asp.net pdf reader : Change page size of pdf document Library application API .net html web page sharepoint j-sa-sslvpn-7.1-adminguide23-part741

CreatingaSiteMinderDomainfortheSASeriesSSLVPNAppliance
WithinSiteMinder,apolicydomainisalogicalgroupingofresourcesassociatedwithone
ormoreuserdirectories.Policydomainscontainrealms,responses,andpolicies.When
configuringtheSASeriesSSLVPNAppliancetoworkwithSiteMinder,youmustgiveSA
SeriesusersaccesstoaSiteMinderresourcewithinarealm,andthengrouptherealm
intoadomain.
ToconfigureaSiteMinderdomainfortheSASeriesSSLVPNAppliance:
1.
ChoosetheSystemtab,right-clickonDomainsandchooseCreateDomain,orclick
onDomainsandchooseanexistingSiteMinderdomain.
2.
Addarealmtothedomain.
Related
Documentation
ConfiguringSiteMindertoWorkwiththeSecureAccessServiceonpage191
CreatingaSiteMinderRealmfortheSecureAccessServiceonpage195
CreatingaSiteMinderRealmfortheSASeriesSSLVPNAppliance
WithinSiteMinder,arealmisaclusterofresourceswithinapolicydomaingrouped
togetheraccordingtosecurityrequirements.WhenconfiguringSiteMindertoworkwith
theSASeriesSSLVPNAppliance,youmustdefinerealmstodeterminewhichresources
SASeriesusersmayaccess.
WithinSiteMinder,arealmisaclusterofresourceswithinapolicydomaingrouped
togetheraccordingtosecurityrequirements.WhenconfiguringSiteMindertoworkwith
theSASeriesSSLVPNAppliance,youmustdefinerealmstodeterminewhichresources
SASeriesusersmayaccess.
1.
IntheSiteMinderAdministrationinterface,selecttheDomainstab.
2.
ExpandthedomainthatyoucreatedfortheSASeriesSSLVPNAppliance.
3.
Right-clickonRealmsandchooseCreateRealm.
4.
Enteranameand(optionally)descriptionfortherealm.
5.
IntheAgentfield,selecttheWebagentthatyoucreatedfortheSASeriesSSLVPN
Appliance.
6.
IntheResourceFilterfield,enteraprotectedresource.Thisresourceinheritsthe
protectionlevelspecifiedinthecorrespondingauthenticationscheme.Forthedefault
protectionlevel,enter/ive-authentication.Notethatyouneedtoenterthisresource
whenconfiguringtheSASeriesSSLVPNAppliance.Or,ifyouusesign-inpolicieswith
nondefaultURLssuchas*/neteor*/cert,youmusthavecorrespondingresource
filtersintheSiteMinderconfiguration.
7.
FromtheAuthenticationSchemeslist,selecttheschemethatyoucreatedforthe
SASeriesSSLVPNAppliance.
8.
ClickOK.
195
Copyright©2012,JuniperNetworks,Inc.
Chapter8:AuthenticationandDirectoryServers
Change page size of pdf document - Compress reduce PDF size in C#.net, ASP.NET, MVC, Ajax, WinForms, WPF
C# Code & .NET API to Compress & Decompress PDF Document
batch reduce pdf file size; pdf edit text size
Change page size of pdf document - VB.NET PDF File Compress Library: Compress reduce PDF size in vb.net, ASP.NET, MVC, Ajax, WinForms, WPF
VB.NET PDF Document Compression and Decompression Control SDK
pdf paper size; advanced pdf compressor online
Related
Documentation
ConfiguringSiteMindertoWorkwiththeSecureAccessServiceonpage191
CreatingaSiteMinderDomainfortheSecureAccessServiceonpage195
CreatingaRule/ResponsePairtoPassUsernamestotheSASeriesSSLVPNAppliance
WithinSiteMinder,youcanuserulestotriggerresponseswhenauthenticationor
authorizationeventstakeplace.AresponsepassesDNattributes,statictext,or
customizedactiveresponsesfromtheSiteMinderpolicyservertoaSiteMinderagent.
