When CA Identity Manager integrates with CA CA SiteMinder, CA CA SiteMinder can add the following functionality to a CA Identity Manager environment:
CA Identity Manager includes native authentication for CA Identity Manager Environments by default. CA Identity Manager administrators enter a valid username and password to log in to a CA Identity Manager Environment. CA Identity Manager authenticates the name and password against the user store that CA Identity Manager manages.
When CA Identity Manager integrates with CA CA SiteMinder, CA Identity Manager uses CA CA SiteMinder basic authentication to protect the Environment. When you create a CA Identity Manager Environment, a policy domain and an authentication scheme are created in CA CA SiteMinder to protect that Environment.
When CA Identity Manager integrates with CA CA SiteMinder, you can also use CA SiteMinder authentication to protect the Management Console.
Access roles enable CA Identity Manager administrators to assign privileges in applications that CA CA SiteMinder protects. Access roles represent a single action that a user can perform in a business application, such as generating a purchase order in a finance application.
An administrator can possibly need to manage users whose profiles exist in a different user store from the one that is used for authenticating the administrator. When logging in to the CA Identity Manager Environment, the administrator is authenticated using one directory and a different directory to authorize the administrator to manage users.
When CA Identity Manager integrates with CA CA SiteMinder, you can configure a CA Identity Manager Environment to use different directories for authentication and authorization.
A skin changes the look of the User Console. When CA Identity Manager integrates with CA CA SiteMinder, you can enable different sets of users to see different skins. To accomplish this change, you use a CA SiteMinder response to associate a skin with a set of users. The response is paired with a rule in a policy, which is associated with a set of users. When the rule fires, it triggers the response to pass information about the skin to CA Identity Manager, to build the User Console.
Note: For more information, see the User Console Design Guide.
When CA Identity Manager integrates with CA CA SiteMinder, you can define locale preference to a user using an imlanguage HTTP header. In the CA SiteMinder Policy Server, you set this header within a CA SiteMinder response and specify a user attribute as value of the header. This imlanguage header acts as the highest priority locale preference for a user.
Note: For more information, see the User Console Design Guide.
|
Copyright © 2013 CA.
All rights reserved.
|
|