XACML 是访问粒度的唯一替代方案吗
[英]Is XACML the unique alternative for access granularity
问题描述
I currently use WSO2is 5.9, but I want to be more thorough, when creating rules of access to resources of my web application, limit the action to a certain button within my application for example.
我目前使用 WSO2is 5.9,但我想更彻底,在创建访问我的 web 应用程序的资源的规则时,例如将操作限制在我的应用程序中的某个按钮。
I have read the documentation of WSO2is and other resources, everything guides me that I must use XACML to apply such restrictions within my application.我已经阅读了 WSO2is 和其他资源的文档,所有内容都指导我必须使用 XACML 在我的应用程序中应用这些限制。
Is there another alternative to XACML? XACML 是否有其他替代方案? I see a very high complexity in using this proposal.我发现使用这个提议非常复杂。
For now in OIC claims I get the role but I don't see how to limit to functionality.目前在 OIC 声明中,我得到了这个角色,但我不知道如何限制功能。
1 个解决方案
解决方案1
1 已采纳 2020-04-04 04:07:53
You can use adaptive authentication scripts also for having some access control in the service provider level instead of using XACML.您还可以使用自适应身份验证脚本在服务提供商级别进行一些访问控制,而不是使用 XACML。 Please refer to this documentation on Adaptive Authentication script.请参阅有关自适应身份验证脚本的文档。 https://is.docs.wso2.com/en/5.9.0/learn/adaptive-authentication/https://is.docs.wso2.com/en/5.9.0/learn/adaptive-authentication/ https://is.docs.wso2.com/en/5.9.0/learn/adaptive-authentication/https://is.docs.wso2.com/en/5.9.0/learn/adaptive-authentication/
For example, if you want to have some role-based access control, you can use the adaptive script by referring here: https://is.docs.wso2.com/en/5.9.0/learn/configuring-role-based-adaptive-authentication/ .例如,如果你想有一些基于角色的访问控制,你可以参考这里使用自适应脚本: https://is.docs.wso2.com/en/5.9.0/learn/configuring-role-based -自适应身份验证/ 。
There are some pre-default scenarion, and you can refer them as well.有一些默认场景,您也可以参考它们。 https://is.docs.wso2.com/en/5.9.0/learn/adaptive-authentication-scenarios/ https://is.docs.wso2.com/en/5.9.0/learn/adaptive-authentication-scenarios/
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.