| Name
|
|
|
|
|
| enableSecurityTokenAttribute
|
N
|
Y
|
N
|
Controls if the security token that was authenticated should be included in the AttributeStatement of the issued SAML assertion.
Default: Checked.
|
| enableSAMLAttributesPurge
|
|
|
|
Controls if AttributeStatements of the authenticated assertion should be included in the AttributeStatements of the issued SAML assertion.
Default: Checked.
|
| enableHolderOfKeyAssertion
|
|
|
|
Controls if Holder-of-Key Subject Confirmation method should be used in the issued SAML assertion.
Select one of the following security token types:
- SAML 1.1 Token 1.1
- SAML 2.0 Token 1.1
-
|
| samlValiditySeconds
|
N
|
Y
|
Y
|
The duration of the validity of the SAML tokens.
Default: 600 s.
|
| tokenSigningService
|
N
|
Y
|
Y
|
The name of an Identity Provider resource that identifies the signer of the SAML tokens.
|
| smHostConfFileLocationOption
|
N
|
Y
|
N
|
The method for specifying the location of the SiteMinder configuration file.
- System Specific Default Location - Use the system-specific default location.
- Custom File Location - Use a custom configuration file. Enables the Custom Configuration File Name field.
- Generate - Use a generated configuration file. Enables the Generated Configuration File field and all other fields whose values are used in generating the configuration file.
Default: System Specific Default Location.
|
| smHostConfFileLocation
|
Y
|
Y
|
Y
|
The path to the configuration file.
Default: None.
|
| autoGeneratedSmHostConfFileLocation
|
Y
|
Y
|
Y
|
The path to which the generated configuration file is saved.
Default: None.
|
| hostName
|
Y
|
Y
|
Y
|
The name of the host.
Default: None.
|
| sharedSecret
|
Y
|
Y
|
Y
|
The host's shared secret.
Default: None.
|
| sharedSecretTime
|
Y
|
N
|
Y
|
The validity period for the shared secret.
Default: None.
|
| hostConfigObject
|
Y
|
Y
|
Y
|
The host's configuration object name.
Default: None.
|
| policyServer
|
Y
|
Y
|
Y
|
The URLs of the SiteMinder Policy Server.
Default: None.
|
| requestTimeout
|
Y
|
N
|
Y
|
The request timeout.
Default: 60 s.
|
| cryptoProvider
|
Y
|
N
|
Y
|
The name of the crypo provider.
Default: None.
|
| fipsMode
|
Y
|
N
|
N
|
The FIPS mode for the crypto provider.
- FIPS-Compatibility Mode - the environment uses existing SiteMinder algorithms to encrypt sensitive data.
- FIPS-Migration Mode - the SiteMinder Policy Server continues to use existing SiteMinder encryption algorithms as you migrate the environment to use only FIPS-compliant algorithms.
- FIPS-only Mode - the environment only uses FIPS-compliant algorithms to encrypt sensitive data.
Default: None.
|
| agentName
|
Y
|
Y
|
Y
|
The name of the SiteMinder agent that enforces access control policies provided by the Policy Server.
Default: None.
|
| resource
|
Y
|
N
|
Y
|
The name should match the corresponding value specified in the policy set or it should be left blank.
Default: None.
|
| clientIPAddress
|
Y
|
N
|
Y
|
The IP address of the machine on which the SiteMinder agent is installed.
Default: None.
|
