How to manually update the authentication scheme of a realm.

book

Article ID: 50379

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

Description:

This technical note describes how to manually update the authentication scheme in a realm by using XPSExplorer.

Solution:

Type what is between brackets [ ]

  1. Open a terminal or command prompt, navigate to \siteminder\bin and start XPSExplorer

  2. Go to Realm [41]

  3. Search the realms [S]

    Output:

    1. CA.SM::[email protected]

      (I) Name : "06-0dc8052d-c84e-47b3-9f5c-98ecd0c46192"
      (C) Desc : "* Please do not edit this realm! This is a global realm. *"
      (C) ProtectAll : true
      (C) SessionType : <Non-persistent>

    2. CA.SM::[email protected]

      (I) Name : "REALM_1"
      (C) Desc : "* Please do not edit this realm! This is an application realm.*"
      (C) FullResourceFilter : "/R1-customAuth"
      (C) ProtectAll : true
      (C) ResourceFilter : "/R1-customAuth"
      (C) SessionType : <Non-persistent>

    3. CA.SM::[email protected]

      (I) Name : "REALM_2"
      (C) Desc : "* Please do not edit this realm! This is an application realm.*"
      (C) FullResourceFilter : "/R2-basicAuth"
      (C) ProtectAll : true
      (C) ResourceFilter : "/R2-BasicAuth"
      (C) SessionType : <Non-persistent>

  4. Locate what realm you need to modify.

    For example, the 3rd realm, called "REALM_2": type [3]

  5. You need now to modify the authentication scheme, type [4]

    04: AuthSchemeLink = CA.SM::[email protected]

  6. Then type [?] to get a list of all available authentication schemes.

  7. Locate the authentication scheme you want to replace the current with and type its number

    Example:

    21-CA.SM::[email protected]
    (I) Name : "TransPolar"
    (C) Level : 5
    (C) Library : "smauthhtml"
    (C) Param : "http://iamw3e2awa4C1.ca.com/siteminderagent/forms/transpolar.fcc;ACS=0;REL=0"

    Type [21]

  8. Validate the new configuration [V]

  9. Update the new configuration [U]

Then quit XPSEXplorer with as many [Q] as needed

Note: The change will not appear immediately in the WAMUI.

Environment

Release:
Component: SMPLC