OpenAM is most frequently used to protect web-accessible resources.
Users browse to a protected web application page. An agent installed on the
server with the web application redirects the user to OpenAM for access management.
OpenAM determines who the user is, and whether the user has the right to
access the protected page. OpenAM then redirects the user back to the
protected page, with authorization credentials that can be verified by the agent.
The agent allows OpenAM authorized users access the page.