Single signon is required between all hosts and protocols. Each
virtual host has its own session credential. Standard e-community
SSO logout restrictions apply.
Forms login is required
Authenticated-only access is required for the following resources:
Restart WebSEAL and login as sec_master to the pdadmin command.
Procedure - control access to /restricted directories:
Create an open (unrestricted) ACL for general
unauthenticated access:
pdadmin> sec_master> acl create open
pdadmin> sec_master> acl modify open set user sec_master TcmdbsvaBRlrx
pdadmin> sec_master> acl modify open set any-other Trx
pdadmin> sec_master> acl modify open set unauthenticated Trx
pdadmin> sec_master> acl modify open set group iv-admin TcmdbsvaBRrxl
pdadmin> sec_master> acl modify open set group webseal-servers Tgmdbsrxl
Create a restricted ACL for access that requires
authentication:
pdadmin> sec_master> acl create restricted
pdadmin> sec_master> acl modify restricted set group iv-admin TcmdbsvaBRrxl
pdadmin> sec_master> acl modify restricted set group webseal-servers Tgmdbsrxl
pdadmin> sec_master> acl modify restricted set user sec_master TcmdbsvaBRlrx
pdadmin> sec_master> acl modify restricted set any-other Trx
pdadmin> sec_master> acl modify restricted set unauthenticated T
Attach the open ACL to the default WebSEAL
instance:
pdadmin> sec_master> acl attach /WebSEAL/webseal.ibm.com-default open
Attach the restricted ACL to the /sales directory
on a.b.com: