Hi Shahbaz,
ASA Agent for WebSphere hasn't been designed to act as Reverse
Proxy. If you need the ASA Agent to handle alone the Authentication
and Authorization, you might disable completely the security on the
WebSphere side and let the ASA Agent to handle both processing.
But again, in reverse proxy mode, this might not work as you may
wish. You'll need to request the product to be enhanced to get that
feature in future versions.
I hope this helps,
Best Regards,
Patrick
Original Message:
Sent: 09-16-2019 07:44 AM
From: Neetu dixit
Subject: WebSphere agent
Hi Pattrick,
The Challenge is we do not have any HTTP server in our environment where we could install standard apache agent and make it work as a reverse proxy.
We have only installed ASA agent on WebSphere server and was looking out for a way to set WebSphere itself as a reverse proxy and enable Authentication/Authorization from siteminder end rather than Websphere end.
Is there any way out to implement this?
Rewgards,
Shahbaz Shaikh
Original Message:
Sent: 09-16-2019 02:34 AM
From: Patrick Dussault
Subject: WebSphere agent
Hi Shahbaz,
Usually, people set a Web Agent on the IHS server, and the ASA Agent
on the WebSphere server to handle the authorization part, in order to
handle the JACC Provider.
Configure Rules for the JACC Provider
https://casupport.broadcom.com/cadocs/0/CA%20SiteMinder%20Agent%20for%20WebSphere%20r12%20SP2-ENU/Bookshelf_Files/HTML/index.htm?toc.htm?218662.html
I hope this helps,
Best Regards,
Patrick
Original Message:
Sent: 09-13-2019 05:36 AM
From: Neetu dixit
Subject: WebSphere agent
Hi Pattrick,
WebSphere version is 8.0.0.5 64 bit. And we have AIX 7.1.
Please note that we have overcome above issue and now host registration has been done successfully. The challenge now we are facing is that how do we set WebSphere Virtual Host in order to make it work as reverse proxy.
Also is there any way to off native authentication of WebSphere and activate authentication of ASA?
Regards,
Shahbaz Shaikh
Original Message:
Sent: 09-12-2019 02:33 AM
From: Patrick Dussault
Subject: WebSphere agent
Hi,
Is WebSphere 8.0 32 or 64bit ? You should note that we support on Aix
7 only the 64bit flavor :
SiteMinder 12.0 Application Server Agents, includes updates for base
release and all later CRs/SPs for this release
https://casupport.broadcom.com/phpdocs/7/5262/5262_120_ASA_PSM.pdf
Best Regards,
Patrick
Original Message:
Sent: 09-10-2019 07:46 AM
From: Neetu dixit
Subject: WebSphere agent
Hi,
We have a request for SM integration with WebSphere App server.IBM WebSphere Application Server ND with server version 8.0.0.5 and OS is AIX 7.1. Java version 1.5.
As a prerequisite i have set the JAVA_HOME environment variable to the location of the WebSphere JRE. Also I have given full permission to below policy files inside /AppServer/java/jre/Lib/Security.
chmod 744 local_policy.jar
chmod 744 US_export_policy.jar
Downloaded ca-asa-was-12.0-sp02 and installed it in their environment. While configuring the agent i got below error.
Could not register host
-----------------------
Could not register a trusted host with the SiteMinder Policy Server. Please
try again, or run smreghost located in /CA/smwasasa/bin manually after
installation.
Return value: 255
STDOUT:
STDERR: Failed to enable any clusters.
Registration has failed.
Please assist on this.
Best Regards,
Shahbaz Shaikh