Administrator Parameters
The following examples illustrate the results of the several possible combinations of settings for the administrator parameters.
cim1265
The following examples illustrate the results of the several possible combinations of settings for the administrator parameters.
If
use_admin_id = false
, and require_sm_headers = true
, the admin ID is in the session. The ID has been authorized for this request by CA SSO or CA SOA Security Manager.The previous settings are the default settings.
With these settings,
CA Identity Manager
uses the ID in the session, even if an ID is specified in < admin_id>.Code Example
<init-param><param-name>use_admin_id</param-name><param-value>false</param-value></init-param><init-param><param-name>require_sm_headers</param-name><param-value>true</param-value></init-param>
If
use_admin_id = true
, and require_sm_headers = false
, the admin ID is specified in < admin_id>. CA Identity Manager
does not verify whether the administrator is authorized for the request.With these settings,
CA Identity Manager
does not check the session information for an ID.Typically, these settings are used when SiteMinder or SOA Security Manager is
not
protecting the web service end point.Code Example
<init-param><param-name>use_admin_id</param-name><param-value>true</param-value></init-param><init-param><param-name>require_sm_headers</param-name><param-value>false</param-value></init-param>
If
use_admin_id = true
, and require_sm_headers = true
, the admin ID is specified in < admin_id>. CA Identity Manager
does not verify whether the administrator is authorized for the request.With these settings,
CA Identity Manager
validates that SiteMinder headers are present in the request. Typically, these settings are used to provide impersonation functionality for the request.
Code Example
<init-param>�� <param-name>use_admin_id</param-name><param-value>true</param-value></init-param><init-param><param-name>require_sm_headers</param-name><param-value>true</param-value></init-param>