Agent Guide › Configure the SiteMinder Authorization Provider › Configure the SiteMinder Authorization Provider in WebLogic

Configure the SiteMinder Authorization Provider in WebLogic

Configure the Authorization Provider in the Security Realms Node in the WebLogic Administration console.

To configure the Authorization Provider in WebLogic

1. Open the WebLogic Server Administration Console.
2. In the navigation frame on the left of the console, click the Security Realms node in the Domain Structure list.
3. Click on the name of the realm you are configuring (for example, myrealm).
4. Click the Providers tab.
5. Click the Authorization tab to display the Authorization Providers list.
6. Click New to create a new Authorization Provider.
7. On the Create a New Authorization Provider page:
   1. Specify a name for the Authorization Provider in the Name field. For example, SMAuthorizationProvider.
   2. Select SiteMinderAuthorizationProvider from the Type drop-down list.

   Note: If SiteMinderAuthorizationProvider is not listed, check the SiteMinder Agent installation to determine if it was successful.

8. Click OK to save the new Authorization Provider.
9. Click the entry for your SiteMinder Authorization Provider in the Authentication Providers list to open it for editing:
   1. Click the Provider Specific tab.
   2. To determine what access decision the SiteMinder Authorization provider returns when the requested resource is not authenticated by SiteMinder, set the Abstain if Not Authenticated flag as follows:

The effect that these access decisions have on a user's access to a WebLogic resource depends on how the Adjudication Provider is configured.

1. To determine what access decision the SiteMinder Authorization provider returns when the requested resource is not protected by a SiteMinder policy, set the Abstain if Not Protected flag as follows:

1. In the SMAz Provider Config File field, enter the location of the configuration file for Authorization Provider.

   If you are using the default Agent configuration file, the location is ASA_HOME/conf/WebAgent.conf. If you created a new Agent configuration file for the Authorization Provider, be sure to enter the location and file name of the file you created.

You can use an absolute or relative path. If you use a relative path, the configuration file will be relative to the directory smasa.home/conf or relative to your current WebLogic Server working directory, WLS_HOME/user_projects/yourdomain.

1. Click Save.
2. Enable the Authorization Provider.
3. Enable SiteMinder logging.
4. If you finished configuring SiteMinder Agent Providers, restart the WebLogic server and check SiteMinder logs to verify that the Authorization Provider is configured correctly.

   If you are configuring additional SiteMinder Agent Providers, you can restart the WebLogic server after all of the configuration steps are complete.