Access Manager creates a special and proprietary branch in a data store such as an LDAP directory for storing realm configurations, authentication properties, and authorization policies. This directory can be different from the directory hosting the Access Manager Identity Repository. Together the realms form the Access Manager information tree. The Access Manager information tree is separate from the user branch in the Identity Repository.
Access Manager components and plug-ins access the data stored in the Access Manager information tree, and use data for various purposes. The following are some examples:
Policy runtime accesses policy data for policy evaluation.
Identity Repository plug-in finds configuration information for data stores.
Authentication Service finds authentication configuration information.