|
|
|
SOA Security Manager requires that you configure core SOA Security Manager policy objects in a specific order. The following diagram lists this order, where shaded items represents objects that affect performance during user authentication or authorization.
Note: The Host Configuration Object (HCO) and Agent Configuration Object (ACO) affect the performance of your Web tier.
You can improve or degrade performance during authentication and authorization in the way you configure applications.
An application is a Policy Server object that defines a complete security policy for one or more related web services. Applications associate web service resources with user roles to specify entitlement policies that determine what web service users can access what web service application resources.
When you create an application, you bind it to one or more user directory connections against which the Policy Server attempts to authenticate users. Therefore, the number of directory connections, and order in which they are listed, directly affects SOA Security Manager performance during authentication.
The number of web service ports and operations defined as protected resources in an application correlates to SOA Security Manager performance during authorization.
Resources can be bound to one or more responses. When a resource is accessed, the associated response returns information to a SOA Agent, such as user attributes, DN attributes, static text, or customized active responses. Responses can also be used to instruct a SOA Agent to generate WS-Security headers and SAML Session Tickets. The types of responses you bind to web service resources directly correlate to SOA Security Manager performance during authorization.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |