When CA Identity Manager integrates with CA CA SiteMinder®, CA CA SiteMinder® can add the following functionality to a CA Identity Manager environment:
CA Identity Manager includes native authentication for CA Identity Manager Environments by default. CA Identity Manager administrators enter a valid username and password to log in to a CA Identity Manager Environment. CA Identity Manager authenticates the name and password against the user store that CA Identity Manager manages.
When CA Identity Manager integrates with CA CA SiteMinder®, CA Identity Manager uses CA CA SiteMinder® basic authentication to protect the Environment. When you create a CA Identity Manager Environment, a policy domain and an authentication scheme are created in CA CA SiteMinder® to protect that Environment.
When CA Identity Manager integrates with CA CA SiteMinder®, you can also use CA SiteMinder® authentication to protect the Management Console.
Access roles enable CA Identity Manager administrators to assign privileges in applications that CA CA SiteMinder® protects. Access roles represent a single action that a user can perform in a business application, such as generating a purchase order in a finance application.
An administrator can possibly need to manage users whose profiles exist in a different user store from the one that is used for authenticating the administrator. When logging in to the CA Identity Manager Environment, the administrator is authenticated using one directory and a different directory to authorize the administrator to manage users.
When CA Identity Manager integrates with CA CA SiteMinder®, you can configure a CA Identity Manager Environment to use different directories for authentication and authorization.
A skin changes the look of the User Console. When CA Identity Manager integrates with CA CA SiteMinder®, you can enable different sets of users to see different skins. To accomplish this change, you use a CA SiteMinder® response to associate a skin with a set of users. The response is paired with a rule in a policy, which is associated with a set of users. When the rule fires, it triggers the response to pass information about the skin to CA Identity Manager, to build the User Console.
Note: For more information, see the User Console Design Guide.
When CA Identity Manager integrates with CA CA SiteMinder®, you can define locale preference to a user using an imlanguage HTTP header. In the CA SiteMinder® Policy Server, you set this header within a CA SiteMinder® response and specify a user attribute as value of the header. This imlanguage header acts as the highest priority locale preference for a user.
Note: For more information, see the User Console Design Guide.
|
Copyright © 2014 CA.
All rights reserved.
|
|