The SiteMinder Web Agent on an IIS 6.0 web server functions as an ISAPI extension. When an HTTP request is made, the IIS 6.0 web server challenges the user before the Web Agent responds to the request. The IIS server uses its native authentication scheme, Basic authentication, for the authentication challenge, if that scheme is selected in the server’s Management Console.
To enable the IIS 6.0 security context to work with the agent
The properties dialog (for your website) appears.
The Authentication Methods dialog appears.
The Authentication Methods dialog closes.
The properties dialog closes. The IIS 6.0 Security Context is enabled to work with the SiteMinder Web Agent.
If you want to use the URLScan utility from Microsoft to remove the Server HTTP Header from the responses your IIS Web server sends, you also need to set the following parameter for your IIS Web Agent:
Prevents an IIS Web Agent from returning the Server HTTP Header in its responses. When the value of this parameter is set to no, the Web Agent sends the Server header with its responses and the IIS Web server passes it along to the client. When the value of this parameter is set to yes, the web agent does not send the Server header in its responses.
Default: No
The URLScan utiltiy removes the header from the IIS server's responses, while hte SuppressServerHeader parameter removes the header from the Web Agent's responses. Both the utility and the parameter must be set to prevent the Server header from being sent to the client in all responses.
To keep the Web Agent from sending the Server header in responses, set the value of the SuppressServerHeader parameter to yes.
|
Copyright © 2012 CA.
All rights reserved.
|
|