AAA information file can be used not only for identity mapping but also for authentication and authorization.
AAA信息文件不仅可用于身份映射,还可以用于身份验证和授权。
Scenario 6: Outbound identity mapping using a custom login module.
场景6:使用自定义登录模块进行出站标识映射。
Add the user and group identity mapping information in the EIM server.
在EIM服务器中添加用户和组身份映射信息。
Identity assertion using custom token object with inbound identity mapping.
通过入站标识映射使用自定义的令牌对象进行标识断言。
The article example USES AAA info file to define the identity mapping rules.
本文的例子使用AAA信息文件定义身份映射规则。
STS applies any required identity mapping (group retrieval, attribute retrieval).
STS应用所需的身份映射(获取组,获取属性)。
This method is called Identity Mapping and is handled by the nfsrgyd NFS daemon.
这种方法称为身份映射,由nfsrgydnfs守护进程处理。
The identity mapping uses a properties file to determine the mapped user identity.
标识映射使用属性文件来确定映射的用户标识。
Note the location and name of the exported XSLT file containing the identity mapping rule.
请注意已导出的包含身份映射规则的XSLT文件的位置和名称。
As previously mentioned, identity mapping adds an additional layer of security to the scenario.
如前所述,身份映射给该场景添加了一个额外的安全层。
The identity mapping and the identity switch is performed by an outbound custom login module.
由出站自定义登录模块来进行标识映射和标识切换。
This scenario requires a custom login module for the target server to perform the identity mapping.
这个场景需要一个自定义登录模块,以便目标服务器能够执行标识映射。
The second outbound identity mapping scenario USES a custom login module on the sending server side.
第二个出站标识映射场景使用了发送服务器端中的一个自定义登录模块。
AAA info file can be used not only for identity mapping, but also for authentication and authorization.
AAA信息文件不仅可用于身份映射,还可以用于身份验证和授权。
The preferred way to handle identity mapping is in the application server, performed by the infrastructure.
要处理标识映射,首选的方法是在应用服务器中由基础结构执行处理过程。
Identity mapping is about changing one identity to a different identity from a different user registry.
标识映射就是将一个标识更改为来自另一个用户注册中心中不同的标识。
There would also likely be some identity mapping involved between the client side and the service provider side.
还可能涉及一些客户端和服务提供者端之间的标识映射。
The asserted identity is picked up on the target server side and is used to perform inbound identity mapping.
在目标服务器端获取断言的标识,然后将其用于执行入站标识映射。
The advantage of this approach is that it does not require additional application code to perform the identity mapping.
这种方法的优点是,它不需要附加的应用程序代码来执行标识映射。
If this capability is not available on the target server side, you should consider an outbound identity mapping scenario instead.
如果在目标服务器端这种功能不可用,那么您应该考虑使用出站标识映射场景来代替。
Follow the configuration steps for the servers from the Outbound identity mapping using custom login module scenario (scenario 6).
请按照下面的步骤使用自定义登录模块场景(场景6)对出站标识映射中的服务器进行配置。
Using outbound identity mapping requires changes in the existing configuration for the WSLogin application login on the sending server.
使用出站标识映射需要在发送服务器中对WSLogin应用程序登录的现有配置进行更改。
AIX provides foreign identity mapping using EIM, which is an LDAP-based technology to manage multiple user registries in an organization.
AIX使用EIM提供外部身份映射。EIM是一种基于LDAP的技术,用来管理组织中的多个用户注册表。
To resolve this request correctly, the EIM administrator has to store the following foreign identity mapping information on the EIM server.
为了正确地解析这个请求,EIM管理员必须在EIM服务器上存储下面的外部身份映射信息。
Now the NFS server detects that the request is from the foreign domain and consults the EIM server for the foreign identity mapping information.
现在,NFS服务器发现这个请求来自外部域,因此向EIM服务器查询外部身份映射信息。
In the first scenario (the second is scenario 6), identity mapping is performed from the application code, without using and configuring custom login modules.
在第一个场景(第二个是场景6)中,由应用程序代码执行标识映射,而不使用和配置自定义登录模块。
In this case, for successful identity mapping, the EIM administrator has to also store the Kerberos realm to NFS domain mapping information in the EIM server.
在这种情况下,为了成功地实现身份映射,EIM管理员还必须在EIM服务器上存储Kerberos领域到nfs域的映射信息。
The asserted identity is transmitted inside a custom token object, which is then picked up on the target server and used in an inbound identity mapping module.
在自定义的令牌对象中传输断言的标识,然后在目标服务器中获得该标识,并用于入站标识映射模块。
The login module determines the identity for the invocation by performing the mapping.
该登录模块可以通过执行映射来确定调用的标识。
The sending server does not have any knowledge of the mapping mechanism or the new user identity.
发送服务器完全不清楚映射机制或新的用户标识。
应用推荐