Associating the WebSEAL junction to the ACLs

Use the pdadmin utility to associate the WebSEAL junction with a URL path prefix to the corresponding IBM® Security Verify Access access control list (ACL).

Before you begin

Depending on how your system administrator customized your system, you might not have access to this task. To obtain access to this task or to have someone complete it for you, contact your system administrator.

Procedure

Associate the ACL with the attach junction_name acl_name command.
The command syntax is:
acl attach prefix/webseal_junction/url_path_prefix acl_name
where:
prefix
Specifies the IBM Security Verify Access Object Space prefix for your WebSEAL server.

Type the following command to see the prefix:

pdadmin> object list /WebSEAL
		/WebSEAL/tam60-server-default

In this example, the value of the prefix is /WebSEAL/tam60-server-default.

webseal_junction
Specifies the name of the WebSEAL junction that you created previously with the server task create command. In this example, the WebSEAL junction name is /itimserver. The fully qualified WebSEAL junction name is /WebSEAL/tam60-server-default/itimserver.
url_path_prefix
Specifies the name of the URL path prefix for the IBM Verify Identity Governance administrative console (itim/console), or the self-service console (itim/self), or Identity Manager Service Center (itim/ui).
acl_name
Specifies the name of the corresponding IBM Security Verify Access ACL (ITIM-ACL or ITIM-Self-Help-ACL).
For example, associate the fully qualified WebSEAL junction name /WebSEAL/tam60-server-default/itimserver/itim/console to:
  • The IBM Verify Identity Governance administrator console access to the IBM Security Verify Access ACL ITIM-ACL.
    acl attach /WebSEAL/tam60-server-default/itimserver/itim/console ITIM-ACL
  • The IBM Verify Identity Governance self-service console access to the IBM Security Verify Access ACL ITIM-Self-Help-ACL.
    acl attach /WebSEAL/tam60-server-default/itimserver/itim/self ITIM-Self-Help-ACL
  • The IBM Verify Identity Governance Identity Manager Service Center access to the IBM Security Verify Access ACL ITIM-ISC-ACL.
    acl attach /WebSEAL/tam60-server-default/itimserver/itim/ui ITIM-ISC-ACL