resource Filter

     The resource filter URL.

   • Default Resource Protection

     Protected.

   • Authentication Scheme

     Basic.

5. Create a rule in the subrealm you created in Step 4 with the following properties
   • Name

     A unique name for the rule.

   • Resource

     /security/examplesWebApp/*

   • Action

     Verify that the Web Agent actions option button is selected, and the GET action is highlighted.

6. Create a Policy with the following properties to Protect the Security Sample:
   • Name

     A unique name for the policy.

   • Users

     Add users or groups of users that are allowed to access the security application.

   • Rules

     select the rules that you created in steps 3 and 5.