SiteMinder consists of two core components:
The Policy Server provides policy management, authentication, authorization, and accounting.
Integrated with a standard Web server or application server, SiteMinder Agents enable SiteMinder to manage access to Web applications and content according to predefined security policies.
How CA SiteMinder Works:
The process for securely accessing web applications:
1. User attempts to access a protected resource.
2. User is challenged for credentials and presents them to the CA SiteMinder web agent or to the Secure Proxy Server.
3. The user’s credentials are passed to the Policy Server.
4. The user is authenticated against the appropriate user store.
5. The Policy Server evaluates the user’s entitlements and grants access.
6. User profile and entitlement information is passed to the application.
7. The user gets access to the secured application, which delivers customized content.