- If necessary, start the Web Agent Configuration Wizard.
The default method is to select Start, Programs, SiteMinder, Web Agent Configuration Wizard. If you have placed the Wizard shortcut in a non-default location, the procedure will be different.
Important! If you are running this wizard on Windows Server 2008, run the executable file with Administrator permissions, even if you are logged into the system as an Administrator. For more information, see the release notes for your SiteMinder component.
Note: If you chose to configure the Web Agent immediately after the installation, SiteMinder automatically starts the wizard automatically.
- If you have already done host registration, skip to the next step. If not, select No in the Host Registration dialog box to skip registration, then click Next.
To register a trusted host, go to the installation chapter for your platform.
- Select the web server instances that you want to configure with Web Agents.
If you have already configured a server with a Web Agent and you are running the Configuration Wizard to configure additional web servers instances, the Wizard displays the Select One or More Instances to Overwrite dialog box. This dialog box lists the web servers that you have previously configured.
- Select one of the following:
Overwriteto overwrite the server instance configuration.
Preserveto preserve the web servers configuration.
Important! If you uncheck a previously configured server, the Web Agent will be removed from this server.
- Click Next.
- In the Agent Configuration Object field, enter the name of the Agent Configuration Object for this web server instance, then click Next.
This name must match an Agent Configuration Object already defined at the Policy Server. For example, to use the default enter iPlanetDefaultSettings.
- If applicable, select one of the advanced SSL authentication schemes listed in the SSL Authentication dialog box. If the Agent is not providing advanced authentication, select No advanced authentication. Click Next.
The selections are:
- HTTP Basic over SSLidentifies a user based on a user name and password. The credential delivery is always done over an encrypted Secure Sockets Layer (SSL) connection.
- X509 Client Certificateidentifies a user based on X.509 V3 client certificates. Digital certificates act as a signature for a user. Certificate authentication uses SSL communication.
- X509 Client Cert and HTTP Basiccombines X.509 Client Certificate and Basic authentication. The user's X.509 client certificate must be verified and he or she must provide a valid user name and password.
- X509 Client Cert or HTTP Basiccombines X.509 Client Certificate and Basic authentication. The user's X.509 client certificate must be verified, or he or she must provide a valid user name and password.
- X509 Client Cert or FormThe X.509 Client Certificate or HTML Forms authentication scheme combines the use of X.509 Client Certificates and the use of customized HTML forms to collect authentication information. Using this scheme, the user's X.509 client certificate must be verified or the user must provide the credentials requested by an HTML form.
- X509 Client Cert and FormThe X.509 Client Certificate and HTML Forms authentication scheme combines the use of X.509 Client Certificates and the use of customized HTML forms to collect authentication information. Using this scheme, the user's X.509 client certificate must be verified and the user must provide the credentials requested by an HTML form.
Note: For additional information about advanced authentication schemes, see the Policy Server Configuration Guide.
- If you want to configure Self Registration for DMS2, select Yes. If not, select No.
A servlet engine is required to run Self Registration. If the Web Agent Configuration Wizard does not detect a servlet engine, the Select Servlet Engine for Registration dialog box is not displayed.
If you selected Yes to configure Self Registration:
- Select a servlet engine to be set up for the web server. If you do not see your engine displayed, select Other Advanced server. Click Next.
- In the Self Registration Services Admin Account dialog box, identify the the DMS Administrator by provide values for the Admin User Name, Admin Password and Admin Confirm Password fields and click Next.
The user name and password that you enter here must match the DMS Admin values you set at the Policy Server.
The DMS Administrator account secures DMS requests that are performed outside of the scope of a DMS administrator, such as self-registration. The user name and encrypted password for the account are stored in the dms.properties file on the Web Agent.
- In the Web Server Configuration Summary dialog box. Confirm that the configuration settings are correct, then click Install.
The Web Agent files are installed and the Configuration Complete dialog box displays.
- Click Done to exit the Configuration Wizard.
- Enable the Web Agent:
- Open the WebAgent.conf file, located in:
Sun_Java_System_server_home\servers\https-hostname\config
- Set the EnableWebAgent parameter to Yes.
- Save the file.
- Apply changes to Sun Java System Web Server files. This is required for the Agent's configuration to take effect.