By default a realm is created in a Protected state. In most cases, you should use protected realms instead of changing a realm to an Unprotected state. In a protected realm, all resources are protected against access. To allow access, a rule must be defined, then included in a policy.
When you create a realm in an Unprotected state, you must configure rules before SiteMinder protects the resources in the realm. If you create a rule for resources in the unprotected realm, only the specified resources are protected. Once the resource is protected, the rule must be added to a policy to allow users to access the resource. You may want to use an unprotected realm if only a subset of the resources in a realm need to be protected from unauthorized access.
The following is an example of the actions required when setting up an Unprotected realm:
Action |
Protection State |
Create unprotected realm called Realm1 with the Resource Filter: /dir. |
Resources contained in /dir and subdirectories are not protected. |
Create Rule1 in Realm1 for the resource: file.html. |
The file /dir/file.html is protected, but the rest of the contents of /dir are not protected. |
Create Policy1 and bind Rule1 and User1 to the Policy. |
User1 can access /dir/file.html. All other users cannot access the protected file. |
Note: If you want to track users for a realm with an Anonymous authentication scheme, the realm must be a protected realm. For information about the Anonymous scheme, see Anonymous Authentication Schemes.
Copyright © 2010 CA. All rights reserved. | Email CA about this topic |