Question
I have a ASP.NET MVC Web Site running with Siteminder SOO. Al security is working correctly, except the Home Page.
In the SiteMinder configuration i have only one Realm with Resource Filter: "/" and Default Resource Protection: "Protected". So, all uris are protected. And i have rules for each uri, and a set of Domain Policies that works fine with these rules. The problem is the root page; i don't know how to write a Rule that allow access to the home page, for example: "http://misite.com/".
If I create a Rule with resource = "/", then the Effective Resource is: "my-siteminder-agent//". And a policy with this rule never applies.
¿How can i create a Rule to allow access to the home page for authenticated users?
Solution
I solved it using a Rule on SiteMinder to allow Access to '/Home' and a redirect with the IIS Rewrite Module.
https://stackoverflow.com/questions/15260112
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian<rewrite>
<rules>
<rule name="Root Hit Redirect" stopProcessing="true">
<match url="^$" />
<action type="Redirect" url="/Home" />
</rule>
</rules>
</rewrite>
OTHER TIPS
You could also create a unprotected rule to allow the specific home page... ie index.htm
Change the rule to * instead of /*
If the entire site needs to be secured you do not need to create multiple rules for different paths. A standard rule covering everything will be sufficient. Refer to the Answer by @bcarroll to set that up. It will make your life easier when you have to make changes to the policies etc. later.
