Web Agent GuidesWeb Agent Configuration GuideConfigure Virtual Servers › Assign Web Agent Identities for Virtual Servers

Previous Topic: Add a SiteMinder Wildcard Mapping to Protect IIS 6.0 Virtual Web Sites

Next Topic: Specify Virtual Servers for the Web Agent to Ignore

Assign Web Agent Identities for Virtual Servers

Additional Web Agents for each virtual server are not actually defined, but are assigned a Web Agent identity. To protect virtual servers that have unique access requirements or to protect distinct realms, assign each server a unique Agent identity and use the default agent name for all other virtual servers. The advantage of this option is that you can configure your SiteMinder installation quickly, yet still guard virtual servers hosting realms that require separate protection.

The AgentName parameter and its associated IP address provide mapping for web server interfaces to agent names as defined in the policy store. Web Agents need to make Agent API calls in the proper agent name context in order for the correct set of rules and policies to apply. If no Agent name or IP address is assigned for mapping to the policy store, then the Web Agent uses the value of the DefaultAgentName parameter only for a virtual server.

To protect virtual servers using unique Agent identities, add a Web Agent for each virtual server in the AgentName parameter. Adding separate Web Agents for each virtual server lets you define unique realms and rules for each virtual server.

To assign a Web Agent identity

  1. Enter the name of the agent and the IP address, separated by a comma.
  2. Specify the port number associated with the IP address (for example: 112.12.12.1:8080) if your virtual servers share the same IP address, but use different ports. If you are using default ports, port numbers are not required.
  3. To add more than one Agent, put each entry on a separate line, as in the following example: 
    agentname="agent1,123.123.12.12:8080"
agentname="agent2,123.123.12.12:8081"
agentname="agent3,123.123.12.13"
  4. If you add an Agent Identity, you must define it in the Administrative UI with the same configuration. Make sure that the Agent Identity is defined in Administrative UI exactly as it is defined for the Agent configuration.

If it finds no entries in the AgentName parameter, SiteMinder uses the value of the DefaultAgentName only for a virtual server.

Note: If you change the DefaultAgentName, make sure that it is defined in the Administrative UI exactly as it is defined for the Agent.

Copyright © 2010 CA. All rights reserved. Email CA about this topic