Previous Topic: CA SiteMinder IntegrationNext Topic: How Resources are Protected


SiteMinder and CA IdentityMinder

When CA IdentityMinder integrates with CA SiteMinder, CA SiteMinder can add the following functionality to a CA IdentityMinder environment:

Advanced Authentication

CA IdentityMinder includes native authentication for CA IdentityMinder Environments by default. CA IdentityMinder administrators enter a valid username and password to log in to a CA IdentityMinder Environment. CA IdentityMinder authenticates the name and password against the user store that CA IdentityMinder manages.

When CA IdentityMinder integrates with CA SiteMinder, CA IdentityMinder uses CA SiteMinder basic authentication to protect the Environment. When you create a CA IdentityMinder Environment, a policy domain and an authentication scheme are created in CA SiteMinder to protect that Environment.

When CA IdentityMinder integrates with CA SiteMinder, you can also use SiteMinder authentication to protect the Management Console.

Access Roles and Tasks

Access roles enable CA IdentityMinder administrators to assign privileges in applications that CA SiteMinder protects. Access roles represent a single action that a user can perform in a business application, such as generating a purchase order in a finance application.

Directory Mapping

An administrator can possibly need to manage users whose profiles exist in a different user store from the one that is used for authenticating the administrator. When logging in to the CA IdentityMinder Environment, the administrator is authenticated using one directory and a different directory to authorize the administrator to manage users.

When CA IdentityMinder integrates with CA SiteMinder, you can configure a CA IdentityMinder Environment to use different directories for authentication and authorization.

Skins for Different Sets of Users

A skin changes the look of the User Console. When CA IdentityMinder integrates with CA SiteMinder, you can enable different sets of users to see different skins. To accomplish this change, you use a SiteMinder response to associate a skin with a set of users. The response is paired with a rule in a policy, which is associated with a set of users. When the rule fires, it triggers the response to pass information about the skin to CA IdentityMinder, to build the User Console.

Note: For more information, see the User Console Design Guide.

Locale Preferences for a Localized Environment

When CA IdentityMinder integrates with CA SiteMinder, you can define locale preference to a user using an imlanguage HTTP header. In the SiteMinder Policy Server, you set this header within a SiteMinder response and specify a user attribute as value of the header. This imlanguage header acts as the highest priority locale preference for a user.

Note: For more information, see the User Console Design Guide.

More Information:

Collect User Credentials Using a Custom Authentication Scheme

Installation with SiteMinder Policy Server