Previous Topic: Identify a Resource by Agent, Realm, and Rule

Next Topic: Nested Realms

Unprotected Realms, Rules, and Policies

By default a realm is created in a Protected state. In most cases, you should use protected realms instead of changing a realm to an Unprotected state. In a protected realm, all resources are protected against access. To allow access, a rule must be defined, then included in a policy.

When you create a realm in an Unprotected state, you must configure rules before SiteMinder protects the resources in the realm. If you create a rule for resources in the unprotected realm, only the specified resources are protected. Once the resource is protected, the rule must be added to a policy to allow users to access the resource. You may want to use an unprotected realm if only a subset of the resources in a realm need to be protected from unauthorized access.

The following is an example of the actions required when setting up an Unprotected realm:

Action

Protection State

Create unprotected realm called Realm1 with the Resource Filter: /dir.

Resources contained in /dir and subdirectories are not protected.

Create Rule1 in Realm1 for the resource:

file.html.

The file /dir/file.html is protected, but the rest of the contents of /dir are not protected.

Create Policy1 and bind Rule1 and User1 to the Policy.

User1 can access /dir/file.html. All other users cannot access the protected file.

Note: If you want to track users for a realm with an Anonymous authentication scheme, the realm must be a protected realm. For information about the Anonymous scheme, see Anonymous Authentication Schemes.


Copyright © 2010 CA. All rights reserved. Email CA about this topic