SiteMinder r12.0 introduced the EPM application. EPM is an applicationcentric access management model. EPM presents access management in the context of securing an application.
To protect an application, you are only required to provide data for configuration settings that do not have defaults. Modifying other settings is optional, and although not required, you can manage additional SiteMinder settings to modify EPM settings beyond the default settings to define more finegrained protection.
If you are familiar with the core SiteMinder objects, there is a relationship between the applicationoriented concepts and the underlying SiteMinder components. The following table summarizes this relationship.
Application Dialogs and Group Boxes |
Underlying SiteMinder Component |
---|---|
General settings |
Defines the SiteMinder policy domain and the root location of the protected resources. |
Components |
Defines the realm and the location of the resources within the application that share the same security requirements. |
Resource |
Specifies the rule and the required authentication or authorization actions. |
Application Roles |
Replaces the function of user directory lookups. |
Unlike a SiteMinder policy object, you do not have to create the individual domain, realm, and rule objects. When you create the application, SiteMinder creates the objects automatically and binds them to identify resources, user populations, and the required actions when SiteMinder grants or denies access to the resource. As such, configuring an application does not require an understanding of these core objects.
Note: For more information about EPM applications, see the Policy Server Configuration Guide.
Copyright © 2010 CA. All rights reserved. | Email CA about this topic |