Published on
12,484 Points
4 Endorsements
Last Modified:
This article briefs you about siteminder and its various tools available for integration with your web applications. This is just an overview to know about siteminder tools. There are lot of documentation available in the CA Netigrity website (Reference section below).  

The web user can securely access the web application using Siteminder API. Only a validated user can navigate through the web application.  Integration of authentication and authorization with the web application can be easily achieved using Siteminder tools.

How it works?
The siteminder consists of set of tools which help in securing the website and also used for Authentication & authorization of the web application.

The main 2 components of the siteminder are
1.      Webagent
2.      Policy Server.

The webagent acts as a proxy between your browser and the web server, any request that comes to the webserver is filtered, validated before the request is forwarded to the webserver. The authentication and authorization is performed using Siteminder Policy server.

Siteminder Webagent
Siteminder webagent is used to filter all the http request that comes from the web browser to the webserver. The webagent secures the webserver to make sure only validated user is allowed to the view the web application.

Policy Server
The siteminder webagent uses the site minder policy server for Authentication & Authorization. The siteminder policy server in turn communicates to either LDAP or Database for source data.

The below diagram shows the siteminder interaction with webapp:
Siteminder integration

Siteminder SDK
Siteminder also provides API to directly talk to the policy server. This is particularly useful when we do not want to depend on webagent rather directly communicate to the policy server for Authentication & Authorization. Siteminder Policy server exposes couple of API for direct communication.

Some of the API are:
1.      Policies
2.      Realms
3.      Responses and response groups
4.      Response attributes
5.      Rules and rule groups
6.      User policies

The below diagram shows the siteminder SDK interaction:
Siteminder SDK
The general recommendation is to use the siteminder with the webagent. Accessing using SDK needs more programming on the policy server API. The API calls needs to be updated if there are any SDK version changes.

CA Siteminder Website

To access the above url, you need to register yourself in their website. Free registration will allow you to access all their documentation. Worth spending couple of minutes!!

Featured Post

Cloud Class® Course: Amazon Web Services - Basic

Are you thinking about creating an Amazon Web Services account for your business? Not sure where to start? In this course you’ll get an overview of the history of AWS and take a tour of their user interface.

Join & Write a Comment

Use Wufoo, an online form creation tool, to make powerful forms. Learn how to selectively show certain fields based on user input using rules to gather relevant information and data from your forms. The rules feature provides you with an opportunity…
Use Wufoo, an online form creation tool, to make powerful forms. Learn how to choose which pages of your form are visible to your users based on their inputs. The page rules feature provides you with an opportunity to create if:then statements for y…

Keep in touch with Experts Exchange

Tech news and trends delivered to your inbox every month