|
|
|
When CA Identity Manager integrates with CA SiteMinder, CA SiteMinder can add the following functionality to an Identity Manager environment:
CA Identity Manager includes native authentication for Identity Manager Environments by default. CA Identity Manager administrators enter a valid username and password to log in to an Identity Manager Environment. CA Identity Manager authenticates the name and password against the user store that CA Identity Manager manages.
When CA Identity Manager integrates with CA SiteMinder, CA Identity Manager uses CA SiteMinder basic authentication to protect the Environment. When you create an Identity Manager Environment, a policy domain and an authentication scheme are created in CA SiteMinder to protect that Environment.
When CA Identity Manager integrates with CA SiteMinder, you can also use SiteMinder authentication to protect the Management Console.
Access roles enable Identity Manager administrators to assign privileges in applications that are protected by CA SiteMinder. Access roles include access tasks, which represent a single action that a user can perform in a business application, such as generating a purchase order in a finance application.
An administrator may need to manage users whose profiles exist in a different user store from the one that is used for authenticating the administrator. In other words, when logging in to the Identity Manager Environment, the administrator must be authenticated using one directory and authorized to manage users in a second directory.
When CA Identity Manager integrates with CA SiteMinder, you can configure an Identity Manager Environment to use different directories for authentication and authorization.
CA Identity Manager enables you to create basic password policies that manage user passwords by enforcing rules and restrictions governing password expiration, composition, and usage.
If you configure CA Identity Manager to integrate with CA SiteMinder, you can create advanced password policies that enable you to define the additional rules and restrictions.
Note: For more information, see the Administration Guide.
A skin changes the look of the User Console. When CA Identity Manager integrates with CA SiteMinder, you can enable different sets of users to see different skins. To accomplish this, you use a SiteMinder response to associate a skin with a set of users. The response is paired with a rule in a policy, which is associated with a set of users. When the rule fires, it triggers the response to pass information about the skin to CA Identity Manager, to build the User Console.
Note: For more information, see the User Console Design Guide.
When CA Identity Manager integrates with CA SiteMinder, you can define a user’s locale preference using an imlanguage HTTP header. In the SiteMinder Policy Server, you set this header within a SiteMinder response and specify a user attribute as the header’s value. This imlanguage header acts as the highest priority locale preference for a user.
Note: For more information, see the User Console Design Guide.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |