在上一步中,身份验证请求已经到达了OP的端点url。
Where we left off, the authentication request had arrived at the OP's Endpoint URL.
使用HTTP基本身份验证,还允许凭据从HTTP客户端传播到http端点(Application Server)。
Using HTTP Basic authentication also allows the credential to propagate from HTTP client to HTTP endpoint (Application Server).
这里的缓解方法是为每个分支节点创建单独的身份,将该帐户放在入站通道的MCAUSER中,并且仅授权它访问特定的服务端点。
The mitigation is to create a separate identity for each spoke node, place that account in the MCAUSER of the inbound channel, and authorize it only to specific service endpoints.
应用推荐