What are 4x and 5x agents in CA Single sign on ? When do we use them ?
Do we need the 4x agent support for Layer 7 integration with SiteMinder?
Older versions of the CA Single Sign-On agent objects used a security model that featured a shared secret that is stored on the Policy Server and in the WebAgent.conf file. These agents are named 4.x type agents. You can specify support for 4.x agent functions when creating an agent object in the Administrative UI. Later versions use a trusted host object on the Policy Sever instead of the shared secret security model.
You would be using the 4.X and 5.X agent support when creating a custom agent, which you can do using the SSO Development kit. See the programming reference guide for more information.
There are also some products with embedded SSO agents (e.g. IdentityMinder) who will use a 4.x/5.X communications mechanism. Another situation where you would be using them is if trying to use the old FSSUI fo administer SSO.
Thanks Miquel for the response. So, if I am using the older versions of webagent or integrating with help of a custom agent which has a communication mode 4.x or 5.x or 6.x, only the webagent.conf file is generated and it has all the contents of smhost and localconfig files right ?
Regarding Layer 7 please take a look at
Likely it uses either the 4.X or 5.X communication mode. If you would like more information about which one, I'd open a question in the API Mobile Gateway community as they may have a bit more details
Miquel-Gilibert-i-Sunye, Thanks for the link. It would be helpful if you can let me know the communication mode as well.
And if its 4.x, I will have to select the support 4.x option and provide IP and shared secret, if it is 5.x I can create a normal agent without 4.x support right ?
I would also like to know the way I get the value to the secret. Do I have to generate the secret at Layer7 end and copy the same later in the agent by selecting the 4x option. Or chose a secret value while creating the agent in SM and force layer7 to use the same value.
There is a checkbox in SiteMinder ACO for support for 4.x and 5.x agents. They are not separate options
Regarding the shared secret this is specified when you install the agent, so when you create the agent in Layer 7. In SiteMinder you basically specify the ACO, etc. I am not an expert in Mobile API, but I have seen there are some threads about SiteMinder and Agents in their community.
I believe the best thing regarding how to instrument this from Layer 7 would be to open a question there
Hope to have helped