Configure the resource_type-specific_mapping Section

Agent Guide › Configure Policies › SiteMinder Resource Mapping for WebLogic Resources › Configure the resource_type-specific_mapping Section

Configure the resource_type-specific_mapping Section

The final section of the mapping, resource_type-specific_mapping, tells SiteMinder the specifics of the protected resource. Its value is one or more slash(/)-delimited parameters specific to the type of resource being protected (as defined in the resource_type_filter section).

Administration Resources

To protect a WebLogic Administration resource, resource_type_filter must specify the following parameters (in the order shown):

/category/realm/action

Parameter Name	Description	Field value example
category	Category associated with the administration resource.	UserLockout
realm	Name of the WebLogic security realm.	MyRealm
action	Action associated with the resource. Optional — if not specified, defaults to "GET".	unlockuser

Parameter Name

Description

Field value example

category

Category associated with the administration resource.

UserLockout

realm

Name of the WebLogic security realm.

MyRealm

action

Action associated with the resource.

Optional — if not specified, defaults to "GET".

unlockuser

For example, for an Administration Resource with the following properties:

category=UserLockout, realm=myrealm, action=unlockuser

The complete resource mapping (effective resource) would be:

/wlsspiaz/adm/UserLockout/myRealm/unlockuser

EJB Resources

To protect a WebLogic EJB resource, resource_type_filter must specify the following parameters (in the order shown):

/app/module/ejb/method/methodInterface/methodParams

Parameter Name	Description	Field value examples
app	Name of the application containing the EJB	MyApp
module	Name of the module containing the EJB.	MyJarFile
ejb	Name of the EJB	myEJB
method	Method executed on the EJB	myMethod
methodInterface	Method interface invoked on the EJB	Home
methodParams	Arguments in the signature of the EJB method. Treat multiple arguments as separate slash(/)-delimited parameters.	java.lang.String, int

For example, for an EJB application with the following properties:

app=myApp, module=MyJarFile, ejb=myEJB, method=myMethod, methodInterface=Home, methodParams=(java.lang.String, int)

The complete resource mapping (effective resource) would be:

/wlsspiaz/ejb/myApp/MyJarFile/myEJB/myMethod/Home/java.lang.String/int

JDBC Resource

To protect a WebLogic JDBC resource, resource_type_filter must specify the following parameters (in the order shown):

/category/resource/action

Parameter Name	Description	Field value examples
category	Category of the JDBC resource.	connectionPool
resource	Name of the JDBC resource.	myPool
action	Action associated with the JDBC resource.	admin

For example, for a JDBC resource with the following properties:

category=connectionPool, resource=myPool, action=admin

The complete resource mapping (effective resource) would be:

/wlsspiaz/jdbc/connectionPool/myPool/admin

JMS Resource

To protect a WebLogic JMS resource, resource_type_filter must specify the following parameters (in the order shown):

/desType/resource/action

Field Name	Description	Field value examples
destType	Destination type of the JMS resource.	queue
resource	Name of the JMS resource.	myQueue
action	Action performed on the JMS resource.	receive

For example, for a JMS application with the following properties:

destType=queue, resource=myQueue, action=receive

The complete resource mapping (effective resource) would be:

/wlsspiaz/jms/queue/myqueue/receive

JNDI Resource

To protect a WebLogic JNDI resource, resource_type_filter must specify the following parameters (in the order shown):

/path/action

Parameter Name	Description	Field value examples
path	JNDI name in the JNDI path tree. Treat multiple JNDI names as separate slash(/)-delimited parameters.	pathComponent1, pathComponent2
action	Action to be performed on the JNDI resource.	modify

Parameter Name

Description

Field value examples

path

JNDI name in the JNDI path tree.

Treat multiple JNDI names as separate slash(/)-delimited parameters.

pathComponent1,
pathComponent2

action

Action to be performed on the JNDI resource.

modify

For example, for a JNDI application with the following properties:

path={pathComponent1,pathComponent2}, action=modify

The complete resource mapping (effective resource) would be:

/wlsspiaz/jndi/pathcomponent1/pathcomponent2/modify

Server Resource

To protect a WebLogic Server resource, resource_type_filter must specify the following parameters (in the order shown):

/server/action

Parameter Name	Description	Field value examples
server	Name of the server on which the action needs to be performed.	MyServer
action	Action performed on the Server.	shutdown

For example, for a server application with the following properties:

server=MyServer, action=shutdown

The complete resource mapping (effective resource) would be:

/wlsspiaz/svr/MyServer/shutdown

URL Resource

To protect a WebLogic URL resource, resource_type_filter must specify the following parameters (in the order shown):

application/contextPath/uri/httpMethod

Parameter Name	Description	Field value examples
application	Name of the application servicing this URL.	myApp
contextPath	Context-path of the application servicing this URL.	/mywebapp
uri	The URI requested. Treat multiple path arguments as separate slash(/)-delimited parameters.	/foo/bar.jsp

Parameter Name

Description

Field value examples

application

Name of the application servicing this URL.

myApp

contextPath

Context-path of the application servicing this URL.

/mywebapp

uri

The URI requested.

Treat multiple path arguments as separate slash(/)-delimited parameters.

/foo/bar.jsp

For example, for a server application with the following properties:

application=myApp, contextPath=/mywebapp, uri=/foo/bar/my.jsp

The complete resource mapping (effective resource) would be:

/wlsspiaz/url/myapp/mywebapp/foo/bar/my.jsp

Email CA about this topic