Hi Suthakar,
Siteminder auth is realm based, if your have both users auth/az to same realm, they have no access rights separation.
The access rights are separated once you create /salary/manager vs. /salary/others two realms.
Even by adding response for each rule using "WebAgent-OnAccept-Redirect" response, but target you choose for each redirect, they will still face additional login access evaluation, due to its uri processing. If redirected target is not protected, then it defeats the purpose of authentication.
Another possibility is creating nested realms. Everyone gets in /salary/*, but only manager allow access to /salary/manager.
This still is treated as two realms.
With only one realm, you maybe able to generate customized page entirely on the fly based on manager=yes/no, using active response (content of the page) with custom pages though.
Regards,
Hongxu