Hello All,
I am trying to protect
From CA Notes:
RequireAgentEnforcement Specifies whether the web services must be protected by a CA SiteMinder® agent. In a production environment, we highly recommended that you set this value to yes and protect the web services by a CA SiteMinder® Agent. If you set the value to yes and the web services are not protected, the requests to web services fail. Note: The value of RequireAgentEnforcement can be set to no in a test environment or if the web services are protected by any other mechanism other than CA SiteMinder®.
Protect the Web Services We recommend that you protect the web services in a production environment. Protecting the web agent of the web services lets CA SiteMinder® authenticate and authorize the web services client before a user request is processed. When you protect the web services in your production environment, CA SiteMinder® SPS includes the SMSESSION cookie into the user request. If the RequestSmSessionCookie ACO parameter is enabled, CA SiteMinder® ensures that the web services verify the user request for the SMSESSION cookie before processing the user request. To protect the web services, we recommend that you configure CA SiteMinder® SPS to protect the web services root URL using the X.509 Client Certificate authentication scheme.
Protecting via X.509 Client Certificate authentication scheme. Is it the only way?
or is there any other way to protect it similar to normal resource protection like normal web agent SSO?
in my case, I have 2 application and my agentname looks like below
wsagent,dns of web services.
wsagent_app1,app1
wsagent_app2_app2
What I have done is, protected /authazws/ with the agent "wsagent" as a FormBased Auth <not sure if it is allowded or not but just tried>. This didnt work as it recorded redirect response to the login form in the message I got it from SPS.
Could you help me?
RamVeer