Before you run the Configuration wizard, be prepared with the following information:
Specifies the database type (SQL or Oracle) you plan to use for the policy store.
Identifies the database that CA SiteMinder® Federation Standalone uses.
Specifies the host name or IP address of the server where the database is installed. The database is the data store repository.
The following entries are allowable, based on operating environment and database type:
Windows (Oracle and SQL): IPv4 address, IPv6 address, host name
UNIX (Oracle): IPv4 address, host name
UNIX (SQL): IPv4 address, IPv6 address, host name
Important! Do not use square brackets around an IPv6 address in this field. The omission of brackets applies only to this setting. Example: 3ff3:1900:4545:3:200:f8ff:fe25:67 (no square brackets)
If you want to use an SQL database named instance, enter the following value for the operating environment:
Windows: server_name\named_instance
Example: server01-w3s-t1\federation1
In this example, server01-w3s-t1 is the server name and federation1 is the instance name.
UNIX: server_name
Specify the database server name in this field, not the SQL named instance. Additionally, enter the port number of the SQL named instance in the Database port field.
Example: server01-w3s-t1
Names the database instance.
Limits
SQL: Database name
Oracle: Name of the Oracle user with CONNECT and RESOURCE roles for the tablespace where CA SiteMinder® Federation Standalone creates and manages database tables.
Identifies the port that the database is listening on. Change the port number if the database is not running on the default port. For example, if you specified an SQL named instance for the database server, enter the port for this database instance.
Defaults
SQL:1433
Oracle: 1521
Names the administrator with super administrative privileges to access the database, and create and manage database tables.
The user name can contain any printable character except for the forward slash (/). The forward slash cannot be used for an Oracle database because it causes the connection to the database to fail.
Specifies the password for the database administrator account. The password can contain any printable character except for the forward slash (/). The forward slash cannot be used for an Oracle database because it causes the connection to the database to fail.
Specifies the TCP port number that CA SiteMinder® Federation Standalone is listening on.
Default: 44442
Limit: A numeric value except 44443, 44444, 44445. The port numbers 44443, 44444, 44445 are not permitted.
Determine how to implement CA SiteMinder® Federation Standalone in your environment.
The deployment mode options are:
In a proxy mode deployment, CA SiteMinder® Federation Standalone is the main entry point to all backend resources.
Select this mode if:
Note: You can protect the HTTP Headers against modification by an unauthorized user by setting an HTTP Header prefix. More information is available for protecting HTTP Headers in proxy mode.
In a standalone mode deployment, CA SiteMinder® Federation Standalone is deployed along side either CA SiteMinder® Web Agents or third-party web servers. In this case, CA SiteMinder® Federation Standalone handles only federation requests; web servers handle all other requests.
Select this mode if you want to limit federation traffic to CA SiteMinder® Federation Standalone and off-load the handling of regular web traffic to other web servers.
In standalone mode, you cannot pass user attributes from an assertion using HTTP headers. You cannot add HTTP headers to the response. No mechanism between the web server and the browser exists to make this modification.
Identifies the fully qualified domain name of the backend server where CA SiteMinder® Federation Standalone forwards the requests for federated resources.
CA SiteMinder® Federation Standalone uses the open source Apache web server as the HTTP listener for incoming requests.
Identifies the fully qualified domain name of the CA SiteMinder® Federation Standalone deployment. This server name does not necessarily map to the system where CA SiteMinder® Federation Standalone is installed. You can consider it a virtual host.
Specifies the email address for the database administrator.
The Apache server installed with CA SiteMinder® Federation Standalone requires this setting. The Apache server uses the e-mail address of the administrator in its default error messages when problems occur. The e-mail address is set with the ServerAdmin directive and can be any valid e-mail address.
Note: The events forwarded to this address are server-specific errors and warnings for the Apache server. The messages are not related to federation.
Specifies the port listening for HTTP requests.
Default: 80
Note: If you have another web server on your system using port 80, change the default port for the Apache web server.
Specifies the Apache port listening for SSL requests.
Default: 443
Note: If you have another web server on your system using port 443, change the default SSL port for the Apache web server.
Specifies the port listening for CA SiteMinder® Federation Standalone UI HTTP requests.
If you change this port, be aware that it must be internal-facing and must not be accessible from the Internet.
Default: 8888
Specifies the port listening for CA SiteMinder® Federation Standalone UI SSL requests.
If you change this port, be aware that it must be internal-facing and must not be accessible from the Internet.
Default: 8889
Important! The port numbers must be unique for the following settings:
|
Copyright © 2013 CA.
All rights reserved.
|
|