Policy Server Guides › Policy Server Configuration Guide › CA SSO/WAC Integration › SiteMinder and CA SSO Integration Architectural Examples › User Accesses eTrust WAC-Protected Resource Before SiteMinder
User Accesses eTrust WAC-Protected Resource Before SiteMinder
The following example illustrates a user accessing a WAC-protected resource before SiteMinder.
Note: The example assumes the environment is using a IIS6 WAC Agent. An IIS6 WAC Agent is the only platform that the following example supports.
- The user tries to access an CA SSO-protected resource and the eTrust WAC Web Agent intercepts the request. The user provides the Agent with authentication credentials.
- The Web Agent forwards the credentials to the CA SSO Policy Server for validation.
- The CA SSO Policy Server makes sure that the user's credentials are valid in the user store.
- The CA SSO Policy Server forwards the user's eTrust SSO Web credentials to the eTrust WAC Web Agent.
- The eTrust WAC Web Agent sets the user's CA SSO Web authentication cookie in the Web browser.
- The user tries to access a SiteMinder-protected resource and the SiteMinder Web Agent/Secure Proxy Server intercepts the request.
- The SiteMinder Web Agent/Secure Proxy Server forwards the user's CA SSO Web authentication credentials to the SiteMinder Policy Server.
- The SiteMinder Policy Server forwards the user's CA SSO Web authentication credentials to the eTrust SSO Policy Server.
- The CA SSO Policy Server validates the user's CA SSO Web authentication credentials and forwards the user name back to the SiteMinder Policy Server.
- The SiteMinder Policy Server verifies the returned user name in the SiteMinder user store, then issues a corresponding SiteMinder cookie and returns it to the SiteMinder Web Agent/Secure Proxy Server.
- The SiteMinder Web Agent/Secure Proxy Server sets the SiteMinder cookies in the user's browser and allows the user to access the requested resource.