You use infrastructure objects throughout a SiteMinder deployment. Infrastructure objects include connections to existing user directories, administrators, Agents, authentication schemes, registration schemes, and password policies.
Infrastructure objects include:
An Agent is installed on Web servers, application servers, or other network entities to secure access to resources. Once an Agent is installed on a server, you must configure a SiteMinder object for the Agent in the Administrative UI.
An Agent group is a Policy Server object that points to a group of Agents. The Agents in the group can be installed on different servers, but all of the Agents protect the same resources. Typically Agent groups are configured in SiteMinder for groups of servers that distribute the workload for access to a popular set of resources.
An Agent Configuration Object holds configuration parameters for one or more Web Agents.
A Host Configuration Object holds configuration parameters for the Trusted host.
A user directory in SiteMinder is an object that contains details for connecting to an existing user directory that is external to SiteMinder. User directory connections let you configure a connection to an existing user directory, instead of replicating user information within SiteMinder.
A policy domain is a logical grouping of one or more user directories, administrators, and realms. This Policy Server object is the basis for entitlement data. By creating policy domains, an administrator creates a container for entitlements that surround a particular groups of resources (realm), as well as the users who may access the resources, and the administrator who sets up entitlements.
An affiliate domain is a logical grouping of SAML affiliates associated with one or more user directories and administrators.
Note: An affiliate domain must be created using the Federation Security Services Administrative User Interface. More information on affiliate domains exists in the Federation Security Services Guide.
An administrator is an object that contains profile information for a SiteMinder administrator account. Everyone who logs into SiteMinder is considered an administrator. The privileges and activities of an administrator account vary by administrative role.
An authentication scheme is a Policy Server object that determines the credentials a user will need to access a protected resource. Authentication schemes are assigned to realms. When a user tries to access a resource in a realm, the authentication scheme of the realm determines the credentials that a user must supply in order to access the resource.
A registration scheme is a Policy Server object that allows users to register themselves for access to a group of resources on a network and administrators to manage registered users. Registration schemes simplify the task of managing a large user database.
An Agent Type is a Policy Server object that defines the actions and response attributes supported by a type of Agent, such as Web, Affiliate, RADIUS, or custom.
A SQL Query Scheme is an object that stores SiteMinder SQL queries. These queries are used to retrieve information, such as a list of user groups, from relational databases used as SiteMinder user directories.
Password policies are Policy Server objects that contain rules for passwords, including expiration dates, constraints, and composition requirements.
A SAML affiliation is a group of SAML 2.0 entities that share a name identifier for a single principal.
Note: A SAML affiliation must be created using the Federation Security Services Administrative User Interface. More information on SAML affiliations exists in the Federation Security Services Guide.
A Trusted Host object represents the client component that connects to the Policy Server.
Copyright © 2010 CA. All rights reserved. | Email CA about this topic |