Tuesday, May 23, 2017

Overview of SiteMinder

Agenda
  • Overview of SiteMinder
  • SiteMinder in Application Architecture
  • How SiteMinder works
  • SiteMinder Administration
  • What developers need to know
Overview of SiteMinder Overview
  • SiteMinder is a centralized Web access management system.
      • Authentication
      • Authorization
      • Auditing
      • Administration
Overview
    • Access is almost always tied to Identity , hence the commonly used term Identity and Access Management
    • SiteMinder provides Access Management and not Identity Management
SiteMinder in Application Architecture



SiteMinder in Application Architecture

  • Users
  • Secure Proxy Server
  • Destination Server
  • Policy Server
  • Web Server
  • Agent
  • Secured Applications
  • User and Entitlement Stores
SiteMinder in Architecture
  • Agent based / Proxy based SiteMinder configuration
  • Agent based is typical for distributed access management
  • Proxy based configuration is typical for centralized access management
  • A combined approach allows for a flexible and very secure access management system
SiteMinder in Architecture



 How Site Minder works?




User Accesses a web resource Agent finds the Resource protected User shown The Login page Authentication Info passed to Policy Server User given access To resource

SiteMinder Administration


  • Web Server Configuration
o   SiteMinder Host
§  Configure the SiteMinder Policy Server with the host machine.

§  A secure handshake between the Policy Server and host machine happens with the help of a secret key

o   Web Agent
§  Web Agent Configuration helps configure the agent to the Web server used
SiteMinder Administration
  • Demonstration
  • SiteMinder Web Configuration
SiteMinder Administration
  • SiteMinder Policy Server Configuration
      • Agent
      • Agent Configuration Objects
      • Host Configuration Objects
      • Administrator
      • Domain
      • User Directory
      • Realm
      • Authentication Scheme
      • Rules
      • Responses
      • Policies
SiteMinder Administration
  • Demonstration
  • SiteMinder Policy Server Configuration
SiteMinder Administration
  • Realm = Resource
  • Rule = Resource + Access
  • User = Role
  • Response = Result
  • Policy = User + Rule + Response
What developers need to know What developers need to know
  • The web application need not have any login page.
  • SiteMinder provides a common Login page that can be personalized
  • Dim smColl As NameValueCollection = HttpContext.Current.Request.Headers
  • lblUserID.Text = smColl( "HTTP_SMUSER" )
  • All information contained in the SiteMinder header can be seen in the below link https://www.portal.beta.state.pa.us/portal/sso/showheaders.aspx
Demonstration
  • Demonstration
  • Sample Web Application protected
  • by SiteMinder
Summary
  • SiteMinder as centralized web access management system with quad-A services
  • Identity vs Access Management
  • SiteMinder in some typical Application Architecture
  • How SiteMinder works
  • SiteMinder Web Server configuration (agent & host configuration)
  • SiteMinder Policy Server configuration
  • What developers need to know (login page and code)


at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)