WhenyouconfigureSiteMindertoworkwiththeSASeriesSSLVPNAppliance,youmust
createarulethatfireswhenausersuccessfullyauthenticates.Then,youmustcreatea
correspondingresponsethatpassestheuser’susernametotheSASeriesWebagent.
Tocreateanewrule:
1.
IntheSiteMinderAdministrationinterface,choosetheDomainstab.
2.
ExpandthedomainthatyoucreatedfortheSASeriesSSLVPNAppliance,andthen
expandRealms.
3.
Right-clickontherealmthatyoucreatedfortheSASeriesSSLVPNAppliance,and
chooseCreateRuleunderRealm.
4.
Enteranameand(optionally)descriptionfortherule.
5.
UnderAction,chooseAuthenticationEventsandthenselectOnAuthAcceptfrom
thedrop-downlist.
6.
SelectEnabled.
7.
ClickOK.
Tocreateanewresponse:
1.
IntheSiteMinderAdministrationinterface,choosetheDomainstab.
2.
ExpandthedomainthatyoucreatedfortheSASeriesSSLVPNAppliance.
3.
Right-clickonResponsesandselectCreateResponse.
4.
Enteranameand(optionally)adescriptionfortheresponse.
5.
SelectSiteMinderandthenselecttheSASeriesWebagent.
6.
ClickCreate.
7.
FromtheAttributelist,selectWebAgent-HTTP-Header-Variable.
8.
UnderAttributeKind,selectStatic.
9.
UnderVariableName,enterIVEUSERNAME.
10.
UnderVariableValue,enterausername.
11.
ClickOK.
Copyright©2012,JuniperNetworks,Inc.
196
JunosPulseSecureAccessServiceAdministrationGuide
C# PDF insert text Library: insert text into PDF content in C#.net
Insert formatted text and plain text to PDF page using .NET XDoc.PDF component in C#.NET class. Ability to change text font, color, size and location and
pdf page size; change font size in fillable pdf form
C# PDF Text Box Edit Library: add, delete, update PDF text box in
Support to change font color in PDF text box. Ability to change text size in PDF text box. Adding text box is another way to add text to PDF page.
best pdf compression tool; adjust size of pdf
Related
Documentation
ConfiguringSiteMindertoWorkwiththeSecureAccessServiceonpage191
ConfiguringtheSiteMinderAgentonpage192
ConfiguringSecureAccesstoWorkwithSiteMinder
ThissectionincludesinstructionsforconfiguringSecureAccesstoworkwithaSiteMinder
policyserver.
ConfiguringSecureAccesstoWorkwithMultipleAuthenticationSchemes
ToconfigureSecureAccesstoworkwithmultipleSiteMinderauthenticationschemes,
youmust:
1.
ConfiguretheauthenticationschemesontheSiteMinderpolicyserver.
2.
CreateoneSecureAccessinstanceoftheSiteMinderpolicyserverforallSiteMinder
authenticationschemesyouwanttouse.
3.
SpecifywhichSecureAccessrealmshouldusetheSecureAccessinstanceofthe
SiteMinderpolicyservertoauthenticateandauthorizeadministratorsandusers.
4.
ForeachprotectedresourceontheSiteMinderpolicyserver,createaSecureAccess
sign-inpolicy.IntheAuthentication>Authentication>SigningInPolicies>New
Sign-InPolicypage:
SpecifyaSecureAccesssign-inURLthatmatchestheSiteMinderprotectedresource
URLonthepolicyserver.MakethepathportionoftheURLmatchtheSiteMinder
resourcefilterintheSiteMinderrealmconfiguration.Forexample,youcanspecify
*/ACE/asaSecureAccesssign-inURLtomatchaSiteMinderURLofXYZ/ACE,
whereXYZisthenameofarealm.
SelecttheSecureAccessrealmthatyouspecifiedshouldusetheSiteMinderpolicy
server.
TheusersignsintoSecureAccessusingoneoftheSecureAccesssign-inURLs.Secure
AccesssendstheprotectedresourceURLtoSiteMinder,andbasedontheresource,
SiteMinderdetermineswhichtypeofschemetousetoauthenticatetheuser.Secure
Accesscollectsthecredentialsthattheauthenticationschemerequires,andthenpasses
themtoSiteMinderforauthentication.
