dynamic protection of resources
search cancel

dynamic protection of resources


Article ID: 135877


Updated On:


CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On Agents (SiteMinder) CA Single Sign On Federation (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On SITEMINDER


We'd like to know if it is possible in SiteMinder to protect an random

url, based on the backend server answer ?

To illustrate the flow :

Browser requests :


  where <abc> is any arbitrary URL text.

Policy Server should protect this URL if the backend Web Service

returns "PROTECTED".

Is that possible ?


Policy Server 12.8


Out of the box, there's no configuration available to implement

this. The Web Agent will be the first to catch the request and

evaluate if it's protected or not. There's no such feature to send the

protection decision based on a backend service. I'm not sure this can

be implemented neither as this might open a security breach.

You might think to implement the flow in order to make the request to

the backend web service first, bypassing the Web Agent. Then on

custom code, if protected, the request flow continue or not to the Web


If there's any chance to implement this functionality in our product,

you can try to set an Enhancement Request by writing an idea :

  1. Go to the "All Ideas" page :


  2. Click on the "Add" button.

  3. In the "Select categories...", select "Layer7 Access Management".

  4. Write a title in the "title" box.

  5. Write a complete description of the Enahcement Request or

     Certification you'd like to post.

  6. Click on "Save" to get the Idea submitted !