|
|
|
Standard SiteMinder policies are created in the context of a single policy domain. However, large production environments may contain thousands of domains. In this type of environment it can be useful to define types of behavior (represented by policies) that are common for many domains. Using standard policies, the same policy must be recreated for each domain that requires the same behavior. Global policies allow you to configure policies (and their associated rules and responses) as system level objects, that are applied across all domains.
The following terms are used for discussing global policies:
An access rule allows or denies access to a resource. Global policies do not include access rules. Only event rules may be added to global policies.
An event rule is invoked when an authentication or authorization event occurs. Behaviors that are commonly implemented across all domains are associated with event rules, and may be included in global policies.
A policy which is defined as a system object.
A rule which is defined as a system object.
A response which is defined as a system object.
A logical entity used for policy definition. It consists of a rule- response pair. A policy may contain one or more policy links.
| Copyright © 2010 CA. All rights reserved. | Email CA about this topic |