授权请求外部化会带来何种性能损失?
What is the performance penalty of externalizing authorization requests?
授权请求到达策略执行点(pep)。
A request for authorization lands at the Policy Enforcement Point (PEP).
内部如何处理这些授权请求则由XACML标准解决。
How these authorization requests are processed internally is addressed by XACML standards.
它为您创建的所有这些XACML组件创建授权请求!
It creates the authorization request for which you are creating all these XACML components!
图15显示了示例授权请求消息的主位图的图形表示。
Figure 15 shows a graphical representation of a primary bitmap for an example authorization request message.
创建处理授权请求所需XACML组件的下一步是创建PEP。
The creation of the PEP is the next step in creating the XACML components required to process the authorization request.
清单4显示一个授权请求的结果,该请求使用清单3中显示的JAAS策略文件。
Listing 4 shows the results of an authorization request using the JAAS policy file shown in Listing 3.
XACML构建于SAML之上,提供了用于定义访问控制和授权请求及响应消息的实际语义。
XACML builds on SAML by providing the actual semantics used to define access control policy and authorization request and response messages.
为了有效解决不存在对象定义的主题节点上的授权请求,将沿着从父节点到子节点的主题树继承权限。
In order to efficiently resolve authorization requests on topic nodes for which no object definition exists, permissions are inherited down the topic tree from parent to child nodes.
XACML标准(见参考资料获得详细信息)要求根据XACML请求和响应模式定义所有授权请求。
The XACML standard (see Resourcesfor more information) requires all the authorization requests to be defined according to the XACML request and response schema.
基于来自请求头的用户凭证和调用的MDM服务授权请求,其中以XACML表示的策略用作进行授权决策的根据。
Authorize the requests based on the user credentials from the request header and called MDM service, where a policy expressed in XACML is used as a basis for the authorization decision making.
XACML不但处理授权请求,而且还定义了一种机制,来创建进行授权决策所需的规则、策略和策略集的完整基础设施。
XACML not only processes the authorization requests, but it defines the mechanism for creating the complete infrastructure of rules, policies, and policy sets to arrive at the authorization decisions.
我们进行精细的仿真实验,并将仿真结果与基于授权请求的自适应循环周期时间的交织轮询方案(IPACT)进行比较,得出采用严格的优先权策略。
We conduct detailed simulation experiments and compare the results with the well-known Interleaved Polling with Adaptive Cycle Time (IPACT) algorithm that utilizes strict priority policy.
它通常对系统调用和通过文件系统指定的资源的操作请求执行授权检查。
It typically performs authorization checks on system calls and operation requests on resources named by a file system.
如果您具有授权,则需要对请求访问的人进行授权以访问系统。
If you have Authorization, then the person requesting access needs to be authorized to access the system.
你可以用它来处理对任何一方的授权事务(请求或响应)。
You can use it to process claims on either side of an authorization transaction (requestor or responder).
对于请求当前用户授权这一典型情况,您将使用隐式主题技术。
You would use the implicit subject technique for the typical case of requesting authorization for the current user.
ESB将在处理前断言此用户是否得到了进行此请求的授权。
The ESB will ascertain whether this user is authorised to make the request before proceeding.
拦截器决定是否对发出请求的客户机进行授权,使它访问所请求的资源。
The interceptor decides whether the requesting client is authorized to access the requested resource.
例如,我们可以将saml段嵌入到SOAP消息头中来认证和授权对所请求服务的访问。
For example, we can embed a SAML segment in a SOAP message header to authenticate and authorize the access to the requested services.
创建所有必需的XACML组件之后,应该能够获得该请求的授权决策。
After you've created all of the required XACML components, you should get an authorization decision for this request.
实现每个请求与用户授权信息的透明关联是底层的职责。
It is the responsibility of the underlying layers to transparently associate every request with the user's authorization information.
这意味着,只有授权用户才能访问门户与发出配给请求。
This means that only authorized users can gain access to the portal and place a request for provisioning.
保兑行意指应开证行的授权或请求对信用证加具保兑的银行。
Confirming bank means the bank that adds its confirmation to a credit upon the issuing bank's authorization or request.
它还决定用户能否被授权打开请求的URL。
It also determines whether the user is authorized to open the requested URL.
这种授权决定是否允许请求用户使用一个事务。
This authorization determines whether the user of the request is granted or denied the use of a transaction.
根据请求者提交的证据,该查询决定是否授权该请求者访问受保护的资源。
Given the evidence that a requester submits, the query determines if the requester is authorized to access the secured resource.
中介流可以简单地记录某个请求已从请求者传递到了提供者,阻止来自未知或未经授权的请求者的请求,或者基于提供者可用性来阻止请求。
The mediation flow may simply log that a request was passed from requester to provider, block requests from unknown or unauthorized requesters, or block requests based on provider availability.
假设成功认证用户或组,事务授权将检查用户或组是否被授权访问请求的事务。
Assuming that the user or group is successfully authenticated, transaction authorization checks whether the user or group is granted access to the transaction that is being requested.
假设成功认证用户或组,事务授权将检查用户或组是否被授权访问请求的事务。
Assuming that the user or group is successfully authenticated, transaction authorization checks whether the user or group is granted access to the transaction that is being requested.
应用推荐