简体繁体 English

使用OpenAM 12.0 J2EE策略代理保护REST APIS

[英]Securing REST APIS using OpenAM 12.0 J2EE Policy Agents

原文 2016-06-23 11:38:42 9 1 security/ openam/ rest-security

I am new to OpenAM and trying to secure my webservices using OpenAM. 我是OpenAM的新手，正在尝试使用OpenAM保护我的Web服务。 I have installed J2EE policy agents using below information in the link. 我已经使用链接中的以下信息安装了J2EE策略代理。

https://wikis.forgerock.org/confluence/display/openam/Installing+Tomcat+6.0+Policy+Agent https://wikis.forgerock.org/confluence/display/openam/Installing+Tomcat+6.0+Policy+Agent

I need to provide security for my REST APIs. 我需要为我的REST API提供安全性。 So where should we need to configure the REST APIs in the OpenAM console. 因此我们需要在OpenAM控制台中配置REST API。

Please provide me some links where i get some information. 请提供一些我在其中获得一些信息的链接。

1 个解决方案

OpenAM policy agents are the OpenAM proprietary way to achieve (Web)SSO and authorizations. OpenAM策略代理是OpenAM专有的实现（Web）SSO和授权的方式。 You could configure URL policies as described in the docs https://backstage.forgerock.com/#!/docs/openam/13/admin-guide#chap-authz-policy , however the REST client must obtain an SSOToken and send this along when accessing the REST service. 您可以按照docs https://backstage.forgerock.com/#!/docs/openam/13/admin-guide#chap-authz-policy中所述配置URL策略，但是REST客户端必须获取SSOToken并将其发送访问REST服务时。

You could also use OAuth2 which would be a standards-based approach. 您也可以使用OAuth2，这是一种基于标准的方法。

使用Web应用程序B的身份验证功能的j2ee Webapp A - j2ee webapp A using authentication facility of web app B

使用IAM保护API - Securing APIs using IAM

在JAVA ee中使用JWT保护REST服务 - Securing REST services with JWT in JAVA ee

OAuth用于保护REST API的好处是什么？ - What's the benefit of OAuth for securing REST APIs?

Python 后端 - 使用客户端证书保护 REST API - Python backend -Securing REST APIs With Client Certificates

将ESAPI套件与MyEclipse j2ee项目集成时出错 - Errors in integrating ESAPI suite with MyEclipse j2ee project

如何在J2EE应用程序中保护日志文件密码？ - How to make log file password protected in J2EE Application?

j2ee Web应用程序中的用户访问管理 - user access management in j2ee web application

Websphere中Java2安全性，J2EE Securiy和JAAS J2C身份验证之间的区别 - Difference between Java2 securitry, J2EE Securiy and JAAS J2C Authentication in Websphere

使用WSO2 IS保护RESTful API - Securing RESTful APIs using WSO2 IS

暂无

暂无

声明:本站的技术帖子网页，遵循CC BY-SA 4.0协议，如果您需要转载，请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 使用Web应用程序B的身份验证功能的j2ee Webapp A - j2ee webapp A using authentication facility of web app B 使用IAM保护API - Securing APIs using IAM 在JAVA ee中使用JWT保护REST服务 - Securing REST services with JWT in JAVA ee OAuth用于保护REST API的好处是什么？ - What's the benefit of OAuth for securing REST APIs? Python 后端 - 使用客户端证书保护 REST API - Python backend -Securing REST APIs With Client Certificates 将ESAPI套件与MyEclipse j2ee项目集成时出错 - Errors in integrating ESAPI suite with MyEclipse j2ee project 如何在J2EE应用程序中保护日志文件密码？ - How to make log file password protected in J2EE Application? j2ee Web应用程序中的用户访问管理 - user access management in j2ee web application Websphere中Java2安全性，J2EE Securiy和JAAS J2C身份验证之间的区别 - Difference between Java2 securitry, J2EE Securiy and JAAS J2C Authentication in Websphere 使用WSO2 IS保护RESTful API - Securing RESTful APIs using WSO2 IS

相关标签

粤ICP备18138465号 © 2020-2024 STACKOOM.COM