Previous Topic: Configuration Considerations

Next Topic: Multiple Data Centers

Security Zones

Security Zones are groups of resources in a single cookie domain that a SiteMinder Web Agent protects. Users authenticate once, and can then access other resources in the zones (for which they are authorized) without being rechallenged.

Without Security Zones, users could possibly be challenged each time they access a protected resource in the same cookie domain; even if they have previously been authenticated by SiteMinder for another resource in the cookie domain. The following illustration shows an example:

Without SSO Security Zones, users must authenticate for each time they access a resource, even if they've used it previously in the same session.

Consider implementing Security Zones in the following situations:

The following illustration shows how Security Zones can be used so that only a single log in allows a user access to resources in Security Zones 1 and 3, but prevents access to unauthorized resources in Security Zone 2:

SSO Security Zones Example Showing Authenticated User in One Domain Has Access to Zones 1 and 3 but not Zone 2

Note: For more information, see the Web Agent Configuration Guide.


Copyright © 2010 CA. All rights reserved. Email CA about this topic