Published on

Published in: Technology


  1. 1. SiteMinder Presented by Joel Dennison Software Engineering Roundtable March 11, 2009
  2. 2. Agenda <ul><li>Overview of SiteMinder </li></ul><ul><li>SiteMinder in Application Architecture </li></ul><ul><li>How SiteMinder works </li></ul><ul><li>SiteMinder Administration </li></ul><ul><li>What developers need to know </li></ul>
  3. 3. Overview of SiteMinder
  4. 4. Overview <ul><li>SiteMinder is a centralized Web access management system. </li></ul><ul><ul><ul><li>Authentication </li></ul></ul></ul><ul><ul><ul><li>Authorization </li></ul></ul></ul><ul><ul><ul><li>Auditing </li></ul></ul></ul><ul><ul><ul><li>Administration </li></ul></ul></ul>
  5. 5. Overview <ul><ul><li>Access is almost always tied to Identity , hence the commonly used term Identity and Access Management </li></ul></ul><ul><ul><li>SiteMinder provides Access Management and not Identity Management </li></ul></ul>
  6. 6. SiteMinder in Application Architecture
  7. 7. SiteMinder in Architecture
  8. 8. SiteMinder in Architecture <ul><li>Users </li></ul><ul><li>Secure Proxy Server </li></ul><ul><li>Destination Server </li></ul><ul><li>Policy Server </li></ul><ul><li>Web Server </li></ul><ul><li>Agent </li></ul><ul><li>Secured Applications </li></ul><ul><li>User and Entitlement Stores </li></ul>
  9. 9. SiteMinder in Architecture <ul><li>Agent based / Proxy based SiteMinder configuration </li></ul><ul><li>Agent based is typical for distributed access management </li></ul><ul><li>Proxy based configuration is typical for centralized access management </li></ul><ul><li>A combined approach allows for a flexible and very secure access management system </li></ul>
  10. 10. SiteMinder in Architecture
  11. 11. How SiteMinder works?
  12. 12. How SiteMinder works? User Accesses a web resource Agent finds the Resource protected User shown The Login page Authentication Info passed to Policy Server User given access To resource
  13. 13. Test Questions <ul><li>What are the two Access Control Strategies? </li></ul><ul><ul><ul><li>Agent-based strategy </li></ul></ul></ul><ul><ul><ul><li>Proxy-based strategy </li></ul></ul></ul>
  14. 14. SiteMinder Administration
  15. 15. SiteMinder Administration
  16. 16. SiteMinder Administration <ul><li>Web Server Configuration </li></ul><ul><ul><ul><ul><li>SiteMinder Host </li></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>Configure the SiteMinder Policy Server with the host machine </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>A secure handshake between the Policy Server and host machine happens with the help of a secret key </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><li>Web Agent </li></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>Web Agent Configuration helps configure the agent to the Web server used </li></ul></ul></ul></ul></ul>
  17. 17. SiteMinder Administration <ul><li>Demonstration </li></ul><ul><li>SiteMinder Web Configuration </li></ul>
  18. 18. SiteMinder Administration <ul><li>SiteMinder Policy Server Configuration </li></ul><ul><ul><ul><ul><li>Agent </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Agent Configuration Objects </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Host Configuration Objects </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Administrator </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Domain </li></ul></ul></ul></ul><ul><ul><ul><ul><li>User Directory </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Realm </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Authentication Scheme </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Rules </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Responses </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Policies </li></ul></ul></ul></ul>
  19. 19. SiteMinder Administration <ul><li>Demonstration </li></ul><ul><li>SiteMinder Policy Server Configuration </li></ul>
  20. 20. SiteMinder Administration <ul><li>Realm = Resource </li></ul><ul><li>Rule = Resource + Access </li></ul><ul><li>User = Role </li></ul><ul><li>Response = Result </li></ul><ul><li>Policy = User + Rule + Response </li></ul>
  21. 21. Test Questions <ul><li>What are the two configurations that are needed in the Web server in a Agent-based SiteMinder deployment? </li></ul><ul><ul><ul><ul><ul><li>SiteMinder Host Configuration </li></ul></ul></ul></ul></ul><ul><ul><ul><ul><ul><li>Agent Configuration </li></ul></ul></ul></ul></ul>
  22. 22. What developers need to know
  23. 23. What developers need to know <ul><li>The web application need not have any login page. </li></ul><ul><li>SiteMinder provides a common Login page that can be personalized </li></ul><ul><li>Dim smColl As NameValueCollection = HttpContext.Current.Request.Headers </li></ul><ul><li>lblUserID.Text = smColl( &quot;HTTP_SMUSER&quot; ) </li></ul><ul><li>All information contained in the SiteMinder header can be seen in the below link </li></ul>
  24. 24. Demonstration <ul><li>Demonstration </li></ul><ul><li>Sample Web Application protected </li></ul><ul><li>by SiteMinder </li></ul>
  25. 25. Test Questions <ul><li>Match the items in the left to the items in the right </li></ul><ul><ul><li>1. User Result </li></ul></ul><ul><ul><li>2. Policy Resource </li></ul></ul><ul><ul><li>3. Realm Resource + Access </li></ul></ul><ul><ul><li>4. Response User + Rules + Responses </li></ul></ul><ul><ul><li>5. Rule Role </li></ul></ul>
  26. 26. Summary <ul><li>SiteMinder as centralized web access management system with quad-A services </li></ul><ul><li>Identity vs Access Management </li></ul><ul><li>SiteMinder in some typical Application Architecture </li></ul><ul><li>How SiteMinder works </li></ul><ul><li>SiteMinder Web Server configuration (agent & host configuration) </li></ul><ul><li>SiteMinder Policy Server configuration </li></ul><ul><li>What developers need to know (login page and code) </li></ul>
  27. 27. Questions? Feel free to ask any questions. Thank You