Access Resource Protected by JSAM Assertion
The Access Resource Protected by JSAM Assertion allows a policy to use the Single Sign-On (SSO) and Policy Service from an existing Java System Access Manager 7.0 or 7.1 deployment.
Access Resource Protected by JSAM Assertionallows a policy to use the Single Sign-On (SSO) and Policy Service from an existing
Java System Access Manager 7.0 or 7.1deployment.
For instructions on how to install this assertion, see Install the Java System Access Manager Assertion. Once installed, this assertion is available from both the Access Control and Custom Assertions palettes.
Note the following when using this assertion:
- You may receive an HTTP Basic authentication warning when the Access Resource Protected by JSAM assertion is used with these assertions: Require WS-Security UsernameToken Profile Credentials. You may ignore this policy validation warning.
- If the incoming request is coming through aXML VPN Client, be sure the "Pass Through HTTP Cookies" option is selected on the [XML VPN Client Policy] tab of the Gateway Account properties. For details, refer to the documentation for the XML VPN Client located here: docops.ca.com/xvc
- When running this assertion in the browser client, a triangular warning icon () may appear next to the dialog box when the assertion properties is displayed. You may ignore this icon.
Context Variables Created by This Assertion
The user attributes for a successfully authenticated user are available through the following context variables:
Inet User Status
The following illustrates how this custom assertion might be used in a policy:
"At least one assertion must evaluate to true" Require HTTP Basic CredentialsRequire HTTP Cookie: iPlanetDirectoryPro Access Resource Protected by JSAM Route via HTTP(S) to URL
Using the Assertion
- Do one of the following:
- To add the assertion to the policy development window, drag and drop the assertion from the palette.
- To change the configuration of an existing assertion, proceed to step 2 below.
- Right-clickAccess Resource Protected by JSAMin the policy window and selectJSAM: Access Resource Protected by JSAMor double-click the assertion in the policy window. The assertion properties are displayed.
- Configure the dialog as follows:SettingDescriptionRealmEnter the name of the realm defined on the Java System Access Manager Server.ResourceEnter the protected resource URL defined in a JSAM policy. Be sure to include the port number. For example:http://server:80/WebApp/Service1.asmxActionEnter the allowed action, as defined in a JSAM policy. For example,POSTorGET. The default is POST.
- Click [OK]