ConfiguringSecureAccesstoGrantUsersDifferentProtectedResources
ToconfigureSecureAccesstograntusersaccesstovariousSiteMinderprotected
resources(andbyassociation,differentprotectionlevels),youmust:
1.
DefinewhichresourcestheSiteMinderservershouldprotect.Eachoftheseresources
inheritsaprotectionlevelfromacorrespondingSiteMinderauthenticationscheme.
2.
CreateoneSecureAccessinstanceoftheSiteMinderpolicyserverforallprotected
resourcesandcorrespondingprotectionlevelsthatyouwanttoallow.
197
Copyright©2012,JuniperNetworks,Inc.
Chapter8:AuthenticationandDirectoryServers
VB.NET Image: How to Create Visual Basic .NET Windows Image Viewer
can get a basic idea of the page layout from Apart from that, you are entitled to change the orientation You can accurately define the size and location of all
change file size of pdf; pdf file size limit
C# PDF Sticky Note Library: add, delete, update PDF note in C#.net
Able to change font size in PDF comment box. Using this .NET PDF annotation control, C# developers can add a sticky note to any position on PDF page.
best pdf compression; pdf text box font size
3.
SpecifywhichSecureAccessrealmshouldusetheSecureAccessinstanceofthe
SiteMinderpolicyserver.
4.
ForeachresourceontheSiteMinderpolicyserver,createaSecureAccesssign-in
policyforeachrealm-levelresourcefilter.Intheconfigurationpageforthesign-in
policy,specify:
ASecureAccesssign-inURLthatmatchestheprotectedresourceURLonthepolicy
server.MakethepathportionoftheURLmatchtheSiteMinderresourcefilter.For
example,youmaydefinethefollowingURLs:
https://employees.yourcompany.com/sales
https://employees.yourcompany.com/engineering
WhenuserssignintothefirstURL,theycanaccessthe“sales”protectedresource,
andwhentheysignintothesecondURL,theycanaccessthe“engineering”protected
resource.
Todefineadefaultresource(ive-authentication),enter*inthepathportionofthe
URL.
SelecttheSecureAccessrealmthatyouspecifiedshouldusetheSiteMinderpolicy
server.
Duringproduction,theusersignsintoSecureAccessusingoneoftheURLs.SecureAccess
extractstheprotectedresourcefromtheURLandauthenticatestheuseragainstthe
appropriaterealm.
DefininganeTrustSiteMinderServerInstance
WithinSecureAccess,aSiteMinderinstanceisasetofconfigurationsettingsthatdefines
howSecureAccessinteractswiththeSiteMinderpolicyserver.Afterdefiningthe
SiteMinderserverinstance,specifywhichSecureAccessrealm(s)shouldusetheSecure
AccessinstanceoftheSiteMinderpolicyservertoauthenticateandauthorize
administratorsandusers.
TodefineaneTrustSiteMinderserverinstance:
1.
Intheadminconsole,chooseAuthentication>Auth.Servers.
2.
Dooneofthefollowing:
TocreateanewserverinstanceonSecureAccess,selectSiteMinderServerfrom
theNewlist,andthenclickNewServer.
Toupdateanexistingserverinstance,clicktheappropriatelinkinthe
Authentication/AuthorizationServerslist.
3.
ConfiguretheserverusingthesettingsdescribedinTable14onpage199.
4.
ToaddSiteMinderuserattributestotheSiteMinderserverinstance:
a.
ClickServerCatalogtodisplaytheservercatalog.
b.
EntertheSiteMinderuserattributecookienameintheAttributefieldintheserver
catalogandthenclickAddAttribute.
Copyright©2012,JuniperNetworks,Inc.
198
JunosPulseSecureAccessServiceAdministrationGuide
C# PDF Convert: How to Convert Word, Excel, PowerPoint, Tiff
Support conversion to PDF from other documents, keeping original document page size. Support rendering image to a PDF document page, no change for image size.
change font size pdf document; change font size in pdf form field
C# PDF File Split Library: Split, seperate PDF into multiple files
into multiple files by outputting PDF file size. Using this C#.NET PDF document splitting library and accurately disassemble multi-page PDF document into two or
pdf form change font size; pdf files optimized
c.
