How to make pages with a particular query string in the URL as Unprotected?
search cancel

How to make pages with a particular query string in the URL as Unprotected?

book

Article ID: 53693

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

Description:

Customer wants to have the following 4 URLS which have Query String appended to them should not be protected by Siteminder. How this can be configured and achieved in Siteminder?

/connection/webconn?pagexy=AA_CHGPWD
/connection/webconn?pagexy=BB_STATORD
/connection/webconn?pagexy=CC_HELP

Solution:

To make the above mentioned URL's having Query Strings as NOT-protected by SiteMinder; Customer should make use of unprotected realms.

Unprotected Realms

By default when a realm is created, it is in a protected state. In a protected realm, all resources are protected against access. To allow access, a rule must be defined, and then included in a policy.

When you create a realm in an unprotected state, you must configure rules before SiteMinder protects the resources in the realm. If you create a rule for resources in the unprotected realm, only the specified resources are protected. Once the resource is protected, the rule must be added to a policy to allow users to access the resource. You may want to use an unprotected realm if only a subset of the resources in a realm need to be protected from unauthorized access.

For More information about Unprotected Realms - You can read the Policy Server Configuration Guide; Section-Unprotected Realms, Rules, and Policies.

Here is the link for the online CA SiteMinder Policy Server Configuration Guide for R12-SP3
https://support.ca.com/cadocs/0/h003401e.pdf.

Now here is how to make your above mentioned 4 URL's as unprotected-

Create 4 realms and Make them unprotected (To make a realm unprotected go to the selected Realm properties and under the section named Default Resource Protection ->check the radio button -"unprotected").

Do not create any rules under these realms.

In the Resource Filter For the first realm enter-
/connection/webconn?pagexy=AA_CHGPWD

Similarly, in Resource Filter for rest of the three realms enter your remaining three URL's.

Now, These 4 realms and the URL's are unprotected by SiteMinder.

Later, if you need to protect any of these URL's you can create a rule under these realms and then add the rule to the policy.

Environment

Release:
Component: SMPLC

Attachments

1558535551134TEC491859.zip get_app
Powered by Wolken Software