How to make pages with a particular query string in the URL as Unprotected?

Document ID : KB000053693
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

Customer wants to have the following 4 URLS which have Query String appended to them should not be protected by Siteminder. How this can be configured and achieved in Siteminder?

/connection/webconn?pagexy=AA_CHGPWD
/connection/webconn?pagexy=BB_STATORD
/connection/webconn?pagexy=CC_HELP

Solution:

To make the above mentioned URL's having Query Strings as NOT-protected by SiteMinder; Customer should make use of unprotected realms.

Unprotected Realms

By default when a realm is created, it is in a protected state. In a protected realm, all resources are protected against access. To allow access, a rule must be defined, and then included in a policy.

When you create a realm in an unprotected state, you must configure rules before SiteMinder protects the resources in the realm. If you create a rule for resources in the unprotected realm, only the specified resources are protected. Once the resource is protected, the rule must be added to a policy to allow users to access the resource. You may want to use an unprotected realm if only a subset of the resources in a realm need to be protected from unauthorized access.

For More information about Unprotected Realms - You can read the Policy Server Configuration Guide; Section-Unprotected Realms, Rules, and Policies.

Here is the link for the online CA SiteMinder Policy Server Configuration Guide for R12-SP3
https://support.ca.com/cadocs/0/h003401e.pdf.

Now here is how to make your above mentioned 4 URL's as unprotected-

Create 4 realms and Make them unprotected (To make a realm unprotected go to the selected Realm properties and under the section named Default Resource Protection ->check the radio button -"unprotected").

Do not create any rules under these realms.

In the Resource Filter For the first realm enter-
/connection/webconn?pagexy=AA_CHGPWD

Similarly, in Resource Filter for rest of the three realms enter your remaining three URL's.

Now, These 4 realms and the URL's are unprotected by SiteMinder.

Later, if you need to protect any of these URL's you can create a rule under these realms and then add the rule to the policy.

File Attachments:
TEC491859.zip