After granting or denying access to a resource, Access Manager checks for information about where to redirect the user. A specific order of precedence is used when checking this information. The order is based on whether the user was granted or denied access to the protected resource, and on the type of authentication specified. When you install Access Manager, a number of authentication types are automatically configured for you. Following is a list of authentication type configurations. For more information, see Authentication Types in Sun Java System Access Manager 7.1 Administration Guide.
User authenticates to a realm or subrealm in the Access Manager information tree.
User authenticates to a role within a realm or subrealm of the directory information tree. A role is a grouping of like items in the repository. A static role is created when an attribute is assigned to a specific user or container. A filtered role is dynamically generated based on an attribute contained in the a user’s or container’s entry. For example, all users that contain a value for the employee attribute can be automatically included in a filtered role named employees.
User authenticates to a specific service or application registered to a realm or subrealm.
User authenticates using an authentication process configured specifically for him or her.
Administrator specifies the security level of the modules to which identities can authenticate.
User specifies the module instance to which the user will authenticate.
User authenticates to an organization or suborganization.
This authentication type only applies to Access Manager when installed in Legacy mode.