This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
WEB Access Management
WEB Access Management

Version management

Difference between version and

At line 1 added 40 lines
!!! Overview[1]
[{$pagename}] ([WAM]) is a form of an [Access Control Service] designed to specifically handle [web] [resources] and typically providing:
* [Authentication] management
* [Authorizations]
* [Audit And Reporting Services]
* [Single Sign On|Single Sign-On] convenience.
* [Password Management]
* [Federated Identity]
Anyone considering [{$pagename}] should seriously consider using [OAuth 2.0] / [OpenID Connect] / [User-Managed Access]
!! Architectures
There are two basic different types of architectures when it comes to web access management architectures
* plug-in (or [WEB Agents WAM])
* [Proxy-Based WAM]
* [Hybrid WAM]
!! [WEB Agents WAM]
[WEB Agents WAM] are programs that are installed on every web/application server, register with those servers, and are called at every request for a web page. The WEB Agent intercept the request and communicate with an external [policy] server to make [policy] decisions. One of the benefits of a plugin (or agent) based architecture is that they can be highly customized for unique needs of a particular web server. One of the drawbacks is that a different plugin is required for every web server on every platform (and potentially for every version of every server). Further, as technology evolves, upgrades to agents must be distributed and compatible with evolving host software.
!! [Proxy-Based WAM]
[Proxy]-based architectures differ in that all web requests are routed through the proxy server to the back-end web/application servers. This can provide a more universal integration with web servers since the common standard protocol, HTTP, is used instead of vendor-specific application programming interfaces (APIs). One of the drawbacks is that additional hardware is usually required to run the proxy servers.
!! [Hybrid WAM]
Then of course there are the solutions which provide both the [WEB Agents WAM] and [Proxy-Based WAM].
!! [Identity Broker]
Most full featured Solution provide an ability to provide [Identity Broker] services.
!! Examples
Solutions like CA [SiteMinder] typify the agent-based approach - although [CA] [SiteMinder] now offers a [Proxy-Based WAM] option.
maXecurity from P2 Security employs a proxy approach.
[NetIQ Access Manager|NAM Access Manager], Ping Identity's [PingAccess|Ping Identity] and [OpenAM] solutions offers the ability to do [Hybrid WAM] where either they utilize either [WEB Agents WAM] or [Proxy-Based WAM].
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [Web access management|Wikipedia:Web_access_management|target='_blank'] - based on information obtained 2015-05-25
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop