如何在wso2身份服务器中对自己创建的数据库实施xacml策略?
[英]how to enforce xacml policies on self created database in wso2 identity server?
问题描述
I just started using wso2 identity server. 
我刚刚开始使用wso2身份服务器。 I want to know how can we manage self created database through an WSO2 identity server and can we apply xacml policies created using WSO2 tryit tool on that database? 我想知道我们如何通过WSO2身份服务器管理自己创建的数据库,以及如何在该数据库上应用使用WSO2 tryit工具创建的xacml策略? How can it be done? 如何做呢? Any help would be appreciated. 任何帮助,将不胜感激。 Thank you. 谢谢。 Regards 问候
1 个解决方案
解决方案1
0 已采纳 2017-04-14 12:48:25
As far as I know, WSO2 IS cannot be used to secure databases. 据我所知,WSO2 IS不能用于保护数据库。 Have a look at the Data Access Filter instead. 请查看数据访问过滤器 。
What the Data Access Filter does is: 数据访问过滤器的作用是:
- it lets you create XACML policies eg managers can view transactions in their branch. 它使您可以创建XACML策略,例如,经理可以在其分支机构中查看事务。
- it intercepts SQL traffic going to the database eg
SELECT * FROM transactionsand determines the end user's identity and branch egAliceinCharlotte.它拦截进入数据库的SQL流量,例如SELECT * FROM transactions并确定最终用户的身份和分支,例如CharlotteAlice。 - it modifies the SQL statement according to the policy eg
SELECT * FROM transactions WHERE branch='Charlotte'它根据策略修改SQL语句,例如SELECT * FROM transactions WHERE branch='Charlotte' - It forwards the modified statement to the backend database so that only entitled data is retrieved. 它将修改后的语句转发到后端数据库,以便仅检索授权数据。
This lets you do dynamic data filtering and dynamic data masking. 这使您可以进行动态数据过滤和动态数据屏蔽。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.