Web Agent Guides › Web Agent Configuration Guide › Authenticate Users with Forms › How Credential Collectors Process Requests

How Credential Collectors Process Requests

When a user requests a resource protected by a Web Agent and a credential collector, SiteMinder processes the request as follows:

Note: This process applies only to FCC, SFCC, SCC, and NTC collectors. It does not apply to the cookie provider for single sign-on.

1. A user makes a request for a protected resource.
2. The Web Agent protecting that resource contacts the Policy Server and finds out that resource is protected by a forms, an advanced SSL, or an Windows authentication scheme.
3. The Web Agent redirects the user to the appropriate credential collector, adding query data, including the target resource and its encrypted Agent name to the URL of the credential collector.
4. One of the following occurs:
   • The FCC displays the form and collects the user credentials
   • if no certificate is available, the SFCC displays the form and collects the user credentials.
   • The SCC collects the user credentials.
   • The NTC collects the user’s NT credentials
5. The credential collector logs the user directly into the Policy Server. The Policy Server then creates a session.
6. The credential collector writes a session cookie to the user’s browser and redirects the user back to the original Web Agent.
7. The Web Agent validates the session and permits the user access to the resource.

The r5.x, r6.x and r12 credential collectors operate differently from 4.x credential collectors. In a "mixed environment" that contains 4.x and higher Agents, you must consider how to configure an r5.x, r6.x or r12 credential collector so it can communicate with a 4.x Web Agent.

Note: For more information about SSL Authentication Schemes, see the Policy Server documentation.