在UNIX用户IDs与Microsoft安全标识符之间映射身份。
Mapping of identities between UNIX user IDs and Microsoft security identifiers.
最后一步实现了消息转换,在这里,我们删除了WS - Security头并生成一个建立在映射身份(角色“Guest”)上的ltpa令牌(在传输级别)。
The last step implements the message transformation, here we remove the WS-Security header and generate an LTPA token (at the transport level) built on the mapped identity (the role "Guest").
AAA信息文件不仅可用于身份映射,还可以用于身份验证和授权。
AAA information file can be used not only for identity mapping but also for authentication and authorization.
请注意已导出的包含身份映射规则的XSLT文件的位置和名称。
Note the location and name of the exported XSLT file containing the identity mapping rule.
为了正确地解析这个请求,EIM管理员必须在EIM服务器上存储下面的外部身份映射信息。
To resolve this request correctly, the EIM administrator has to store the following foreign identity mapping information on the EIM server.
如前所述,身份映射给该场景添加了一个额外的安全层。
As previously mentioned, identity mapping adds an additional layer of security to the scenario.
在EIM服务器中添加用户和组身份映射信息。
Add the user and group identity mapping information in the EIM server.
否则,有可能两个签署者颁发的证书映射到同一个用户身份。
Otherwise, it is possible that two signers might issue certificates that map to the same user identity.
本文的例子使用AAA信息文件定义身份映射规则。
The article example USES AAA info file to define the identity mapping rules.
现在,NFS服务器发现这个请求来自外部域,因此向EIM服务器查询外部身份映射信息。
Now the NFS server detects that the request is from the foreign domain and consults the EIM server for the foreign identity mapping information.
AIX使用EIM提供外部身份映射。EIM是一种基于LDAP的技术,用来管理组织中的多个用户注册表。
AIX provides foreign identity mapping using EIM, which is an LDAP-based technology to manage multiple user registries in an organization.
删除身份验证映射。
添加身份验证映射。
选择用于身份映射的XSLT文件。
因而,当处理Web服务请求时,提供者需要将断言的身份映射到对于它的安全域有效的凭证。
Thus when processing a web services request, the provider needs to map the asserted identity to credentials that are valid for its security domain.
添加EIM信息,NFSv4服务器将使用这些信息映射外部身份。
Add the EIM information that will be used by the NFSv4 server for mapping foreign identity.
这种方法称为身份映射,由nfsrgydnfs守护进程处理。
This method is called Identity Mapping and is handled by the nfsrgyd NFS daemon.
STS应用所需的身份映射(获取组,获取属性)。
STS applies any required identity mapping (group retrieval, attribute retrieval).
定义包含身份映射规则的XSLT文件。
这个代码设置内核页面目录、创建身份内核映射、标识体系结构和处理器以及执行分支start_kernel(初始化系统的主例程)。
The code sets up the kernel page directory, creates identity kernel mapping, identifies architecture and processor, and branches to start_kernel (the main routine whereby the system is initialized).
注意,我们使用IBMWebSphereApplicationServer使用的身份作为映射目标,它将被加密到ltpa令牌中。
Notice that as a mapping target, we use the identity used by the IBM WebSphere Application Server, and it will be encrypted into the LTPA token.
使用WebSphere绑定扩展属性将安全角色映射到身份验证状态。
Use the WebSphere binding extension properties to map the security roles to an authentication status.
在这种情况下,为了成功地实现身份映射,EIM管理员还必须在EIM服务器上存储Kerberos领域到nfs域的映射信息。
In this case, for successful identity mapping, the EIM administrator has to also store the Kerberos realm to NFS domain mapping information in the EIM server.
能够把令牌中的身份映射到MDMServer的本地身份。
Ability to map the identity in a token to MDM Server's local identity.
AAA信息文件不仅可用于身份映射,还可以用于身份验证和授权。
AAA info file can be used not only for identity mapping, but also for authentication and authorization.
通过这种方式,可以对标识进行身份验证,并在源和目标应用程序之间相应地映射,同时仍然与企业安全模型保持一致。
In this way, an identity can be authenticated and mapped appropriately between the source and target applications while still being consistent with an enterprise security model.
本文唯一需要的配置是声明进入的身份(见图10),以及如何映射它们(见图11)。
The only configuration needed is to declare the incoming identities (see Figure 10) and how they should be mapped (see Figure 11).
本文介绍了如何创建身份关系、从映射中调用该关系、创建调用映射的接口映射以及在服务器上对关系进行测试。
This article shows how you can create an identity relationship, call the relationship from a map, create an interface map that calls the map, and test the relationship on the server.
但是在这种情况下,最好使用指向同一ldap的LDAP身份验证提供者,从而确保查找到正确的用户,因为任何映射都可能出错。
Ideally though, one would use an LDAP authentication provider pointing to the same LDAP in this case to ensure the correct user is looked up as any mapping incurs the potential for errors.
远程文件系统和其他内核服务可以使用这个服务来管理密码学、身份验证标记、跨域用户映射和其他安全问题。
The service can be used by remote filesystems or other kernel services to manage cryptography, authentication tokens, cross-domain user mappings, and other security concerns.
应用推荐