|
|
|
The AllowPOSTs attribute tells the SAML Affiliate Agent how to handle initial POST action requests to a protected resource for a user that does not have a SiteMinder session.
These requests can come from users or applications posting data to the consumer on an initial request. For example, a user might fill out a form at one site. The data from the form is then posted to the consumer. Because the user is unknown to the consumer, the SAML Affiliate Agent needs to permit the POST action without redirecting the request to the producer.
Note: Although the SAML Affiliate Agent may be configured to permit POST actions, the POST data is not preserved for future use. The POST data is simply passed through the SAML Affiliate Agent without a redirect to the producer.
For users that already have active sessions, the Agent ignores this setting.
To allow POST actions at the consumer, set the attribute to yes:
AllowPOSTs="yes"
Setting AllowPOSTs to yes allows access for initial posts. After the initial POST request, the Agent allows subsequent POST requests.
By default, this element is set to no so the SAML Affiliate Agent does not allow POSTs to the requested page.
If you do not want unknown users to post data to the URLs protected by the SAML Affiliate Agent, you can allow posts to a less secure area of your Web server that the SAML Affiliate Agent does not monitor.
Note: If the target resource where the user is trying to POST is unprotected, then the SAML Affiliate Agent will allow POSTs any time.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |