How to unprotect "/" while protecting all other resources under it
search cancel

How to unprotect "/" while protecting all other resources under it


Article ID: 10543


Updated On:


CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On SITEMINDER CA Single Sign On Agents (SiteMinder)


How can we unprotect the root "/" without creating multiple rules to protect the rest of the resources?

This tip will show a protect all under root URL except root page.

A customer wants to allow access to without requiring a login.
But anything under "/" must require login, for example    <= to be unprotected <= to be protected <= to be protected 



Policy server : r12.5 and above


1. Unprotect root resource. 
Create root realm (effective resource filter = "/" ) as unprotected so users would not be challenged. 

You can have '*' for the rule to unprotect all and have sub-realms. 


2. Use Regular Expression with '.' for the rule. 

Create a rule with a regular expression to trigger only when there is a value. (expression = ".") 

Yes, a dot only. 

"." matches a single character. It does not matter what character it is, except a newline.


It means "." would only match if there is a value. 

With this combination, the rule would not trigger when accessing
but it would for any request that is under it such as

Additional Information


* Regular Expression can be tested on websites found over the internet.

* Ignore Unprotected Resources

The other scenario that if particular URI to be unprotected is described following document.



1558707149896000010543_sktwi1f5rjvs16qky.png get_app
1558707147852000010543_sktwi1f5rjvs16qkx.png get_app