Web Access Management

Web Single Sign-On and Access Control


Providing web access to corporate resources for employees, customers and vendors is likely the most significant opportunity of the modern computing era, and securing that access has become one of IT’s greatest challenges. It is the goal of Web Access Management (WAM) technology to enforce corporate security policies, protect enterprise resources from unauthorized access and makes it easier for authorized users to do their jobs by enabling Single Sign-On (SSO) and centralizing access control for all of your web applications.


EmpowerID helps you to protect your assets and to securely manage web users with a highly flexible and innovative approach to enabling SSO and authorization management across the widest range of web applications. EmpowerID is not limited to applications that adhere to the latest standards, it specifically addresses the numerous challenges posed by legacy applications and platforms and allows them to participate in a unified computing environment as never before. The results for organizations are clear: expanded access options, accelerated projects, lower costs and the centralization of Identity and Access (IAM) management for heterogeneous resources.


An example of a typical WAM scenario is creating access control to an HR system’s employee performance review pages. Using EmpowerID’s flexible role and attribute-based security policies, a security admin can define which users can access the page for each department’s reviews. As an example, a Sales Department Management Role can be granted access to the sales department reviews page. Membership in this role would typically be driven by information maintained about each user in the corporate HR system. When a user attempts to access the sales department reviews page, the WAM system intercepts the request, verifies that the user is authorized to access to that page, and then permits them to access the page only after that is successfully determined.


The EmpowerID WAM system leverages the advanced authorization policy engine built into EmpowerID that allows organizations to define a user’s access to a diverse set of corporate and cloud-hosted resources with flexible Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC) rules. Powerful RBAC policies leverage EmpowerID’s multi-tiered model with pre-calculated access to all known enterprise applications and resources based on multiple configurable hierarchies that can include an organization’s structure, a person’s job function, and directly assigned access. The derived “resultant access” information is then used to enforce access privileges to web resources.


There are two standard methods of implementing WAM and EmpowerID offers the best of both worlds. In the first, agents run on the protected web application servers and intercept each request for a web resource to force authentication and verify access. In the second, the EmpowerID Reverse Proxy Server is positioned between the web applications and the end-users to service the requests on their behalf. In both cases, requests are intercepted and access is authorized by the powerful EmpowerID RBAC and ABAC authorization policies. The greatest range of flexibility is provided by a hybrid model that allows organizations to take advantage of the best of both key WAM technologies by deploying EmpowerID’s combined agent/reverse proxy solution to enable their specific needs in the most efficient and cost-effective manner.


Other Unique Features of the EmpowerID WAM:

  • Flexible Identity Options

    EmpowerID WAM supports your choice of Identity sources for authentication including: Active Directory, LDAP, EmpowerID Metadirectory, Facebook, Twitter, SalesForce.com, Google, Yahoo, and others

  • Highly Scalable Node.JS Architecture

    The EmpowerID Reverse Proxy was built using a stateless Node.js architecture that makes scaling as easy as adding additional servers. Node.js is a platform built on Chrome's JavaScript runtime to easily build fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that is lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices.

  • Mobile Device Support

    With a single company login, employees gain simple one-click access to all of their cloud applications from their smartphones, tablets and computers. EmpowerID utilizes Responsive Web Design and HTML5 to create an advanced strategy for organizations to embrace the era of “Bring Your Own Device”. EmpowerID screens don’t just resize for different display sizes, they reflow both to be attractive and to offer improved usability for the format of the specific platform on which they are being displayed, whether it is a smartphone, a tablet, a laptop, or a full-sized display.

  • Multi-Factor Authentication

    EmpowerID WAM leverages the multi-factor authentication capabilities that are built into the core of the EmpowerID platform, eliminating the costs associated with third party licenses. Flexible authentication options allow hardware tokens and smartcards to be used in situations when desired, as well as no cost options like software tokens and one-time passwords.

  • EmpowerID Identity Management Integration

    EmpowerID’s WAM solution integrates seamlessly with the comprehensive Identity Management facilities built into the EmpowerID platform, including its: Metadirectory, virtual directory, Role-Based Access Control and workflow automation services. This enables everything from password management to on demand identity provisioning for users of EmpowerID’s WAM services.

Call Toll Free:
1.877-996-4276