Whenyouarefinishedaddingcookienames,clickOK.SecureAccessdisplaysthe
namesoftheSiteMinderuserattributecookiesintheAttributelistontheRole
MappingRulepage.
5.
ClickSaveChanges.
6.
SetadvancedSiteMinderconfigurationoptions(optional)usingthesettingsdescribed
inTable14onpage199.
Table14:eTrustSiteMinderConfigurationOptions
Description
Option
Enteranametoidentifytheserverinstance.
Name
EnterthenameorIPaddressoftheSiteMinderpolicyserverthatyou
wanttousetoauthenticateusers.
PolicyServer
Enteracomma-delimitedlistofbackuppolicyservers(optional).Then,
chooseafailovermode:
SelectYestohavetheSecureAccessapplianceusethemainpolicy
serverunlessitfails.
SelectNotohavetheSecureAccessapplianceloadbalanceamong
allthespecifiedpolicyservers.
BackupServer(s),
FailoverMode
Enterthesharedsecretandagentname..Notethattheseare
case-sensitive.
AgentName,
Secret
ChooseaSiteMinderserverversion.Version5.5supportsversions5.5
and6.0.Version6.0supportsonlyversion6.0oftheSiteMinderserver
API.Version12.0supportsonlyversion12.0.Thedefaultvalueis5.5policy
servers.
Compatiblewith
SpecifyaURLtowhichusersareredirectedwhentheysignoutofSecure
Access(optional).Ifyouleavethisfieldempty,usersseethedefault
SecureAccesssign-inpage.
Note:TheOnlogout,redirecttofieldisincludedintheproductrelease
forbackwards-compatibility,butisscheduledfordiscontinuance.Ifyou
wanttoredirectuserstoadifferentsign-inpagewhentheysignout,we
stronglyrecommendthatyouusethecustomizablesign-inpagesfeature
instead.Formoreinformation,seetheCustomSign-InPages Solution
Guide.
Onlogout,redirect
to
Specifyadefaultprotectedresource.Ifyoudonotcreatesign-inpolicies
forSiteMinder,SecureAccessusesthisdefaultURLtosettheuser’s
protectionlevelforthesession.SecureAccessalsousesthisdefaultURL
ifyouselecttheAutomaticSign-Inoption.Ifyourusersaresigninginto
the“*”URL(defaultSecureAccesssign-inpage),enteranyURL
(“/SecureAccess-authentication”isthedefault)tosettheprotection
leveltothedefaultSecureAccessvalue.Ifyoudocreatesign-inpolicies
forSiteMinder,SecureAccessusesthosesign-inpoliciesinsteadofthis
defaultURL.
Note:Youmustenteraforwardslash(/)atthebeginningoftheresource
(forexample,“/ive-authentication”).
ProtectedResource
199
Copyright©2012,JuniperNetworks,Inc.
Chapter8:AuthenticationandDirectoryServers
C# PDF Annotate Library: Draw, edit PDF annotation, markups in C#.
Able to edit and change PDF annotation properties such as font users how to add text comments on PDF page using C# text box to PDF and edit font size and color
change font size in pdf file; change page size of pdf document
VB.NET PDF File Split Library: Split, seperate PDF into multiple
PDF document file by defined page range in VB.NET class application. Divide PDF file into multiple files by outputting PDF file size. Split PDF document by PDF
pdf file compression; change paper size in pdf
Table14:eTrustSiteMinderConfigurationOptions (continued)
Description
Option
(Read-only)FornewSiteMinderserverinstances,SecureAccesssets
theresourceactiontoGET.IfyourSiteMinderinstanceisupgradedfrom
a3.xinstance,SecureAccessusestheresourceaction(forexample,
GET,POST,orPUT)thatyoupreviouslychose.Notethattochangean
existingresourceactiontoGET,youmustdeletetheoldSiteMinderserver
instanceandthencreateanewinstancethatusesGET.
ResourceAction
SMSESSIONcookiesettings
EnterthecookiedomainoftheSecureAccessdevice.(Acookiedomain
isadomaininwhichtheuser’scookiesareactive—SecureAccesssends
cookiestotheuser’sbrowserinthisdomain.)
