ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.
AdminUI realm configuration with asterix * wildcard
Article ID: 53054
Updated On:
Products
CA Single Sign On Secure Proxy Server (SiteMinder)
CA Single Sign On SOA Security Manager (SiteMinder)
CA Single Sign-On
SITEMINDER
Issue/Introduction
Planning to protect several resources as :
| Resource | Protection |
|-------------------+-------------|
| / (root) | protected |
| /person/_app_bin | unprotected |
| /contact/_app_bin | unprotected |
| /address/_app_bin | unprotected |
Can be all these resources being unprotected with having only 2 Realms
as :
| Realm | Protection |
|-------------+-------------|
| / (root) | protected |
| /*/_vti_bin | unprotected |
Or said in another way, can wildcards be used in Realm definition ?
Resolution
Wildcards in Realms are not supported. Only string are allowed
(1). They would be treated as literal character. And as such, note
that * are reserved characters in URL and should not be in usage (2).
Additional Information
(1)
Identify a Resource by Agent, Realm, and Rule
Realm Resource Filter
A string, such as a relative path to a directory, that specifies the
resources covered by the realm.
Rule Resource
A string or regular expression that specifies the resources to which
the rule applies
https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/siteminder/12-8/configuring/policy-server-configuration/realms.html
(2)
Recommendations
The asterisk ("*", ASCII 2A hex) and exclamation mark ("!" ,
ASCII 21 hex) are reserved for use as having special
signifiance within specific schemes.
https://www.w3.org/Addressing/URL/4_URI_Recommentations.html
Feedback
Yes
No
Powered by
