A SiteMinder environment includes multiple components. Some components are required to secure resources, while others are optional, or only required to implement specific features. These components work with the resources, applications, directories, and databases in your organization to provide secure access to resources in your enterprise network.
All SiteMinder components are supported on a number of operating environments. Your SiteMinder implementation is highly dependent on the environment to which you are deploying it. Your implementation does not have to reflect the following diagram. Rather, the purpose of the following diagram is to illustrate the major components in a SiteMinder environment and their general relationships with each other.
Use the previous diagram and the following component descriptions as a resource when considering the architectural questions detailed in this guide.
(Required) A SiteMinder Policy Server (Policy Server) acts as the Policy Decision Point (PDP). The purpose of the Policy Server is to evaluate and enforce access control policies, which it communicates to a SiteMinder Agent. A Policy Server provides the following:
The Policy Server interacts with all other major components to perform these tasks.
(Required) A SiteMinder Agent can reside on a web server, a J2EE application server, an Enterprise Resource Planning (ERP) system, or custom application. An Agent acts as the Policy Enforcement Point (PEP), intercepting user requests for resources and communicating with a Policy Server to determine if the resource is protected.
If the resource is not protected, the Agent allows access. If the resource is protected, the Agent continues to communicate with the Policy Server to authenticate and authorize users. A successful authorization prompts the Agent to let the resource request proceed to the server. Agents also:
|
Copyright © 2012 CA.
All rights reserved.
|
|