Note:
Multipledomainsshouldusealeadingperiodandbe
comma-separated.Forexample:.sales.myorg.com,
.marketing.myorg.com
Domainnamesarecase-sensitive.
Youcannotusewildcardcharacters.
Forexample,ifyoudefine“.juniper.net”,theusermustaccessthe
SecureAccessdeviceas“http://ive.juniper.net”inordertoensurethat
hisSMSESSIONcookieissentbacktoSecureAccess.
CookieDomain
(Read-only)IndicatesthatSecureAccessusesHTTPSprotocoltosend
cookiestotheuser’sWebbrowser.
Protocol
EntertheInternetdomain(s)towhichSecureAccesssendsthe
SMSESSIONcookieusingthesameguidelinesoutlinedfortheCookie
Domainfield.(ASecureAccesscookiedomainenablessinglesign-on
acrossmultiplecookiedomains.Itallowsauser’sinformationtocarry
withhimwhenhenavigatesfromonedomaintoanother.)Ifyouhave
configuredacookieprovidertoenablesinglesign-onacrossmultiple
cookiedomains,enterthedomainofthecookieprovider.Otherwise,
enterthedomain(s)oftheWebagentsforwhichsinglesign-onisdesired.
Forexample:.juniper.net
IVECookie
DomainICCookie
Domain
ChooseHTTPStosendcookiessecurelyifotherWebagentsaresetup
toacceptsecurecookies,orHTTPtosendcookiesnon-securely.
Protocol
SiteMinderauthenticationsettings
Copyright©2012,JuniperNetworks,Inc.
200
JunosPulseSecureAccessServiceAdministrationGuide
Table14:eTrustSiteMinderConfigurationOptions (continued)
Description
Option
SelecttheAutomaticSign-Inoptiontoautomaticallysigninuserswho
haveavalidSMSESSIONcookieintoSecureAccess.Then,selectthe
authenticationrealmtowhichtheusersaremapped.Ifyouselectthis
option,notethat:
Iftheprotectionlevelassociatedwithauser’sSMSESSIONcookieis
differentfromtheprotectionleveloftheSecureAccessrealm,Secure
Accessusestheprotectionlevelassociatedwiththecookie.
Inordertoenablesinglesign-onfromanotherWebagenttoSecure
Access,SecureAccessneedstovalidateanexistingSMSESSIONcookie
createdbyastandardWebagent.
SecureAccesssupportsthefollowingrealmandrolelimitationswith
theAutomaticSign-infeature:HostChecker,CacheCleaner,IP
address,browser,andconcurrentuserlimitchecks.Certificateand
passwordrestrictionsarenotsupportedsincetheyarenotapplicable
toautomaticallysigned-inusers.
SecureAccessdoesnotsupporttheAutomaticSigninfeaturefor
administratorroles.Thisfeatureisonlyavailableforend-users.
WhenyouselecttheAutomaticSign-Inoption,youmustalso
configurethefollowingsub-options:
AutomaticSign-In
Toassignuserroles,usethisauthenticationrealm
Selectanauthenticationrealmforautomaticallysigned-inusers.
SecureAccessmapstheusertoarolebasedontherolemappingrules
definedintheselectedrealm.
IfAutomaticSignInfails,redirectto
EnteranalternativeURLforuserswhosignintoSecureAccessthrough
theAutomaticSign-Inmechanism.SecureAccessredirectsusersto
thespecifiedURLifSecureAccessfailstoauthenticateandnoredirect
responseisreceivedfromtheSiteMinderpolicyserver.Ifyouleavethis
fieldempty,usersarepromptedtosignbackintoSecureAccess.
Note:
UserswhosigninthroughtheSecureAccesssign-inpagearealways
redirectedbacktotheSecureAccesssign-inpageifauthentication
fails.
IfyouareusingthecustomizableUI(CustomPages)optionexplained
intheCustomSign-InPagesSolutionGuide.notethatSecureAccess
redirectstowelcome.cgiintwodifferentcases.Youmustaccountfor
bothofthesespecialcasesinyourcustompage:
Sessionandidletimeouts:/dana-na/auth/welcome.cgi?p=timed-out
Failedcookievalidation:/dana-na/auth/welcome.cgi?p=failed
Ifyouareusinganauthorization-onlyaccesspolicy,youmustenteran
alternativeURLinthisfieldregardlessofwhetheryouselectthe
AutomaticSignInoption.UsersareredirectedtothisURLwhen
SMSESSIONcookievalidationfailsorifnoSMSESSIONcookieexists.
