Configuring the attribute collection service

Edit online

Before you can collect risk calculation information, you must specify the server and location of the collection service. You also must specify a JavaScript file to collect the session attributes.

Before you begin

Run the isamcfg tool to configure the runtime security services EAS. See Using the isamcfg tool.

Review Attribute collection service.

Procedure

  1. Optional: Configure the context-based access properties that you require for the attribute collection service. These properties are set by the isamcfg tool, but if you need to change them, use the following instructions:
    1. Configure attributeCollection.requestServer to specify the server from which requests are received using the local management interface:
      1. Select AAC > Global Settings > Advanced Configuration
      2. Find the attributeCollection.requestServer key in the list and click the edit icon. A new window displays the name and the current value.
      3. Edit the value of the request servers. The value is a space-separated list of WebSEAL host names from which requests are permitted. Host names musts begin with http:// or https://. For example, type http://mywebsealhost.company.com.
    2. Configure attributeCollection.serviceLocation to specify the location using the local management interface:
      1. Select AAC > Global Settings > Advanced Configuration
      2. Find the attributeCollection.serviceLocation key in the list and click the edit icon. A new window displays the name and the current value.
      3. Edit the value of the location. Specify the location as: 
        https://host_name/webseal-junction-name
        For example, type https://mywebsealhost.company.com/mga.
      You can configure any other attribute collection service attributes in a similar fashion, as necessary.
  2. Add the URL of info.js to the <head> block in the HTML landing page of your application. The info.js file calls functions that are required to collect session attributes. Follow this format: 
    <script src="https://host_name/webseal-junction-name/sps/ac/js/info.js"></script>
    Note: When the info.js file is included on an HTML page, attribute collection by Ajax calls can take time to complete. To avoid issues, attribute collection must end before moving away from the page. For example, if the attribute collection is still running, and a link is clicked, the policy fails to resolve session attributes. To prevent this issue, modify the JavaScript file to prevent the user from continuing until after the Ajax call completes.

Results

The basic configuration of the attribute collection service for context-based access is complete.