Quick tip:
--------------
When integrated with Site Minder it is generally expected that the IDM Environments (aka IMEs) be protected by Site Minder and accessed via a protecting web server (port 80) and not directly on the application server. It is also assumed that the IDM Management console (/immanage) will be still accessed on the app server directly (for jboss default port is 8080).
If you do want to protect the management console by a web server and access via port 80 then you need to:
- Create a proper domain/realm in Site Minder and perform all necessary protection configuration steps just like any other web application protected by SM.
However, this will NOT disable the access directly on the application server. So, in this situation you will still be able to access on the app server port. If you wanted to exclusively access via the web server then you'll need to disable the direct access on the app server. The best practice should be to disable the app server listening on that port. This is specific to any given app server and version and so just as an example for jboss 5.1 you shall:
Modify the server.xml (under \jboss-5.1.0.GA\server\default\deploy\jbossweb.sar) and either commenting out the 8080 section (for disable) or using redirectport.
Yours,
Sagi Gabay,
CA Technologies.