201
Copyright©2012,JuniperNetworks,Inc.
Chapter8:AuthenticationandDirectoryServers
Table14:eTrustSiteMinderConfigurationOptions (continued)
Description
Option
ChoosethisoptionifyouwanttoauthenticateusingtheSecureAccess
customWebagent.Notethatifyouselectthisoption,youmustalso:
UpdateallofyourstandardWebagentstotheappropriateSiteminder
AgentQuarterlyMaintenanceRelease(QMR)inordertoacceptthe
cookiescreatedbySecureAccess.IfyouarerunningSiteMinderversion
5Webagents,usetheQMR5hotfix.SecureAccessiscompatiblewith
version5.xandlaterSiteMinderagents.OlderversionsofSiteMinder
agentsaresusceptibletocookievalidationfailures.
SettheAcceptThirdPartyCookieattribute(AcceptTPCookie)toyes
intheWebagent’sconfigurationfile(webagent.conf)orto1inthe
WindowsRegistryfortheIISWebserver.Thelocationoftheattribute
dependsontheSiteMinderversionandWebserveryouareusing.For
moreinformation,pleaserefertothedocumentationprovidedwith
yourSiteMinderserver.
Authenticateusing
customagent
Choosethisoptionifyouwanttopostusercredentialstoastandard
Webagentthatyouhavealreadyconfiguredratherthancontactingthe
SiteMinderpolicyserverdirectly.Ifyouselectthisoption,theWebagent
contactsthepolicyservertodeterminetheappropriatesign-inpageto
displaytotheuser.InordertoconfigureSecureAccessto“actlikea
browser”thatpostscredentialstothestandardWebagent,youmust
entertheinformationdefinedbelow.Theeasiestwaytofindthis
informationisto:
1. OpenaWebbrowserandentertheURLofthestandardwebagent
thatyouwanttouse.Forexample,http://webagent.juniper.net
2. NotetheURLoftheSiteMindersign-inpagethatappears.For
example:
http://webagent.juniper.net/siteminderagent/forms/login.fcc?TYPE=33554433&R
EALMOID=06-2525fa65-5a7f-11d5-9ee0-
0003471b786c&GUID=&SMAUTHREASO
N=0&TARGET=$SM$http%3a%2f%2fw
ebagent%2ejuniper%2enet%2fportal%2findex%2ejsp
3. ExtractinformationfromtheURLtoenterinthefieldsthatfollow.
Note:
4. YoucannotuseSecurIDNewPinandNextTokenmodes,client-side
certificateauthentication,orSNMPtrapswiththeAuthenticateusing
HTMLformpostoption.
5. TheAuthorizeWhileAuthenticatingoptionisnotapplicablewith
theHTMLformpostoption.
6. Youcanauthenticateusersusingthisoption,butifyouwantto
authorizethemaswell,youmustselectAuthenticateusingcustom
agent.
WhenyouselecttheAuthenticateusingHTMLformpostoption,
youmustalsoconfigurethefollowingsub-options:
Authenticateusing
HTMLformpost
Copyright©2012,JuniperNetworks,Inc.
202
JunosPulseSecureAccessServiceAdministrationGuide
Table14:eTrustSiteMinderConfigurationOptions (continued)
Description
Option
Target
URLontheexternal,eTrust-enabledWebserver.IntheWebagent
sign-inpageURL,thetargetappearsafter&TARGET=$SM$.For
example,intheURLshowninAuthenticateUsingHTMLFormPost,
thetargetis:
http%3a%2f%2fwebagent%2ejuniper%2enet%2fportal%2findex%2ejsp
Afterconvertingspecialcharacters(%3a=colon,%2f=backslash,
%2e=period),thefinaltargetis:
http://webagent.juniper.net/portal/index.jsp
Protocol
ProtocolforcommunicationbetweenSecureAccessandthespecified
Webagent.UseHTTPfornon-securecommunicationorHTTPSfor
securecommunication.IntheWebagentsign-inpageURL,the
protocolappearsfirst.Forexample,intheURLshowninAuthenticate
UsingHTMLFormPost,theprotocolisHTTP.
