Web Agent response attributes are response attributes that SiteMinder Web Agents can interpret and pass on to other applications. The following is a list of generally available Web Agent response attributes:
Indicates an attribute defined and reserved for future SiteMinder use.
Generates a SetCookie header, which then sets a non-persistent cookie in a Web browser. The cookies only exist in the cookie domain where the Web Agent is configured. You can enter multiple WebAgent-HTTP-Cookie-Variables.
Limits: Use in accept or reject responses. Multiple instances of this attribute are allowed per response.
Specifies an arbitrary dynamic name/value pair for use by a Web application. You can enter multiple WebAgent-HTTP-Header-Variables.
The Web Agent does not include header variables in the responses that it sends back to a Web browser. Instead, these responses, generated by the Policy Server, reside in the request headers of the Web server.
Consequently, the header variables will not be visible in the debug logs that you can enable from the Policy Server Management Console.
Limits: Use in accept or reject responses. Multiple instances of this attribute are allowed per response.
Defines one of the following, depending on the type of response in which it is used:
To determine whether or not this is an authorization or authentication response, include it in a policy with a rule that specifies an OnAuthAccept or OnAccessAccept event action.
Limits: Use in accept responses. Only one instance of this attribute is allowed per response.
Specifies text that the Web Agent puts in the HTTP_ONACCEPT_TEXT environment variable when it redirects the user after a successful authorization or authentication attempt.
Limits: Use in accept responses. Only one instance of this attribute is allowed per response.
Note: When configuring a Web Agent OnAcceptText response, set the FCC Compatibility Mode parameter (fcccompatmode) corresponding to the Web Agent to yes. This ensures that user authentication takes place at the Web Agent and that the text in the response is available for display in the user's browser. If the FCC Compatibility Mode parameter (fcccompatmode) is set to no, user authentication takes place at the Forms Credential Collector (FCC), where the response is triggered, but the text in the response is lost.
Overrides the number of seconds a user session can be idle. Once this limit is reached, the user is forced to re-authenticate. Associate this response with a rule configured with an OnAuthAccept authentication event.
Limits: Use in accept responses. Only one instance of this attribute is allowed per response.
Overrides the total number of seconds a user session can be active. Once this limit is reached, the user session is terminated and the user is forced to re-authenticate. Associate this response with a rule configured with an OnAuthAccept authentication event.
Limits: Use in accept responses. Only one instance of this attribute is allowed per response.
Specifies an AuthContext response attribute for an authentication scheme. The value of this response attribute is added to the SiteMinder session ticket as the value of the SM_AUTHENTICATIONCONTEXT user attribute. It is not returned to the client as a user response.
Note: The response attribute value is truncated to 80 bytes in length.
Limits: Used in accept responses. Only one instance of this attribute is allowed per response.
Defines one of the following, depending on the type of response in which it is used:
To determine whether or not this is an authorization or authentication response, include it in a policy with a rule that specifies an OnAuthReject or OnAccessReject event action.
Limits: Use in reject responses. Only one instance of this attribute is allowed per response.
Specifies text that the Web Agent puts in the HTTP_ONREJECT_TEXT environment variable when it redirects the user after a failed authorization or authentication attempt.
Limits: Use in reject responses. Only one instance of this attribute is allowed per response.
Copyright © 2010 CA. All rights reserved. | Email CA about this topic |