Skip to content

Instantly share code, notes, and snippets.

@villadora

villadora/siteminder.md

Created July 11, 2012 02:52
Show Gist options
  • Star 2 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save villadora/3087683 to your computer and use it in GitHub Desktop.
Save villadora/3087683 to your computer and use it in GitHub Desktop.
Download ZIP
Siteminder Request Flow
Raw
siteminder.md

Behind the request to a server protected by siteminder

2 modes for deploying siteminder

  1. proxy server
  2. agent configuration - install software on the web server

What happens when user raises a request

The following steps occur when a user tries to access a protected resource on a web server configured to use SiteMinder authentication:

  1. The user requests a resource on the server via http connection.
  2. while web server receive the request, it will interrupted by SiteMinder web agent.
  3. The web agent determines whether or not the resource is protected, and if so, gathers the user’s credentials and passes them to the Policy server.
  4. The Policy server authenticates the user and verifies whether or not the authenticated user is authorized for the requested resource, based on rules and policies contained in the Policy store.
  5. After the user is authenticated and authorized, the Policy server grants access to the protected resources.

<img src='http://www.codeproject.com/KB/IP/SiteminderHttpWebRequest/smfig1.jpg' alt=‘Request Flow' />

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment