This section describes details that are common to both SiteMinder and
CA SOA Security Manager connections.
Agent Name:
Enter the name of the agent to connect to SiteMinder or SOA Security Manager
in the Agent Name field. This name must
correspond to the name of an agent previously configured in the CA Policy
Server.
Agent Configuration Object:
The name entered must match the name of the Agent Configuration Object (ACO)
configured in the CA Policy Server. The Enterprise Gateway currently
does not support any features represented by the ACO parameters except for the
PersistentIPCheck setting. For example, the Enterprise Gateway ignores
the DefaultAgent parameter, and uses the agent value it collects
separately during agent registration.
When the PersistentIPCheck ACO parameter is set to yes ,
this instructs the Enterprise Gateway to compare the IP address from the last request (stored
in a persistent cookie) with the IP address in the current request to see if they
match. If the IP addresses do not match, the Enterprise Gateway rejects the request. If
this parameter is set to no , this check is disabled.
Connection Details:
The Enterprise Gateway host machine must be registered with SiteMinder or
SOA Security Manager. To register the host machine, you must use
the smreghost tool on the Enterprise Gateway machine. The
smreghost tool creates a file called SmHost.conf .
You must then use the Browse button to upload this file
into the Enterprise Gateway configuration.
If you have already generated a suitable SmHost.conf
file, and have copied it to the machine on which you are running the
Policy Studio, you can browse to the location of this file using the
Browse button at the bottom right of the Connection
Details text area. After selecting the configuration file,
the connection details are displayed in this text area.
If you do not have a suitable SmHost.conf file,
you can generate one by running the smreghost command
on the machine running the Enterprise Gateway. Complete the following steps:
-
You need to run the
smreghost command on
the machine on which you have installed the Enterprise Gateway. The
smreghost tool is found in the
following location, depending on your target platform:
Windows: /win32/lib
Linux: /Linux.i386/bin
Solaris: /SunOS.sun4u-32/bin
-
Open a command prompt at this directory, and run the
smreghost command. You must pass
the appropriate command-line arguments, depending on the
hostname and hostconfigobject
configured to represent the Enterprise Gateway in the CA Policy
Server. Similarly, you must specify the hostname/IP and port of
the CA Policy Server.
-
The
smreghost tool writes its output to a
SmHosts.conf file in the same directory. You
must manually copy this file from the machine running the Enterprise Gateway
to the machine running the Policy Studio.
-
Browse to the location of this file using the Browse
button on the connection details dialog.
|