Manualshelf

User guide

ManualsBrandsRed Hat ManualsComputer equipmentNETSCAPE ENTERPRISE SERVER 6.0 - NSAPI PROGRAMMER GUIDE
41424344454647484950
Authorization
1-35
Authorization
Authorization is the process that is used to make sure that the user who requests access to a resource
is allowed to access the resource. A user who requests access to a resource, for example, a HTML
document, image data, or voice data disclosed on a Web server or a CGI application operating on a
Web server; is checked to allow access to the resource.
Interstage Single Sign-on authorizes users' access based on the concept of "role," which is an attribute
indicating a department or business. Whether a user is allowed to access a resource is determined
according to the relationship between the role of the user and the role set for the access target resource.
The relationships between resources and roles are managed as access control information.
Relationships between Roles, Users, and Resources
Roles are defined based on actual departments and businesses, e.g., "general employee" and
"domestic sales," and assigned to user information. On the other hand, the roles required to access
resources, including the HTML and CGI resources disclosed by the Web services on business servers,
are set for the respective resources. When a user accesses a resource, the user must succeed in
authentication and have the role that is set for the target resource.
Figure 1-28 Relationships Between, Roles, Users and Resources
In the above example:
The roles "general employee" and "accounting department" are assigned to the accountant.
The role "general employee" is permitted to access only the resource "employment regulations."
The role "accounting department" is permitted to access only the resource "settlement information."