Associating the WebSEAL junction to the ACLs
Use the pdadmin
utility to associate the WebSEAL junction with a URL
path prefix to the corresponding IBM® Security Verify Access
access control list (ACL).
Before you begin
Depending on how your system administrator customized your system, you might not have access to this task. To obtain access to this task or to have someone complete it for you, contact your system administrator.
Procedure
Associate the ACL with the
attach junction_name
acl_name
command.
The command syntax is:
acl attach prefix/webseal_junction/url_path_prefix acl_name
where:- prefix
- Specifies the IBM Security Verify Access Object Space prefix
for your WebSEAL server.
Type the following command to see the prefix:
pdadmin> object list /WebSEAL /WebSEAL/tam60-server-default
In this example, the value of the prefix is /WebSEAL/tam60-server-default.
- webseal_junction
- Specifies the name of the WebSEAL junction that you created previously with the
server task create
command. In this example, the WebSEAL junction name is /itimserver. The fully qualified WebSEAL junction name is /WebSEAL/tam60-server-default/itimserver. - url_path_prefix
- Specifies the name of the URL path prefix for the IBM Verify Identity Governance administrative console (itim/console), or the self-service console (itim/self), or Identity Manager Service Center (itim/ui).
- acl_name
- Specifies the name of the corresponding IBM Security Verify Access ACL (
ITIM-ACL
orITIM-Self-Help-ACL
).
For example, associate the fully qualified WebSEAL junction name
/WebSEAL/tam60-server-default/itimserver/itim/console to:
- The IBM Verify Identity Governance administrator
console access to the IBM Security Verify Access ACL
ITIM-ACL
.acl attach /WebSEAL/tam60-server-default/itimserver/itim/console ITIM-ACL
- The IBM Verify Identity Governance self-service console access to the IBM Security Verify Access ACL
ITIM-Self-Help-ACL
.acl attach /WebSEAL/tam60-server-default/itimserver/itim/self ITIM-Self-Help-ACL
- The IBM Verify Identity Governance
Identity Manager Service Center access to the IBM Security Verify Access ACL
ITIM-ISC-ACL
.acl attach /WebSEAL/tam60-server-default/itimserver/itim/ui ITIM-ISC-ACL