Cams Administrator's Guide

Cams Administrator's Guide
Version 2.0

This document provides links to information you use to learn about and integrate the Cams policy server.

Table of Contents

Introduction

Centralized Web Security

The Cams Policy Server

Security Domains

The Authentication Service

The Access Control Service

Access Control Requests/Responses

Cams Auditing

Cams Web Agents

Web Single Sign-on

Installation

Step1 - Obtaining Cams

Step 2 - Unpacking the distribution files

Step 3 - Installing the license key

Step 4 - Installing Java (if necessary)

Step 5 - Starting the Cams Policy Server

Step 6 - Testing Cams

Integration Quick Start

Configure the security domain registry

Configure the system security domain

Configure a rules and permission

Configure a Cams web agent

Test

Security Domain Registry Configuration

Configuring the Security Domain Registry Factory

Configuring the Cams XML Security Domain Registry

Security Domain Registry Tag Reference

Access Control Services

Access Control Conceptual Model

Cams Security Domains

How Cams Access Control Works

Managing a Cams Access Control Policy

Configuring a Cams Access Control Policy

Access Control Policy Tag Reference

Login Configuration

Login Configuration

Login Modules

Active Directory Login Module

JDBC Login Module

LDAP Login Module

XML Login Module

Callback Handlers

Login Parameters

Customizing LoginException Messages

Support for Password Digests

Login Configuration Tag Reference

Security Domain Configuration

Cams Substitution Values

Cams Logger Types

Configuring the Trace Logger

Configuring the Authentication Service

Login Config Factory

Authentication Pipeline

Authentication Valve

Authentication Log

Configuring the Access Control Service

Access Control Policy Factory

Access Request Pipeline

Access Control Valve

Access Control Log

Configuring the Session Manager Service

Session Event Handler

Session Manager Log

Configuring the Session Access Service

Session Access Pipeline

Session Access Valve

Session Access Log

Configuring the Session Control Service

Session Control Pipeline

Session Control Valve

Session Control Log

Configuring Service Manager Services

Services

Access Control Policy Monitor Service

JDBC Connection Pool Service

Cams XML User Repository Service

Security Domain Tag Reference

Configuring Cams Policy Server

Cams Server Name

Cams Cluster Name

Connections

Email Notification

Secret Key Encryption

Logger

Debug

Security Domain Registry

Resource Types

Server Sockets

Policy Server Clustering Overview

Clustering Benefits

Clustering Requirements

System Requirements

Configuration Requirements

Network Requirements

Licensing Requirements

Recommended Topology

How Cams Policy Server Clustering Works

Cams Policy Server Configuration

Cams Web Agent Configuration

Cams Policy Server Failover

Cams Policy Server Recovery

Cams Policy Server Load Balancing

Managing Cams Policy Server Files in a Cluster

Clustering Limitations

Policy Server Clustering Quick Start

Prerequisites

Step 1 - Create master Cams cluster files

Step 2 - Register each Cams policy server

Step 3 - Create the cluster directory structure

Step 4 - Install cams-license-keys.xml files

Step 5 - Copy master files to Cams policy servers

Step 6 - Configure Cams web agents

Step 7 - Start Cams policy servers

Step 8 - Start the Cams web agent

Step 9 - Confirm proper Cams cluster operation

More Cams Clustering Information

Policy Server Clustering

Installation and Configuration Management Strategy

Cluster Requirements

Cluster Configuration Management Strategy

Cluster Installation Strategy Overview

Example: A Typical Cams Cluster Configuration

Registering Cams Policy Servers

The Default Cams Policy Server Registration

Configuring a Cams Web Agent for Cluster Use

Global, Per-Cluster, and Per-Server Directories and Files

How Cams Policy Server Configuration Properties are Set

How Cams License Files are Loaded

Managing Cams Policy Server Security Domain Files

Where Cams Policy Server Log Files are Written

Configuring where Security Domain-specific Log Files are Written

Configuring where the Cams Policy Server Trace Log File is Written

Starting and and Stopping Clustered Policy Servers

Debugging Cams Policy Server Cluster Settings

Debugging Cams Agent Cluster Settings

Confirming Cluster Failover and Load Balancing

Hardening Cams Security

Securing Cams Network Connections

Firewall Configuration

Securing Communications

Securing Cams Files and Directories

Securing Cams Files and Directories under Unix/Linux

Securing Cams Files and Directories under Windows NT/2000

Securing Cams Services and Web Agents

Cams Policy Server

Security Domains

Cams Web Agents

Securing Agent Authentication

Securing Agent Access Control

Using Cams Web Agent Session Hijacking Protection

XML Tag Library

Access Control Policy Tag Reference

Login Configuration Tag Reference

Security Domain Tag Reference

Security Domain Registry Tag Reference

Troubleshooting

Troubleshooting Cams FAQ

Troubleshooting Cams Access Control

Appendix

Access Control Responses

Password Digests

Regular Expressions

Securing Cams Communications using Secret Keys

Securing Cams Communications using SSL

Support

Back | Next | Contents

© Copyright 1996-2004 Cafésoft LLC. All rights reserved.