A policy binding is the method used to link a user with a policy. The Policy Server only resolves policies for users who are part of a policy binding created by the users or groups contained in a policy.
Before the Policy Server can resolve a user's attempt to access a protected resource, the user must be authenticated. When SiteMinder authenticates a user, it establishes a context for the user. The user context provides information about who the user is and what privileges the user has when accessing resources.
For example, if a user is part of the group in a user directory called Employees, when the user authenticates, the Policy Server creates a policy binding for the user's membership in the group Employees. When the user attempts to access a resource protected by a rule in a policy that allows access for Employees group members, the user's policy binding allows SiteMinder to authorize the user.
Copyright © 2010 CA. All rights reserved. | Email CA about this topic |