SiteMinder Authentication Resources

The SiteMinder Authentication resource template represents a SiteMinder authentication service.

Property Required? Editable? Accepts SVARs? Description
Name      
enableSecurityTokenAttribute N Y N Controls if the security token that was authenticated must be included in the AttributeStatement of the issued SAML assertion.

Default: Checked.

enableSAMLAttributesPurge       Controls if AttributeStatements of the authenticated assertion must be included in the AttributeStatements of the issued SAML assertion.

Default: Checked.

enableHolderOfKeyAssertion       Controls if Holder-of-Key Subject Confirmation method must be used in the issued SAML assertion.

Select one of the following security token types:

  • SAML 1.1 Token 1.1
  • SAML 2.0 Token 1.1
samlValiditySeconds N Y Y

The duration of the validity of the SAML tokens.

Default: 600 s.

tokenSigningService N Y Y

The name of an Identity Provider resource that identifies the signer of the SAML tokens.

smHostConfFileLocationOption N Y N

The method for specifying the location of the SiteMinder configuration file.

  • System Specific Default Location - Use the system-specific default location.
  • Custom File Location - Use a custom configuration file. Enables the Custom Configuration File Name field.
  • Generate - Use a generated configuration file. Enables the Generated Configuration File field and all other fields whose values are used in generating the configuration file.

Default: System Specific Default Location.

smHostConfFileLocation Y Y Y

The path to the configuration file.

Default: None.

autoGeneratedSmHostConfFileLocation Y Y Y

The path to which the generated configuration file is saved.

Default: None.

hostName Y Y Y

The name of the host.

Default: None.

sharedSecret Y Y Y

The host's shared secret.

Default: None.

sharedSecretTime Y N Y

The validity period for the shared secret.

Default: None.

hostConfigObject Y Y Y

The host's configuration object name.

Default: None.

policyServer Y Y Y

The URLs of the SiteMinder Policy Server.

Default: None.

requestTimeout Y N Y

The request timeout.

Default: 60 s.

cryptoProvider Y N Y

The name of the crypo provider.

Default: None.

fipsMode Y N N

The FIPS mode for the crypto provider.

  • FIPS-Compatibility Mode - the environment uses existing SiteMinder algorithms to encrypt sensitive data.
  • FIPS-Migration Mode - the SiteMinder Policy Server continues to use existing SiteMinder encryption algorithms as you migrate the environment to use only FIPS-compliant algorithms.
  • FIPS-only Mode - the environment only uses FIPS-compliant algorithms to encrypt sensitive data.

Default: None.

agentName Y Y Y

The name of the SiteMinder agent that enforces access control policies provided by the Policy Server.

Default: None.

resource Y N Y

The name must match the corresponding value specified in the policy set or it must be left blank.

Default: None.

clientIPAddress Y N Y

The IP address of the machine on which the SiteMinder agent is installed.

Default: None.