|
|
|
The SiteMinder Agent provides a SiteMinder-based access control solution for WebLogic Server by implementing the following security provider modules:
Validates sessions and obtains user credentials from resource requests.
Validates user credentials obtained by the SiteMinder Identity Asserter or WebLogic authentication against associated user directories configured in SiteMinder. The SiteMinder Authentication Provider cannot validate credentials obtained from other Identity Asserters.
Determines group membership using the SiteMinders DMS and Identity Manager APIs and populates the subject with a principal for each group returned. Also, returns group membership to the WebLogic Server by using SiteMinder HTTP header responses from the Policy Server.
Provides SiteMinder policy-based access decisions based for WebLogic resources.
Provides the final access decision based on decisions made by all authorization providers configured in a WebLogic domain. Resolves any authorization conflicts that occur if authorization providers are configured in addition to the SiteMinder Authorization Provider.
Together, the SiteMinder Agent security provider modules establish a comprehensive trust relationship between the WebLogic Server and SiteMinder.
| Copyright © 2010 CA. All rights reserved. | Email CA about this topic |