Is it secure to use the IgnoreExt parameter on the protecting Site Minder web agent with regard to the .js files of Identity Manager?

book

Article ID: 48852

calendar_today

Updated On:

Products

DIRECTORY CA Identity Manager CA Identity Governance CA Identity Portal CA Risk Analytics CA Secure Cloud SaaS - Arcot A-OK (WebFort) CLOUDMINDER ADVANCED AUTHENTICATION CA Secure Cloud SaaS - Advanced Authentication CA Secure Cloud SaaS - Identity Management CA Secure Cloud SaaS - Single Sign On SECURITY MISC CODES SINGLE SIGN ON - LEGACY CA Data Protection (DataMinder) CA User Activity Reporting

Issue/Introduction

Description:

The Site Minder web agent configuration object includes a parameter called: IgnoreExt which basically allows for a list of file extensions to be ignored by the web agent.

Solution:

There is no security risk associated with using the IgnoreExt parameter for the .js files.

The reason being is that the web agent already is protecting the IME and its protected alias. Therefore a call to an internal .js file is already protected by the fact it's included in a protected realm.

Environment

Release: CAPUEL99000-12.5-Identity Manager-Blended upgrade to Identity &-Access Mgmt Ente
Component: