You can manage the web services through an ACO. To use the web services, you must enable the enableauth parameter or the enableaz parameter or both.
Follow these steps:
Defines the names of the web agent that protects a resource. You can define one or more web agents where each web agent protects an application. Enter a multi-value pair in the following format:
agent_name,appID
Defines the name of the web agent that protects a resource.
Defines the reference name of the web agent that was specified in agent_name or of the application that is protected by the web agent. CA SiteMinder® uses this value in the web services requests, thus protecting the agent name from the users.
Specifies the status of the authentication web service. If you want to use the authentication web service, set the value to yes.
Specifies the status of the authorization web service. If you want to use the authorization web service, set the value to yes.
Specifies whether the web services must be protected by a CA SiteMinder® agent. In a production environment, we highly recommended that you set this value to yes and protect the web services by a CA SiteMinder® Agent. If you set the value to yes and the web services are not protected, the requests to web services fail.
Note: The value of RequireAgentEnforcement can be set to no in a test environment or if the web services are protected by any other mechanism other than CA SiteMinder®.
We recommend that you protect the web services in a production environment. Protecting the web agent of the web services lets CA SiteMinder® authenticate and authorize the web services client before a user request is processed. When you protect the web services in your production environment, CA SiteMinder® SPS includes the SMSESSION cookie into the user request. If the RequestSmSessionCookie ACO parameter is enabled, CA SiteMinder® ensures that the web services verify the user request for the SMSESSION cookie before processing the user request.
To protect the web services, we recommend that you configure CA SiteMinder® SPS to protect the web services root URL using the X.509 Client Certificate authentication scheme.
Copyright © 2013 CA.
All rights reserved.
|
|