The authorization process: step-by-step

This figure illustrates the complete authorization process.

1. An authenticated client request for a resource is directed to the resource manager server and intercepted by the policy enforcer process. For example, the resource manager can be WebSEAL for Hypertext Transfer Protocol (HTTP), HTTPS access, or another application.

2. The policy enforcer process uses the authorization API to call the authorization service for an authorization decision. information about the authorization API, see

3. The authorization service does an authorization check on the resource. See Authorization Algorithm for details on the algorithm used.

4. The decision to accept or deny the request is returned as a recommendation to the resource manager through the policy enforcer.

5. If the request is finally approved, the resource manager passes the request on to the application responsible for the resource.

6. The client receives the results of the requested operation.

Parent topic: Implementation of a network security policy