Policy Server Guides › Policy Server Configuration Guide › User Sessions › Windows User Security Context

Windows User Security Context

In a Windows network, a security context defines a user's identity and authentication information. Web applications such as Microsoft Exchange Server or SQL Server need a user's security context to provide native security in the form of Microsoft's access control lists (ACLs) or other access control tools.

Note: In a Windows security context, the user store must be Active Directory (AD).

The SiteMinder Web Agent can provide a Windows user security context for accessing Web resources on IIS Web servers (Windows 2000 platforms). By establishing a user's security context, the server can use this identity to enforce access control mechanisms.

By providing a Windows user security context, SiteMinder offers the following benefits:

• Two levels of security

  You can protect Web resources using all of SiteMinder's capabilities with the additional benefit of working with Microsoft's own security tools to protect applications.

• The Web Agent can communicate with a variety of Web browsers and still provide a Windows security context.

  SiteMinder can work with Internet Explorer and Netscape Web browsers; it is not restricted to Internet Explorer.

• The Agent can collect user credentials over SSL connections, then allow subsequent requests over non-SSL connections. SiteMinder combines this mechanism for credential collection with the Windows security context when permitting access to Web resources.
• SiteMinder can implement single sign-on using forms-based authentication, and pass on a user's identity to back office applications.

  Microsoft does not provide general purpose forms credential collection.