|
|
|
To enable granular policy definition for WebLogic resources, the SiteMinder Authorization Provider requires that you create a realm in the Administrative UI. This realm allows you to create rules and policies that determine whether a user is allowed to access a protected WebLogic resource.
Note: The following procedure provides an overview of the steps required to create the required policy objects with appropriate parameter settings. For detailed procedural information, see the Policy Server Configuration Guide.
To configure a realm for the SiteMinder Authorization Provider
A domain such as the domain you created for the SiteMinder Authentication Provider realm.
A unique name for the realm (for example, SiteMinder Authorization Provider Realm).
An optional description for the realm
The name of the SiteMinder Agent identity that you created for the SiteMinder Agent.
Enter the Agent name in the text box or click Lookup to select the Agent name from a list of configured Agent identities.
/wlsspiaz
Basic.
If you are using the SiteMinder Authorization Provider with the SiteMinder IA, the protection level for the authentication scheme for the Authorization Provider must be the same or lower than the protection level for realms protected by the front-end Web Agent. If the protection level is higher, the Authorization Provider rejects the user using the WebLogic native security services.
An appropriate session timeout value.
Note: Bear in mind that there is no session synchronization between the SiteMinder Agent and WebLogic when setting timeout values.
An appropriate session idle timeout value.
Note: Bear in mind that there is no session synchronization between the SiteMinder Agent and WebLogic when setting timeout values.
Non-persistent.
| Copyright © 2010 CA. All rights reserved. | Email CA about this topic |