Authorization access is defined by the SiteMinder administrator in policy expressions, using graphical tools rather than application code. There is no need to integrate and reconcile backend business applications' access control information, because that information is centralized in the SiteMinder Policy Server.
Defining access control to secure resources is based on local user information and incoming information, such as the amount of a purchase order placed by the user.
Web browser forms data, user-context data (stored locally in the Policy Server), and remote data (obtained through a service bureau) can be flexibly combined in policy expressions.
There is no need to go back to a backend business application each time authorization is needed to access a protected resource.
eTelligent Rules use a standard XML protocol to communicate with trusted service bureaus, thus increasing the choice of web services providers.
Policy expressions are defined by SiteMinder security administrators, using variables together with logical operators.
Due to the use of policy expressions based on logic, fewer policies are necessary, thus keeping policy administration to a minimum.
Copyright © 2010 CA. All rights reserved. | Email CA about this topic |