Federation Security Services Guide › Configure SiteMinder as a Resource Partner › How To Protect a Target Resource with a WS-Federation Authentication Scheme
How To Protect a Target Resource with a WS-Federation Authentication Scheme
Protect target federation resources by configuring a SiteMinder policy that uses the WS-Federation authentication scheme.
Follow these steps:
- Create a realm that uses the WS-Federation authentication scheme. The realm is the collection of target resources.
You can create a realm in the following ways:
- Create a unique realm for each authentication scheme already configured.
- Configure a single target realm that uses a custom authentication scheme to dispatch requests to the corresponding WS-Federation authentication schemes. Configuring one realm with a single target for all producers simplifies configuration of realms for authentication.
- Configure an associated rule and optionally, a response.
- Group the realm, rule, and response into a policy that protects the target resource.
Important! Each target URL in the realm is also identified in an unsolicited response URL. An unsolicited response is sent from the Account Partner to the Resource Partner, without an initial request from the Resource Partner. In this response is the target. At the Account Partner, an administrator includes this response in a link. The link redirects the user to the Resource Partner.
Copyright © 2012 CA.
All rights reserved.
|
|