Policy Server Guides › Policy Server Configuration Guide › Responses and Response Groups › How SiteMinder Processes Responses

How SiteMinder Processes Responses

The following diagram illustrates how SiteMinder uses responses when processing a user's request for resources.

In the previous diagram, SiteMinder processes responses using the following steps:

1. A user requests a resource that is protected by a SiteMinder Agent.

   The In Buffer represents the Web Server buffer where the requested URL, Post data or query strings reside during Web Server processing.

2. The SiteMinder Agent intercepts requests for protected resources, and communicates with the Policy Server to authenticate and authorize the user.

   Part of the authentication process binds the user to a record in a user directory.

3. The Policy Server uses the binding to retrieve attributes specified in a SiteMinder response from the user's entry in the user directory.
4. The Policy Server passes user attributes specified in the response back to the Web Agent.
5. The attributes returned to the Web Agent may be used by a servlet or application that has been customized to use the attributes specified in the response.

   The servlet or application executes its processes and passes its results to the Web Server.

6. The Web Server's Out Buffer contains the resulting information that must be returned to the user.
7. The Web Agent adds any SiteMinder specific information to the Web Server's Out Buffer.

   The Web Agent may pass any of the following to the Out Buffer: SiteMinder cookies, URLs for redirection, and successful /unsuccessful authentications or authorizations.

8. The Web Server passes the contents of the Out Buffer to the user.