Name
|
|
|
|
|
enableSecurityTokenAttribute
|
N
|
Y
|
N
|
Controls if the security token that was authenticated should be included in the AttributeStatement of the issued SAML assertion.
Default: Checked.
|
enableSAMLAttributesPurge
|
|
|
|
Controls if AttributeStatements of the authenticated assertion should be included in the AttributeStatements of the issued SAML assertion.
Default: Checked.
|
enableHolderOfKeyAssertion
|
|
|
|
Controls if Holder-of-Key Subject Confirmation method should be used in the issued SAML assertion.
Select one of the following security token types:
- SAML 1.1 Token 1.1
- SAML 2.0 Token 1.1
-
|
samlValiditySeconds
|
N
|
Y
|
Y
|
The duration of the validity of the SAML tokens.
Default: 600 s.
|
tokenSigningService
|
N
|
Y
|
Y
|
The name of an Identity Provider resource that identifies the signer of the SAML tokens.
|
smHostConfFileLocationOption
|
N
|
Y
|
N
|
The method for specifying the location of the SiteMinder configuration file.
- System Specific Default Location - Use the system-specific default location.
- Custom File Location - Use a custom configuration file. Enables the Custom Configuration File Name field.
- Generate - Use a generated configuration file. Enables the Generated Configuration File field and all other fields whose values are used in generating the configuration file.
Default: System Specific Default Location.
|
smHostConfFileLocation
|
Y
|
Y
|
Y
|
The path to the configuration file.
Default: None.
|
autoGeneratedSmHostConfFileLocation
|
Y
|
Y
|
Y
|
The path to which the generated configuration file is saved.
Default: None.
|
hostName
|
Y
|
Y
|
Y
|
The name of the host.
Default: None.
|
sharedSecret
|
Y
|
Y
|
Y
|
The host's shared secret.
Default: None.
|
sharedSecretTime
|
Y
|
N
|
Y
|
The validity period for the shared secret.
Default: None.
|
hostConfigObject
|
Y
|
Y
|
Y
|
The host's configuration object name.
Default: None.
|
policyServer
|
Y
|
Y
|
Y
|
The URLs of the SiteMinder Policy Server.
Default: None.
|
requestTimeout
|
Y
|
N
|
Y
|
The request timeout.
Default: 60 s.
|
cryptoProvider
|
Y
|
N
|
Y
|
The name of the crypo provider.
Default: None.
|
fipsMode
|
Y
|
N
|
N
|
The FIPS mode for the crypto provider.
- FIPS-Compatibility Mode - the environment uses existing SiteMinder algorithms to encrypt sensitive data.
- FIPS-Migration Mode - the SiteMinder Policy Server continues to use existing SiteMinder encryption algorithms as you migrate the environment to use only FIPS-compliant algorithms.
- FIPS-only Mode - the environment only uses FIPS-compliant algorithms to encrypt sensitive data.
Default: None.
|
agentName
|
Y
|
Y
|
Y
|
The name of the SiteMinder agent that enforces access control policies provided by the Policy Server.
Default: None.
|
resource
|
Y
|
N
|
Y
|
The name should match the corresponding value specified in the policy set or it should be left blank.
Default: None.
|
clientIPAddress
|
Y
|
N
|
Y
|
The IP address of the machine on which the SiteMinder agent is installed.
Default: None.
|