Siteminder user login restrictions

Idea created by AtulS on Jan 30, 2015
    Not planned
    • AtulS

    Platform Details:


    What is the policy server version ? SP ? CR ?[Sharma Atul]

    > What is the OS ?[Sharma Atul]  Linux 2.6.32-431.20.3.el6.x86_64

    > What is your Policy Store vendor ?[Sharma Atul]  7.1 SQL Server

    > What is your User Directory vendor ?[Sharma Atul]  Microsoft AD 2008

    > What is the WebAgent version ? SP ? CR ?[Sharma Atul]  SiteMinder APACHE 2.2 WebAgent, Version 12.0 QMR03

    > What is the WebServer version ?[Sharma Atul] Linux 2.6.32-431.20.3.el6.x86_64

    > What is the OS of the WebServer ?[Sharma Atul]  Linux


    CA Support Ticket:


    Refer CA Support Request 00009118 - Siteminder restrictions for more details.


    Problem Statement


    Recently received a request from to define the user limitation based on these conditions:


    (Max x login per day) &&(Minimum y minutes between login).


    1. Although the restriction based on time and IP could have been easy J but for this one we might have to work with active policy using dynamic authorization based on the above logic.


    I saw Sm_PolicyApi_Policy_t also, but this again talks about the time grid array where we can restrict the policy to be fired on specified time :

    1. e.g.        To restrict the policy from being fired from 8 AM to 10AM on Tuesday,

    turn off the Tuesday bit in hours 8 AM and 9 AM: 7F7F7F7F7F7F7F7F7C7C7F7F7F7F7F7F7F7F7F7F7F7F7F7F


    We need to device a method which can count the AzAccept for a particular user in a day and then restrict the access based on count of AzAccepts happening.


    Please share if you have any suggestions.


    Thanks in advance.


    Best Regards,

    Atul Sharma