|
|
|
When Identity Manager integrates with CA SiteMinder, CA SiteMinder can add the following functionality to a Identity Manager environment:
Identity Manager includes native authentication for Identity Manager Environments by default. Identity Manager administrators enter a valid username and password to log in to an Identity Managera Identity Manager Environment. Identity Manager authenticates the name and password against the user store that Identity Manager manages.
When Identity Manager integrates with CA SiteMinder, Identity Manager uses CA SiteMinder basic authentication to protect the Environment. When you create an Identity Managera Identity Manager Environment, a policy domain and an authentication scheme are created in CA SiteMinder to protect that Environment.
When Identity Manager integrates with CA SiteMinder, you can also use SiteMinder authentication to protect the Management Console.
Access roles enable Identity Manager administrators to assign privileges in applications that are protected by CA SiteMinder. Access roles include access tasks, which represent a single action that a user can perform in a business application, such as generating a purchase order in a finance application.
An administrator may need to manage users whose profiles exist in a different user store from the one that is used for authenticating the administrator. In other words, when logging in to the Identity Manager Environment, the administrator must be authenticated using one directory and authorized to manage users in a second directory.
When Identity Manager integrates with CA SiteMinder, you can configure a Identity Manager Environment to use different directories for authentication and authorization.
Identity Manager enables you to create basic password policies that manage user passwords by enforcing rules and restrictions governing password expiration, composition, and usage.
If you configure Identity Manager to integrate with CA SiteMinder, you can create advanced password policies that enable you to define the additional rules and restrictions.
Note: For more information, see the Administration Guide.
A skin changes the look of the User Console. When Identity Manager integrates with CA SiteMinder, you can enable different sets of users to see different skins. To accomplish this, you use a SiteMinder response to associate a skin with a set of users. The response is paired with a rule in a policy, which is associated with a set of users. When the rule fires, it triggers the response to pass information about the skin to Identity Manager, to build the User Console.
Note: For more information, see the User Console Design Guide.
When Identity Manager integrates with CA SiteMinder, you can define a user’s locale preference using an imlanguage HTTP header. In the SiteMinder Policy Server, you set this header within a SiteMinder response and specify a user attribute as the header’s value. This imlanguage header acts as the highest priority locale preference for a user.
Note: For more information, see the User Console Design Guide.
| Copyright © 2012 CA. All rights reserved. | Tell Technical Publications how we can improve this information |