在三层架构中,队列管理器只了解应用程序的身份。
In the three-tier architecture, the queue manager knew only the identity of the application.
如果可以(可靠地)将访问权授予给从那个远程队列管理器发送命令的特定身份,那么情况会好得多。
It would be much better if access could be granted (reliably) to specific identities sending commands from that remote queue manager.
当一个命令被放置到SYSTEM.COMMAND . INPUT中时,队列管理器检查身份上下文中的userid以便授权。
The queue manager checks the userid in the identity context for authorization when a command is put to the SYSTEM.COMMAND.INPUT.
如果john断言janeDoe的身份,队列管理器将毫无疑问地接受,甚至在启用SSL的通道上也是如此。
If John asserts the identity of Jane Doe, the queue manager accepts it without question, even over an SSL-enabled channel.
身份和发送者上下文的多数字段通常由队列管理器提供。
Most fields of the identity and origin context are usually supplied by the queue manager. Of course, applications with appropriate authority can provide their own context.
远程连接的身份验证:对于客户端连接和来自其他队列管理器的通道,存在许多与身份验证相关的常用实践。
Authentication of remote connections: There are a number of common practices that are related to authorization of client connections and channels from other queue managers.
为此,身份验证管理器需要一个或多个身份验证提供者。
To do its job, the authentication manager requires one or more authentication providers.
管理器检查哪一种提供者支持它从apf收到的身份验证标记。
The manager checks which of its providers support the authentication token it received from APF.
它将这些信息传送给身份验证管理器。
身份验证管理器将用户的详细信息返回给APF。
The authentication manager returns details of the user back to APF.
如果找到一个匹配,身份验证提供者将用户的详细信息返回给身份验证管理器。
If a match is found, the authentication provider returns the details of the user to the authentication manager.
即使启用了安全性,部署管理器仍然使用未经过身份验证的协议向节点代理发送配置更新。
Even when security is enabled, the deployment manager continues to communicate configuration updates to the node agents using an unauthenticated protocol.
管理器将检查哪一种提供者支持从APF接收到的身份验证标记。
The manager checks which of its providers support the authentication token received from APF.
总之,必需在接收到队列管理器时在本地执行身份验证。
In summary, authentication must be performed locally on the receiving queue manager.
身份验证的位置由数据库管理器配置参数AUTHENTICATION的值决定。
The location of the authentication process is determined by the value of the database manager configuration parameter authentication.
问题在于,您如何对远程连接用户、以客户端模式连接的应用程序以及来自其他队列管理器的连接进行身份验证。
The trick is in how you authenticate remotely connected users, applications connecting in client mode, and connections from other queue managers.
更准确地说,节点代码使用未经过身份验证的文件传输服务从部署管理器获取管理配置更新。
More precisely, node agents pull admin configuration updates from the deployment manager using an unauthenticated file transfer service.
获取作业时,令牌用于对管理子系统或部署管理器进行身份验证和授权。
When a job is fetched, the token is used to authenticate and authorize against the administrative subsystem or the deployment manager.
身份验证管理器可能包含一个或更多身份验证提供者。
The authentication manager may contain one or more authentication providers.
比如,一个身份验证处理过滤器需要一个身份验证管理器选择一个合适的身份验证提供者。
For example, an authentication processing filter requires an authentication manager to select an appropriate authentication provider.
因此,即使队列管理器配置为仅接受来自JohnDoe 的SSL身份验证连接,MQAPI仍然允许 John在其连接请求中断言一个不同的身份。
So even if the queue manager is configured to accept only SSL authenticated connections from John Doe, the MQ API still allows John to assert a different identity in his connection request.
在同一张图的不同用户注册中心示例中,John可以使用其用户名和密码以操作员身份登录到作业管理器。
In the different user registries example in the same figure, John can login to job manager as an operator with his user name and password.
在备份节点(ha2)上,以用户mqm身份创建队列管理器。
On the backup node (ha2), create the queue manager as user MQM.
客户端身份验证将确保只有那些能证明其身份的客户端(在本例中仅为WebSphereApplicationServer)才能连接到队列管理器。
Client authentication will ensure that only those clients (in this case, only WebSphere Application Server) that can prove their identity will be able to connect to the queue manager.
在清单3中,or g .acegisecurity . providers . ProviderManager是一个管理器类,它管理acegi的身份验证过程。
In Listing 3, org.acegisecurity.providers.ProviderManager is the manager class that manages acegi's authentication process.
将数据库管理器配置参数clnt _ pw _ plugin更新为NULL,以使用缺省的由ibm提供的客户端身份验证插件。
Update the database manager configuration parameter clnt_pw_plugin to NULL, to default to the client-side authentication plug-in provided by IBM.
在主节点(ha1)上使用下面的命令创建一个高可用的队列管理器(以root身份)。
On the primary node (ha1) create a highly available queue manager using the command shown below (as root).
如果不进行客户端身份验证,则网络上的任何应用程序都可以从WebSpheremq队列管理器中提交或接收消息。
Without client authentication, it would be possible for any application on the network to submit or retrieve messages from the WebSphere MQ queue manager.
清单3展示了如何配置Acegi的身份验证管理器,以实现与LDAP服务器的通信?
Listing 3 shows how to configure Acegi's authentication manager to communicate with an LDAP server.
这个小巧的设备将一个轻便的、加密的、具有PIN密码保护的管理器与微软视窗访问锁相结合,以防止盗用身份的小偷访问电脑。
The compact device combines a portable, encrypted, and PIN-protected password manager with a Microsoft Windows access lock to prevent identity thieves from accessing the PC or laptop.
应用推荐