When running an AdminUI and configuring 2 rules having that :
*.myapp*.net/*
*.myotherapp.net/*
- What would be the behaviour in the Browser ?
- Does Siteminder allows these patterns for Authentication and
Authorization ?
At first glance, as per this KD, the Realm configuration should be a
string. Regular expression are only available for the Rules (1).
Configuring with the following :
Realm : /*.myapp*.net
Rule : /*
protected with Basic
Then in the browser, access is granted without having to login :
http://wa.training.com/1.myapp1.net/allheaders.php
And trying to reach this URL which has reserved character, the Web
Agent returns 500 complaining that :
[ERROR][sm-HTTPAgent-00100] URL contains invalid characters.
Exiting with HTTP 500 server error '00-0002'.
http://wa.training.com/*.myapp*.net/allheaders.php
To correct that behavior, putting the regular expression into the rule
definition for that to work.
Realm : /
Rule : *.myapp*.net/*
protected with Basic
Then in the browser, access is requested to login with Basic
Authentication Scheme :
http://wa.training.com/1.myapp1.net/allheaders.php
and access is granted after giving the expected credentials.
(1)
AdminUI realm configuration with asterix * wildcard
Wildcards in Realms are not supported. Only string are allowed
(1). They would be treated as literal character. And as such, note
that * are reserved characters in URL and should not be in usage
(2).
https://knowledge.broadcom.com/external/article?articleId=53054