The IIS 6.0 Web Agent can work with Microsoft’s SharePoint Portal Server 2003 and provide single sign-on for resources stored on that server.
Note: In a SharePoint security context, the user store must be Active Directory (AD).
To integrate the Web Agent and the SharePoint sever,
<appSettings> <add key="SPS-EnforceIISAnonymousSetting" value="false"/> </appSettings>
Note: For more information, see the Policy Server documentation.
The Web Agent is integrated with the SharePoint Portal Server 2003.
When a Web Agent creates a cookie, the web agent automatically uses the root (/) directory as the cookie path. The domain and path attributes of cookies are compared to the URL of a request. If the cookie is valid for the domain and the path, the client sends the cookie to the server. When the cookie path uses the root value, the client sends the cookie to the server with all requests in the domain.
You can set SiteMinder cookies to a given set of paths to eliminate the web traffic caused when cookies are sent for unprotected resources. For example, if a cookie path is set to /mypackage, the client only sends the cookie for requests in a particular package in the domain.
To specify the cookie path for agent cookies
Specifies the path for the primary-domain session cookies created by the cookie provider. For example, if this parameter is set to /siteminderagent, all session cookies that the cookie provider creates will have the /siteminderagent path. If this parameter is not set in the Cookie Provider Agent, the default value is used.
Default: / (root)
Specifies the cookie path for the following secondary agent browser cookies:
For example, setting this parameter to /BasicAuth, all of the secondary agents in the previous list are created using /BasicAuth as the path. If not specified, the default value is used.
The CookiePath is not added to credential cookies (such as xxxxCRED) to maintain backwards compatibility with 4.x agents.
The following cookies will always use the root (/) path:
If the CookiePathScope parameter is greater than zero, the CookiePath parameter settings are overriden.
Default: / (root)
Specifies the scope of the cookie path for the following secondary agent cookies:
Using a CookiePathScope greater than zero in this parameter overrides the setting of the CookiePath parameter.
Default: 0
The following table shows how the value of the CookiePathScope parameter works with the following settings:
|
If the CookiePath value is: |
And the CookiePathScope value is: |
Then the following path is used: |
|---|---|---|
|
/BasicA |
0 |
/BasicA |
|
/BasicA |
1 |
/Path1 |
|
/BasicA |
2 |
/Path1/Path2 |
|
/BasicA |
3 |
/Path1/Path2/Path3 |
|
/BasicA |
4 |
/Path1/Path2/Path3/Path4 |
|
/BasicA |
5 |
/Path1/Path2/Path3/Path4 |
|
/BasicA |
99 |
/Path1/Path2/Path3/Path4 |
|
/ or "undefined" |
0 |
/ |
|
/ or "undefined" |
1 |
/Path1 |
|
/ or "undefined" |
2 |
/Path1/Path2 |
|
/ or "undefined" |
3 |
/Path1/Path2/Path3 |
|
/ or "undefined" |
4 |
/Path1/Path2/Path3/Path4 |
|
/ or "undefined" |
5 |
/Path1/Path2/Path3/Path4 |
|
/ or "undefined" |
99 |
/Path1/Path2/Path3/Path4 |
These settings also affect simple SSO. For example, if the value of the CookiePathScope is set to 1 or higher,users will get challenged for credentials for both /BasicA/Index.html and /BasicB/Index.html since the SESSION cookie with a path /BasicA will not be valid for /BasicB/Index.html request.
|
Copyright © 2012 CA.
All rights reserved.
|
|