Realms

A realm is a Policy Server object that identifies a group of resources. Realms typically define a directory or folder and possibly its subdirectories.

Rules

A rule is a Policy Server object that identifies a resource and the actions that will be allowed or denied for the resource. Rules can also include actions associated with specific events, such as what to do if a user fails to authenticate correctly when asked for their credentials.

Rule Groups

A rule group is a Policy Server object that contains multiple rules. Rule groups are used to tie together different rules that will be used in a single policy.

Responses

A response is a Policy Server object that determines a reaction to a rule. Responses are included in policies, and take place when a rule is triggered.

Response Groups

A response group is a Policy Server object that contains a logical grouping of responses. Response groups are most often used when many responses will be included in a policy.

Policies

A policy is a Policy Server object that binds users, rules, responses, and optionally, time restrictions and IP address restrictions together. Policies establish entitlements for a SiteMinder protected entity. When a user attempts to access a resource, the policy is what SiteMinder ultimately uses to resolve the request.

Variables

A variable is an object that can be resolved to a value which you can incorporate into the authorization phase of a request. The value of a variable object is the result of dynamic data and is evaluated at runtime.

Affiliates

An affiliate object binds users, and optionally, time restrictions and IP address restrictions together. It also contains configuration data and a list of user entitlement attributes to be passed to an affiliate after a user is authenticated. For more information, the Federation Security Services Guide.

This system object is only available if the SiteMinder Option Pack v6.0 SP 3/4 for the Policy Server is installed on the Policy Server.