Previous Topic: SiteMinder Policy

Next Topic: Identify the Applications to Secure

EPM Application

SiteMinder r12.0 introduced the EPM application. EPM is an application–centric access management model. EPM presents access management in the context of securing an application.

To protect an application, you are only required to provide data for configuration settings that do not have defaults. Modifying other settings is optional, and although not required, you can manage additional SiteMinder settings to modify EPM settings beyond the default settings to define more fine–grained protection.

If you are familiar with the core SiteMinder objects, there is a relationship between the application–oriented concepts and the underlying SiteMinder components. The following table summarizes this relationship.

Application Dialogs and Group Boxes

Underlying SiteMinder Component

General settings

Defines the SiteMinder policy domain and the root location of the protected resources.

Components

Defines the realm and the location of the resources within the application that share the same security requirements.

Resource

Specifies the rule and the required authentication or authorization actions.

Application Roles

Replaces the function of user directory lookups.

Unlike a SiteMinder policy object, you do not have to create the individual domain, realm, and rule objects. When you create the application, SiteMinder creates the objects automatically and binds them to identify resources, user populations, and the required actions when SiteMinder grants or denies access to the resource. As such, configuring an application does not require an understanding of these core objects.

Note: For more information about EPM applications, see the Policy Server Configuration Guide.


Copyright © 2010 CA. All rights reserved. Email CA about this topic