Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Look up keyword or section
Like this
2Activity

Table Of Contents

Contents
Chapter 1: SiteMinder Secure Proxy Server Overview
Introduction to the Secure Proxy Server
Proxy Server Architecture
Reverse Proxy Server Architecture
Architecture
SPS Component Architecture
Product Features
Product Limitations
SPS in an Enterprise
SPS as a Centralized Access Control Filter
SPS Support for Cookieless Sessions
SPS Support for Extranet Access Control
Chapter 2: Installing and Uninstalling the Secure Proxy Server
Before You Install
Requested Host Registration Information
Requested Apache Web Server Information
Install the SPS on Windows
Install the SPS on UNIX
Install the SPS in GUI Mode
To install the SPS in GUI Mode
Install the SPS in Console Mode
To install the SPS in console mode
Cancel the SPS Installation
Run the Configuration Wizard
To run the configuration wizard
To uninstall SPS from a UNIX system
Uninstall the SPS from a Windows System
Configuring the SPS
Chapter 3: Upgrading the Secure Proxy Server
SPS Upgrade Overview
Upgrading from SPS v5.5 or v1.1
Additional Tasks for Upgrades
Modify the Default Location of the SiteMinder Forms
Duplicate Custom Settings
To duplicate custom settings
Customize JVM Parameters
Chapter 4: Using the SPS with Federation Security Services
Federation Security Services Introduction
SPS Use Cases in a SiteMinder Federated Environment
Use Case 1: Single Sign-on Based on Account Linking
Use Case 2: Single Sign-on Based on User Attribute Profiles
Use Case 3: Single Sign-on with No Local User Account
Use Case 4: Extended Networks
SPS Roles in a SiteMinder Federated Environment
Solutions for SPS Use Cases
Solution 1: SSO Based on Account Linking
Solution 2: SSO Using User Attribute Profiles
Solution 3: SSO with No Local User Account
Solution 4: SSO in an Extended Network
Cookieless Federation
Enable Cookieless Federation at the Consuming Side
To enable cookieless federation for SPS at the consuming side
SPS As a Web Agent Replacement
Prerequisites for Using the SPS as a Web Agent Replacement
Configuring the SPS as a Web Agent Replacement for Federation
SPS as a Federation Gateway
Prerequisites for Using the Federation Gateway
Configuring the SPS Federation Gateway
Limitations of the SPS Federation Gateway
Chapter 5: Security Zones on SPS
Overview Single Sign-on Security Zones
Parameters for Security Zones
Configure SPS Security Zones
To configure SPS Security Zones
Chapter 6: Configuring the Apache Web Server
Apache Web Server Configuration File
Chapter 7: Configuring the SPS Server Settings
SPS Server.conf File Overview
Modifying the Server.conf File
General Server Settings in the Server.conf File
Logging Settings in the Server.conf File
Header Setting for Requests without SMSESSION Cookies
SSL Settings in the Server.conf File
Session Store Settings in the Server.conf File
Service Dispatcher Settings in the Server.conf File
Proxy and Redirect Settings in the Server.conf File
Proxy Service Configuration
Connection Pooling Recommendations
Redirect Service Configuration
Session Scheme Settings in the Server.conf File
Establishing a User Session
Default Session Scheme
SSL ID Session Scheme
IP Address Session Scheme
Mini-cookies Session Scheme
Simple URL Rewriting Session Scheme
Wireless Device ID Session Scheme
Uses for Each Session Scheme
Multiple Session Schemes for Virtual Hosts
Deleting Attribute Cookies for Cookieless Federation
User Agent Settings in the Server.conf
Nokia User Agent Settings
Virtual Host Settings in the Server.conf File
Setting Virtual Host Cookie Path and Domain to the Correct URI
Handling Large Files Using Data Blocks
Session Scheme Mapping for the Default Virtual Host
Web Agent Settings for the Default Virtual Host
Handling Redirects by Destination Servers
Proxy Rules Overview
Planning Routes for Incoming Requests
Proxy Rules Terminology
Establish a Proxy Rules Configuration File
Proxy Rules DTD
nete:proxyrules
nete:case
Forward and Redirect Syntax
nete:cond
nete:default
nete:forward
nete:redirect
nete:local
nete:xprcond
How nete:xprcond Elements Works
Regular Expression Syntax
Regular Expression Examples in nete:rule and nete:result
Header Values in Forwards, Redirects, and Results Filters
Dynamic Header Value in a nete:forward
Dynamic Header Value in a nete:redirect
Dynamic Header Value in a nete:result
Response Handling
Modify Proxy Rules
Sample Proxy Rules Configuration Files
Proxy Rules Example—Routing Requests by Virtual Host
Proxy Rules Example—Routing Requests by Header Value
Proxy Rules Example—Routing Requests by Device Type
Proxy Rules Example—Routing Requests with URIs
Proxy Rules Example—Routing Requests by File Extension
Proxy Rules Example—Routing Requests with Nested Conditions
Proxy Rules Example—Using Regular Expression in Proxy Rules
Chapter 9: Deploying the SPS
SPS Deployment in an Enterprise
Sticky-Bit Load Balancing
Proxying to Trusted Sites vs. Non-Trusted Sites
Configuring Virtual Hosts for the SPS
Edit Configuration Files for Apache Web Server
Implementing Session Scheme Mappings for Multiple Virtual Hosts
Chapter 10: Integrating the SPS with SiteMinder
How the SPS Interacts with SiteMinder
Authentication Scheme Considerations
Proxy-Specific WebAgent.conf Settings
Avoiding Policy Conflicts with Destination Server Web Agents
Configuring SiteMinder Rules that Redirect Users
Password Services for SPS
Configure a Password Policy for SPS
To configure a password policy for SPS
Verify Password Services for SPS
Configuring Managed Self Registration for the SPS
Install Support for Registration Services
Install a Web Agent for MSR
Configure the Policy Server User Interface for MSR
To configure the policy server user interface for MSR
Firewall Considerations
Keep Alive and Connection Pooling
HTTP Header Configuration for Sun Java Web Servers
New HTTP Header for SiteMinder Processing with SPS
Handling Encoded URLs
Chapter 11: SSL and the Secure Proxy Server
Keys and Server Certificates Management
Generate a Private RSA Key
RSA Key Decryption
RSA Key Encryption
Modify the Passphrase for an RSA Key
Create Certificate Signing Request
Create a Self-Signed Certificate
Obtain Certificate Signed by a CA
Install a Signed Certificate
Enable SSL on the Secure Proxy Server
Enable SSL for Virtual Hosts
Chapter 12: SPS APIs
Session Scheme API
Overview of Session Scheme API Processing
Implement a Custom Session Scheme
Configure Rewritable Session Schemes
Use an IP Address Session Scheme
Session Storage API
Filter API Overview
How SPS Processes Custom Filters
Associate Custom Filters to Proxy Rules
Filter API Class File
ProxyFilter Interface
BaseProxyFilter Abstract Implementation
ProxyFilterConfig Interface
ProxyResponse Interface
ProxyFilterException Class
Implement a Filter
Using a Filter to Rewrite Absolute Links in a Requested Page
Unable to Start Apache on UNIX systems
Need to Modify DNS Caching in the SPS
No Root Permissions
Cannot Start the SPS Server
I cannot start the server
Cannot Access the SPS with a Browser
Unknown Server Name
Issues Configuring Virtual Hosts
Command not found Error Received
SPS Not Forwarding Requests
0 of .
Results for:
No results containing your search query
P. 1
h002921e

h002921e

Ratings: (0)|Views: 339|Likes:
Published by hpg1234

More info:

Published by: hpg1234 on Feb 13, 2011
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

11/15/2011

pdf

text

original

You're Reading a Free Preview
Pages 5 to 20 are not shown in this preview.
You're Reading a Free Preview
Pages 25 to 30 are not shown in this preview.
You're Reading a Free Preview
Pages 35 to 72 are not shown in this preview.
You're Reading a Free Preview
Pages 77 to 109 are not shown in this preview.
You're Reading a Free Preview
Pages 114 to 200 are not shown in this preview.

Activity (2)

You've already reviewed this. Edit your review.
1 thousand reads
1 hundred reads

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->