You can configure the Access Manager to interact with your application server in one of two ways:
As an identity provider for the user authentication and user roles. In this configuration, the application server is accessed directly by the user, and the agent is configured to redirect the user to the Identity Server for authentication and user roles. If you need the security of SSL, you need to configure the application server for SSL.
As a protected resource of the Access Gateway. When the agent is configured to be an Access Gateway protected resource, the IP address of the application server is hidden from the user and the user must access it through the Access Gateway. You can configure the Access Gateway to require SSL connections without configuring the application server for SSL.
This section describes how to set up both of these configurations.