By configuring a series of Policy Server objects, you can allow privileged users to impersonate other users. This feature is useful in situations where a helpdesk or customer service representative must troubleshoot problems for a customer, or when an employee is out of the office. Part of the impersonation process requires an impersonation authentication scheme which allows a privileged user to begin the impersonation process, identify the user to be impersonated (impersonatee), and establish an impersonation session. This authentication scheme is similar to the HTML Forms authentication scheme.
Verify that the following prerequisites are met before configuring an Impersonation authentication scheme:
For general details about composing .fcc files, see SiteMinder FCC Files. For information about specific .fcc file requirements for impersonation, see Enable Impersonation through an .fcc File.
These libraries handle authentication processing These files are installed automatically when you install the Policy Server.
Note: Directory mapping does not support impersonation. The impersonatee, the user being impersonated, must be uniquely present in the authentication directories that are associated with the domain or the impersonation fails.
Copyright © 2012 CA.
All rights reserved.
|
|