IBM Tivoli Access Manager for e-business: WebSEAL Administration ...
10.02.2013 Views
Share Embed Flag

IBM Tivoli Access Manager for e-business: WebSEAL Administration ...

IBM Tivoli Access Manager for e-business: WebSEAL Administration ...

IBM Tivoli Access Manager for e-business: WebSEAL Administration ...

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
publib.boulder.ibm.com

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

Configuring<br />

multi-locale<br />

support<br />

Configuration<br />

topics<br />

<strong>for</strong><br />

multi-locale<br />

support:<br />

v<br />

“UTF-8<br />

support<br />

<strong>for</strong><br />

uni<strong>for</strong>m<br />

resource<br />

locators”<br />

v<br />

“UTF-8<br />

support<br />

<strong>for</strong><br />

<strong>for</strong>ms”<br />

on<br />

page<br />

49<br />

v<br />

“UTF-8<br />

support<br />

in<br />

query<br />

strings”<br />

on<br />

page<br />

50<br />

v<br />

“UTF-8<br />

encoding<br />

of<br />

tokens<br />

<strong>for</strong><br />

cross<br />

domain<br />

single<br />

sign-on”<br />

on<br />

page<br />

50<br />

v<br />

“UTF-8<br />

encoding<br />

of<br />

tokens<br />

<strong>for</strong><br />

e-community<br />

single<br />

sign-on”<br />

on<br />

page<br />

51<br />

v<br />

“UTF-8<br />

encoding<br />

of<br />

cookies<br />

<strong>for</strong><br />

failover<br />

authentication”<br />

on<br />

page<br />

51<br />

v<br />

“UTF-8<br />

encoding<br />

in<br />

junction<br />

requests”<br />

on<br />

page<br />

51<br />

UTF-8<br />

support<br />

<strong>for</strong><br />

uni<strong>for</strong>m<br />

resource<br />

locators<br />

Browsers<br />

are<br />

limited<br />

to<br />

a<br />

defined<br />

character<br />

set<br />

that<br />

can<br />

legally<br />

be<br />

used<br />

within<br />

a<br />

Uni<strong>for</strong>m<br />

Resource<br />

Locator<br />

(URL).<br />

This<br />

range<br />

is<br />

defined<br />

to<br />

be<br />

the<br />

printable<br />

characters<br />

in<br />

the<br />

ASCII<br />

character<br />

set<br />

(between<br />

hex<br />

code<br />

0x20<br />

and<br />

0x7e).<br />

For<br />

non-English<br />

languages,<br />

and<br />

other<br />

purposes,<br />

characters<br />

outside<br />

the<br />

printable<br />

ASCII<br />

character<br />

set<br />

are<br />

often<br />

required<br />

in<br />

URLs.<br />

These<br />

characters<br />

can<br />

be<br />

encoded<br />

using<br />

printable<br />

characters<br />

<strong>for</strong><br />

transmission<br />

and<br />

interpretation.<br />

There<br />

are<br />

a<br />

number<br />

of<br />

different<br />

encoding<br />

methods<br />

<strong>for</strong><br />

transmitting<br />

characters<br />

outside<br />

the<br />

printable<br />

ASCII<br />

range.<br />

<strong>WebSEAL</strong>,<br />

acting<br />

as<br />

a<br />

Web<br />

proxy,<br />

must<br />

be<br />

able<br />

to<br />

handle<br />

all<br />

these<br />

cases.<br />

The<br />

UTF-8<br />

locale<br />

support<br />

addresses<br />

this<br />

need.<br />

The<br />

manner<br />

in<br />

which<br />

<strong>WebSEAL</strong><br />

processes<br />

URLs<br />

from<br />

browsers<br />

can<br />

be<br />

specified<br />

in<br />

the<br />

<strong>WebSEAL</strong><br />

configuration<br />

file:<br />

[server]<br />

utf8-url-support-enabled<br />

=<br />

{yes|no|auto}<br />

The<br />

three<br />

possible<br />

values<br />

are<br />

as<br />

follows:<br />

v<br />

yes<br />

In<br />

this<br />

mode,<br />

<strong>WebSEAL</strong><br />

only<br />

recognizes<br />

URI<br />

encoded<br />

UTF-8<br />

data<br />

in<br />

URL<br />

strings<br />

and<br />

they<br />

are<br />

used<br />

without<br />

modification.<br />

These<br />

UTF-8<br />

characters<br />

are<br />

then<br />

validated<br />

and<br />

taken<br />

into<br />

account<br />

when<br />

determining<br />

access<br />

rights<br />

to<br />

the<br />

URL.<br />

<strong>WebSEAL</strong><br />

supports<br />

both<br />

raw<br />

UTF-8<br />

and<br />

URI<br />

encoded<br />

UTF-8<br />

strings<br />

in<br />

URLs.<br />

In<br />

this<br />

mode,<br />

other<br />

encoding<br />

techniques<br />

are<br />

not<br />

accepted.<br />

This<br />

is<br />

the<br />

default<br />

value,<br />

and<br />

is<br />

recommended.<br />

Servers<br />

that<br />

run<br />

in<br />

an<br />

7-bit<br />

ASCII<br />

English<br />

locale<br />

should<br />

use<br />

this<br />

value.<br />

v<br />

no<br />

In<br />

this<br />

mode,<br />

<strong>WebSEAL</strong><br />

does<br />

not<br />

recognize<br />

UTF-8<br />

<strong>for</strong>mat<br />

data<br />

in<br />

URL<br />

strings.<br />

Used<br />

<strong>for</strong><br />

local<br />

code<br />

page<br />

only.<br />

If<br />

the<br />

string<br />

can<br />

be<br />

validated<br />

it<br />

is<br />

converted<br />

to<br />

UTF-8<br />

<strong>for</strong><br />

internal<br />

use.<br />

Servers<br />

that<br />

do<br />

not<br />

need<br />

to<br />

process<br />

multi-byte<br />

input,<br />

and<br />

are<br />

running<br />

in<br />

a<br />

single-byte<br />

Latin<br />

locale,<br />

such<br />

as<br />

French,<br />

German,<br />

or<br />

Spanish,<br />

should<br />

use<br />

this<br />

setting.<br />

Use<br />

this<br />

setting<br />

when<br />

supporting<br />

existing<br />

applications<br />

and<br />

Web<br />

servers<br />

do<br />

not<br />

function<br />

correctly<br />

with<br />

<strong>WebSEAL</strong><br />

if<br />

UTF-8<br />

support<br />

is<br />

enabled.<br />

These<br />

applications<br />

might<br />

use<br />

DBCS<br />

(such<br />

as<br />

Shift-JIS)<br />

or<br />

other<br />

encoding<br />

mechanisms<br />

in<br />

the<br />

URL.<br />

Note:<br />

When<br />

setting<br />

this<br />

value<br />

to<br />

no,<br />

ensure<br />

that<br />

all<br />

junctioned<br />

servers<br />

do<br />

NOT<br />

accept<br />

UTF-8<br />

<strong>for</strong>mat<br />

URLs.<br />

It<br />

is<br />

important<br />

from<br />

a<br />

security<br />

perspective,<br />

that<br />

<strong>WebSEAL</strong><br />

interprets<br />

URLs<br />

in<br />

the<br />

same<br />

manner<br />

as<br />

the<br />

junctioned<br />

servers.<br />

v<br />

auto<br />

48<br />

<strong>IBM</strong><br />

<strong>Tivoli</strong><br />

<strong>Access</strong><br />

<strong>Manager</strong><br />

<strong>for</strong><br />

e-<strong>business</strong>:<br />

<strong>WebSEAL</strong><br />

<strong>Administration</strong><br />

Guide

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!