By default, the SiteMinder Agent installation creates an Agent configuration file for each Agent module:
Module |
Agent Configuration File |
---|---|
SiteMinder TAI |
AsaAgent-assertion.conf |
SiteMinder Login Module |
AsaAgent-auth.conf |
SiteMinder JACC Provider |
AsaAgent-az.conf |
The Agent configuration files are located in the ASA_HOME\conf directory, where ASA_HOME is the location where you installed the SiteMinder Agent. For example:
C:\smwasasa\conf
/opt/smwasasa/conf
Each Agent configuration file is created with the following default configuration parameters/values:
Parameter |
Default Value |
---|---|
EnableWebAgent |
Yes (the SiteMinder Agent is enabled by default) |
HostConfigFile |
Local Host Configuration File (typically ASA_HOME\conf\SmHost.conf or the location of the existing SmHost.conf file you specified during Trusted Host registration) |
AgentConfigObject |
The Agent Configuration Object specified during installation |
After installation, each Agent module has its own configuration file and all three configuration files reference the same Agent Configuration Object and Agent identity. However, you can change this arrangement to suit your needs by doing one of the following:
Note: For TAI-only configurations, create and configure a single Agent Configuration Object and configure the AsaAgent-assertion.conf file that references it.
The following table describes the features, benefits, and drawbacks of each possible Agent configuration arrangement:
Configuration |
Features |
Benefits/Drawbacks |
---|---|---|
Each Agent module has a separate Agent configuration file. All configuration files reference the same Agent Configuration Object. (Default) |
|
Benefits:
Drawback:
|
Each Agent module has a separate Agent configuration file. Each Agent configuration file references a separate Agent Configuration Object. |
|
Benefits:
Drawback:
|
All Agent modules share the same Agent configuration file and reference the same Agent Configuration Object. (Not recommended) |
|
Benefits:
Drawbacks:
|
Note: When using separate Agent Configuration Objects/Agent identities for each module, verify that the SiteMinder TAI and JACC Provider modules all authenticate/authorize against the same realms in the Policy Server. You can accomplish this by configuring them in an Agent group.
Copyright © 2010 CA. All rights reserved. | Email CA Technologies about this topic |