Previous Topic: SiteMinder-Generated Response AttributesNext Topic: Add CA Identity Manager Environments to a Policy Domain

CA Identity Manager Configuration GuideCA CA SiteMinder® IntegrationCA SiteMinder® OperationsHow to Configure Access RolesAccess Roles in SiteMinderHow to Enable Access Roles in SiteMinder

How to Enable Access Roles in SiteMinder

The following steps assume that CA SiteMinder® already protects the application to which the access role grants access. For instance, assume that you are creating an access role for an application that CA SiteMinder® does not protect yet. In such case, see one of the following guides in the CA SiteMinder® bookshelf:

Note: To configure access roles in CA SiteMinder®, use the Policy Server User Interface, an applet–based application, instead of the CA SiteMinder® Administrative UI. In CA SiteMinder® 12, this applet is named the CA SiteMinder® Federation Security Services Administrative UI (FSS Administrative UI). You can install the FSS Administrative UI using the Policy Server installer.

To enable access roles in CA SiteMinder®, you complete the following high-level steps:

  1. In the Policy Server User Interface, associate a user directory and a CA Identity Manager environment with a Policy Domain.
  2. In the Policy Domain, create realms and rules (if they do not exist) corresponding to the resources to which the access role grants access.

    Note: For information about creating realms and rules, see one of the following guides in the CA SiteMinder® bookshelf:

  3. Create a response to pass entitlement information to the resource.
  4. Create a policy and associate it with the following objects:

    Note: For information on creating policies, see the Policy Design Guide (for CA SiteMinder® 6.0 SP5) or the Policy Server Configuration Guide (for CA SiteMinder® 12.0 SP2).