Previous Topic: SiteMinder-Generated Response AttributesNext Topic: Add CA Identity Manager Environments to a Policy Domain

Configuration GuideCA CA SiteMinder IntegrationCA SiteMinder OperationsHow to Configure Access RolesAccess Roles in SiteMinderHow to Enable Access Roles in SiteMinder

How to Enable Access Roles in SiteMinder

The following steps assume that CA SiteMinder already protects the application to which the access role grants access. For instance, assume that you are creating an access role for an application that CA SiteMinder does not protect yet. In such case, see one of the following guides in the CA SiteMinder bookshelf:

Note: To configure access roles in CA SiteMinder, use the Policy Server User Interface, an applet–based application, instead of the CA SiteMinder Administrative UI. In CA SiteMinder 12, this applet is named the CA SiteMinder Federation Security Services Administrative UI (FSS Administrative UI). You can install the FSS Administrative UI using the Policy Server installer.

To enable access roles in CA SiteMinder, you complete the following high-level steps:

  1. In the Policy Server User Interface, associate a user directory and a CA Identity Manager environment with a Policy Domain.
  2. In the Policy Domain, create realms and rules (if they do not exist) corresponding to the resources to which the access role grants access.

    Note: For information about creating realms and rules, see one of the following guides in the CA SiteMinder bookshelf:

  3. Create a response to pass entitlement information to the resource.
  4. Create a policy and associate it with the following objects:

    Note: For information on creating policies, see the Policy Design Guide (for CA SiteMinder 6.0 SP5) or the Policy Server Configuration Guide (for CA SiteMinder 12.0 SP2).