We'd like to know if it is possible in SiteMinder to protect an random
url, based on the backend server answer ?
To illustrate the flow :
Browser requests :
where <abc> is any arbitrary URL text.
Policy Server should protect this URL if the backend Web Service
Is that possible ?
Policy Server 12.8
Out of the box, there's no configuration available to implement
this. The Web Agent will be the first to catch the request and
evaluate if it's protected or not. There's no such feature to send the
protection decision based on a backend service. I'm not sure this can
be implemented neither as this might open a security breach.
You might think to implement the flow in order to make the request to
the backend web service first, bypassing the Web Agent. Then on
custom code, if protected, the request flow continue or not to the Web
If there's any chance to implement this functionality in our product,
you can try to set an Enhancement Request by writing an idea :
1. Go to the "All Ideas" page :
2. Click on the "Add" button.
3. In the "Select categories...", select "Layer7 Access Management".
4. Write a title in the "title" box.
5. Write a complete description of the Enahcement Request or
Certification you'd like to post.
6. Click on "Save" to get the Idea submitted !