You can change the static Agent key used by SiteMinder Web Agents to encrypt identity information for certain SiteMinder features.
Important! Changing the static key is not recommended because the change can cause some SiteMinder features to lose the data they require to function properly. Features that establish and use an identity stored in a persistent cookie will no longer work. Change the static key only in extreme situations such as security breaches. Authenticated users may be forced to login again before single sign-on will function across multiple SiteMinder installations.
A static key may also be used to maintain a single sign-on environment in an environment that requires multiple Policy Servers and multiple master key stores.
To change the static key
The Key Management pane opens.
The pane changes to support static keys.
Static key
Specify a value that the Policy Server uses as the static key. Use this option in situations where two key stores must use the static key to maintain a single sign-on environment.
Confirm key
Re-enter the static key.
Depending on the option you selected, the Policy Server generates a new static key or uses the one you specified. The static key rolls over within three minutes.
The Policy Server can generate the session ticket key using an algorithm, or you can enter the session ticket key manually. A session ticket is established each time a user authenticates successfully and enables the Policy Server to determine how long a user’s session can continue.
Note: The only implementation that requires a manually assigned session ticket key is one that includes multiple, independent key stores. Automatically generated keys cannot be propagated across independent key stores by the Policy Server. In all other instances it is recommended that you use the session ticket key generated by the Policy Server algorithm.
Copyright © 2012 CA.
All rights reserved.
|
|