SaFi Bank Space : ForgeRock Integration and Documentation

Web Agent is an Access Management add-on component that operates as a Policy Enforcement Point (PEP) or policy agent for applications deployed on a Java container.

Web Agents intercept inbound requests to applications. Depending on the filter mode configuration, Web Agents interact with AM to:

• Ensure that clients provide appropriate authentication.

• Enforce AM resource-based policies.

Java Agent is an Access Management add-on component that operates as a Policy Enforcement Point (PEP) or policy agent for web applications deployed on a Java container.

Java Agents intercept inbound requests to web applications. Depending on the filter mode configuration, Java Agents interact with AM to:

• Ensure that clients provide appropriate authentication.

• Enforce AM resource-based policies.

Use the Token Validation Microservice in service-to-service deployments to validate OAuth 2.0 access_tokens. The following figure illustrates a group of Secured Microservices in a container, representing a business service such as ordering, billing, or registration.

IG processes HTTP requests and responses by passing them through user-defined chains of filters and handlers. The filters and handlers provide access to the request and response at each step in the chain, and make it possible to alter the request or response, and collect contextual information.

E.g. Use IG with AM’s password capture and replay to bring SSO to legacy web applications, without the need to edit, upgrade, or recode. This feature helps you to integrate legacy web applications with other applications using the same user identity. The following figure illustrates the flow of requests when an unauthenticated user accesses a protected application. After authenticating with AM, the user is logged into the application with the username and password from the AM login session.

Use Microgateway with business microservices to separate the security concerns of your applications from their business logic. For example, use Microgateway with the ForgeRock Token Validation Microservice to provide access_token validation at the edge of your namespace.