GeoPDP is an Authorization Component, a Java implementation of the OGC Standard GeoXACML 1.0 with Corrigendum

SDInterceptor is the Enforcement Component, implemented as proposed by the XACML Standard. 

Central Authorisation using GeoXACML does require an access federation based on SAML (shibboleth)

 

security.manager allows the assignment of individual access permissions to different user groups, thereby ensuring that everyone gets access only to what they are entitled to.

Besides controlling access to services, it provides many integration possibilities for enterprise IT landscapes. It can connect to existing user repositories, provides cross-application and cross-domain single-sign-on based on SAML 2.0, supports multiple authentication methods up to the Windows log-in and can protect different service implementations, including ArcGIS and OGC services, etc.

Web Enforcement Service (WSS) is the gatekeeper of your protected services. The WSS is designed to analyze service requests targeted to the protected service