Cams is designed to control access to web and J2EE application server resources. Resources protected by Cams can reside on the corporate intranet, an extranet, or the internet, and they can be a document, a web application, or almost any other application, data, or even a device.
Cams offers protection for specific web servers through web agents and for all web resources by using Apache as a reverse proxy. APIs are provided to enable the creation of custom web agents.
Using Cams to protect multiple network applications provides SSO for users by sharing authentication and access control information. It supports web SSO within a single DNS domain plus sub-domains. It has a client-server architecture in which distributed Cams web agents delegate the security decisions to the Cams policy server. The web agents then enforce these security decisions.
Cams utilizes caching at both the agent and server levels to improve performance and resilience.
Once a web user has been authenticated, a Cams session is created and an HTTP cookie, with encrypted session information, is sent to the browser. A configurable session time-out expires inactive sessions.
The policy server is configured using four XML files. It is a standalone, Java-based server, which makes it portable to any platform supporting J2SDK 1.4. It also provides full auditing information by logging system and security events into log files.
Cams integrates with industry standard LDAP directories, as well as SQL databases. Straight out of the box, it is ready to protect web resources. However, the architecture provides developers with the tools to protect data sources and web services, plus Java, Windows, and Linux/UNIX native code applications.