WebAgent
NameoftheWebagentfromwhichSecureAccessistoobtain
SMSESSIONcookies.AnIPaddressisnotallowedforthisfield.
(SpecifyingtheIPaddressastheWebagentpreventssomebrowsers
fromacceptingcookies.)IntheWebagentsign-inpageURL,theWeb
agentappearsaftertheprotocol.Forexample,intheURLshownabove
inAuthenticateUsingHTMLFormPost,theWebagentis:
webagent.juniper.net
Port
Port80forHTTPorport443forHTTPS.
Path
PathoftheWebagent’ssign-inpage.Notethatthepathmuststart
withabackslash(/)character.IntheWebagentsign-inpageURL,
thepathappearsaftertheWebagent.Forexample,intheURLshown
inAuthenticateUsingHTMLFormPost,thepathis:
/siteminderagent/forms/login.fcc
Parameters
Postparameterstobesentwhenausersignsin.CommonSiteMinder
variablesthatyoucanuseinclude__USER__,
__PASS__,and__TARGET__.Thesevariablesarereplacedbythe
usernameandpasswordenteredbytheuserontheWebagent’s
sign-inpageandbythevaluespecifiedintheTargetfield.Theseare
thedefaultparametersforlogin.fcc—ifyouhavemadecustomizations,
youmayneedtochangetheseparameters.
203
Copyright©2012,JuniperNetworks,Inc.
Chapter8:AuthenticationandDirectoryServers
Table14:eTrustSiteMinderConfigurationOptions (continued)
Description
Option
Choosethisoptionifyouwanttodelegateauthenticationtoastandard
agent.WhentheuseraccessestheSecureAccesssign-inpage,Secure
AccessdeterminestheFCCURLassociatedwiththeprotectedresource’s
authenticationscheme.SecureAccessredirectstheusertothatURL,
settingtheSecureAccesssign-inURLasthetarget.Aftersuccessfully
authenticatingwiththestandardagent,anSMSESSIONcookieissetin
theuser’sbrowserandheisredirectedbacktoSecureAccess.Secure
AccessthenautomaticallysignsintheuserandestablishesaSecure
Accesssession.
NOTE:
YoumustenabletheAutomaticSign-Inoptioninordertousethis
feature.
IfyouenablethisoptionandauseralreadyhasavalidSMSESSION
cookiewhenhetriestoaccessaresource,SecureAccesstriesto
automaticallysigninusingtheexistingSMSESSIONcookie.Ifthecookie
isinvalid,SecureAccessclearstheSMSESSIONcookieand
correspondingSecureAccesscookiesandpresentstheuserwitha
“timeout”page.SecureAccesssuccessfullydelegatesauthentication
whentheuserclicksthe“signbackin”option.
Ifyouselectthisoption,yourauthenticationschememusthavean
associatedFCCURL.
Delegate
authenticationtoa
standardagent
Table15:eTrustSiteMinderAdvancedConfigurationOptions
Description
Option
EntertheintervalatwhichSecureAccesspollstheSiteminderpolicy
servertocheckforanewkey.
PollInterval
ControlsthemaximumnumberofsimultaneousconnectionsthatSecure
Accessisallowedtomaketothepolicyserver.Thedefaultsettingis20.
Max.Connections
Controlsthemaximumnumberofrequeststhatthepolicyserver
connectionhandlesbeforeSecureAccessendstheconnection.If
necessary,tunetoincreaseperformance.Thedefaultsettingis1000.
Max.Requests/
Connection
Controlsthemaximumnumberofminutesaconnectiontothepolicy
servermayremainidle(theconnectionisnothandlingrequests)before
SecureAccessendstheconnection.Thedefaultsettingof“none”
indicatesnotimelimit.
IdleTimeout
Copyright©2012,JuniperNetworks,Inc.
204
JunosPulseSecureAccessServiceAdministrationGuide
Documents you may be interested
Documents you may be interested