Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Siteminder Request Flow

Behind the request to a server protected by siteminder

2 modes for deploying siteminder

  1. proxy server
  2. agent configuration - install software on the web server

What happens when user raises a request

The following steps occur when a user tries to access a protected resource on a web server configured to use SiteMinder authentication:

  1. The user requests a resource on the server via http connection.
  2. while web server receive the request, it will interrupted by SiteMinder web agent.
  3. The web agent determines whether or not the resource is protected, and if so, gathers the user’s credentials and passes them to the Policy server.
  4. The Policy server authenticates the user and verifies whether or not the authenticated user is authorized for the requested resource, based on rules and policies contained in the Policy store.
  5. After the user is authenticated and authorized, the Policy server grants access to the protected resources.

<img src='http://www.codeproject.com/KB/IP/SiteminderHttpWebRequest/smfig1.jpg' alt=‘Request Flow' />

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.