The state machine editor in the AccessStudio advanced mode is a flexible tool for creating advanced AccessProfiles for IBM Security Access Manager for Enterprise Single Sign-On (ISAM ESSO). With the profiles, developers can implement single sign-on (SSO) automation workflows for a wide variety of applications. To create an effective and complete AccessProfile, developers must take a systematic approach to ensure that all workflows are covered in the state machine. If some of the workflows are missing from the state machine, an auto-fill, capture, or save action might fail as a result. Both the AccessProfile developer and the quality assurance tester must work together to ensure that all sign-on automation workflows are covered by the AccessProfile state machine and to eliminate bugs in the state machine. Most applications have similar design rules for page flows related to sign-on automation, such as login or change password pages. So it makes sense to check all sign-on automation workflows that are based on these common rules. This best practices guide introduces a set of common page flow diagrams and design rules to consider to ensure that your advanced AccessProfile state machine covers all sign-on automation workflows. Topics in the guide include:
- How to understand the workflows that are covered by the state machines that are generated by AccessStudio generator.
- How to generate workflows for application scenarios that aren't covered by the AccessStudio generator.
- Sign-on automation workflows specific to web and Windows® application types and how to cover these workflows by using advanced AccessProfiling.
- How to cover work flows and problems that are specific to the design of the application.
- How to test an AccessProfile to ensure that it is complete and correct.
- How to talk to the application owner about the sign-on automation requirements and what to investigate in the application during the requirements discussion.
Visit the security on developerWorks resource library to download "Best practices for AccessProfile development in IBM Security Access Manager for Enterprise Single Sign-On."
- Download the Best practices for AccessProfile development in IBM Security Access Manager for Enterprise Single Sign-On white paper from the Security on developerWorks Resource Library.
- Visit the Security On developerWorks blog to learn about new security-related how-to guides, articles, and demo videos.
- Visit the Security On developerWorks community to find more how-to-guides, articles, videos, and demos our community resource library.
- Visit the Security zone on developerWorks to find more how-to-guides, articles, videos, and demos in our technical library.
- Sign up for the weekly Security On developerWorks newsletter for the latest security headlines.
- Follow @dwsecurity to get updates from the developerWorks security zone in real time.