如果准备向外部用户公开服务,您需要某种安全约束来保证只有授权的用户才能访问服务。
If you're going to expose services to external users, you need some kind of security constraints that make sure that only authorized users can access the services.
IBM的SOA安全专家Raj Nagaratnam博士在最近的采访中解释说,服务基于一种信任模型,其中将授权委托给应用程序外部的策略层。
IBM's SOA Security Expert Dr. Raj Nagaratnam explained in a recent interview that services are based on a trust model where authorization is delegated to a policy layer external to the application.
诸如apache等Web服务器提供的授权类型可以称为粗粒度访问控制,因为它只提供了一个外部安全层。
The kind of authorization provided by a Web server like Apache might be called coarse-grained access control because it provides only an outer layer of security.
应用推荐