AM 7.5.0

Protect applications

AM provides authentication and authorization capabilities, but it requires a policy enforcement point (PEP) intercepting traffic to the applications.

Use the Java agents, web agents, and PingGateway as PEPs to enforce what AM decides in a way that is unobtrusive to the user.

PingGateway or AM web and Java agents?

PingGateway and the AM web and Java agents can both enforce policy, redirecting users to authenticate when necessary, and controlling access to protected resources. PingGateway runs as a self-contained reverse proxy located between the users and the protected applications. Web and Java agents are installed into the servers where applications run, intercepting requests in that context.

Use PingGateway to protect access to applications not suited for a web or Java agent, for example, those applications deployed on operating systems or web servers or containers not supported by the agents.

Web and Java agents have the advantage of sitting within your existing server infrastructure. Once you have agents installed into the servers with web applications or sites to protect, then you can manage their configurations centrally from AM.

For organizations with both servers on which you can install web and Java agents and applications that you must protect without touching the server, you can use agents on the former and PingGateway for the latter.

Learn more about agents in the Web agents documentation, and the Java agents documentation.

Learn more about PingGateway in the PingGateway documentation.

Copyright © 2010-2024 ForgeRock, all rights reserved.