What Access Manager Does

When an enterprise user or an external application tries to access content stored on a company’s server, an Access Manager policy agent intercepts the request and directs it to the Access Manager server. Access Manager then asks the user to present credentials such as a username and password. If the credentials match those stored in the appropriate identity repository, Access Manager determines that the user’s credentials are authentic.

Following authentication, the Access Manager policy agent evaluates the policies associated with the user’s identity to determine authorization to access the requested content. Policies are created using Access Manager and identify which users (or groups of users) are allowed to access a particular resource, specifying the conditions under which this authorization is valid. Based upon the policy evaluation results, the policy agent either grants or denies the user access to the information. Figure 1–1 below illustrates one way Access Manager can be configured to act as the gatekeeper to a company’s information resources.

Figure 1–1 Access Manager as Gatekeeper to a Company's Enterprise Resources