SiteMinder Authentication

The SiteMinder Authentication resource template represents a SiteMinder authentication service.

General

Note: You must install unlimited jurisdiction files on nodes that will run SiteMinder resource instances.
Property Editable? Required? Accepts SVars? Description
Agent Name Y Y Y The name of the SiteMinder agent that enforces access control policies provided by the Policy Server.

Default: None.

Client IP Address Y N Y The IP address of the machine on which the SiteMinder agent is installed.

Default: None.

Protected Resource Name Y N Y The name should match the corresponding value specified in the policy set or it should be left blank.

In Policy Director deployments, the name should match the corresponding value specified in the Governance Control or it should be left blank.

Default: None.

SAML Options

SAML assertions are accessed from a security context and can be propagated between components to achieve single sign-on.

Property Required? Editable? Accepts SVars? Description
Validity of SAML Tokens (s) N Y Y The duration of the validity of the SAML tokens.

Default: 600 s.

Enable Security Token Attribute N Y N

(Not Applicable to some resource templates)

Indicate whether an attribute that contains a security token should be enabled.

In Policy Director deployments, this checkbox should be checked.

Default: Unchecked.

Signer of SAML Tokens N Y Y The name of an Identity Provider resource that identifies the signer of the SAML tokens.

Configuration File

Property Editable? Required? Accepts SVars? Description
Host Configuration File Option N Y N The method for specifying the location of the SiteMinder configuration file.
  • System Specific Default Location - Use the system-specific default location.
  • Custom File Location - Use a custom configuration file. Enables the Custom Configuration File Name field.
  • Generate - Use a generated configuration file. Enables the Generated Configuration File field and all other fields whose values are used in generating the configuration file.

Default: System Specific Default Location.

Configuration File Custom Location Y Y Y The path to the configuration file.

Default: None.

Generated Configuration File Name   Y Y Y The path to which the generated configuration file is saved.

Default: None.

Trusted Host Name   Y Y Y The name of the host.

Default: None.

Host Configuration Object Y Y Y The host's configuration object name.

Default: None.

Shared Secret Y Y Y The host's shared secret.

Default: None.

Policy Server Y Y Y The URLs of the SiteMinder Policy Server.

Default: None.

Shared Secret Time   Y N Y The validity period for the shared secret.

Default: None.

Crypto Provider Y N Y The name of the crypo provider.

Default: None.

Request Timeout (s)   Y N Y The request timeout.

Default: 60 s.

FIPS Mode Y N N The FIPS mode for the crypto provider.
  • FIPS-Compatibility Mode - the environment uses existing SiteMinder algorithms to encrypt sensitive data.
  • FIPS-Migration Mode - the SiteMinder Policy Server continues to use existing SiteMinder encryption algorithms as you migrate the environment to use only FIPS-compliant algorithms.
  • FIPS-only Mode - the environment only uses FIPS-compliant algorithms to encrypt sensitive data.

Default: None.

Note: When you configure a shared resource for SiteMinder configuration, ensure that you select Enable SecurityToken Attribute on the SAML Options tab.