Setting up a custom Password Services directory on a non-default web server requires you to:
The CGI extracts an agent_path from the Redirect URL to replace the default /siteminderagent/pw path.
The latter is a CGI directory. For example:
When a user is redirected to the Password Services CGI or servlet, it takes the information from the Policy Server, determines why the password is invalid, and displays a form that provides information or requests additional credentials from the user.
Make sure that the Password Services CGI or servlet is not protected. If SiteMinder is protecting directories above the servlet, create a realm that specifies the following:
Do not create a policy for this realm.
Note: If a user who is accessing resources through an Agent that is not using an SSL connection must change passwords, the user's new password information will be received over the non-secure connection. To provide a secure change of passwords, set up a password policy that redirects the user over an SSL connection using the Redirection URL field.
Copyright © 2010 CA. All rights reserved. | Email CA about this topic |