Showing posts with label AAA. Show all posts
Showing posts with label AAA. Show all posts

Monday, September 21, 2015

What is a multistep probe? What is a AAA action?(108/285 technotes for 2015)

Multistep Probe :-

To view the contents of any phase, enable the multi-step probe for the firewall or Web Services proxy - employing a document processing policy containing a AAA action


 AAA Action :

AAA Action is a Datapower object - that references a specific AAA policy. This is the way to add  (bridge) a AAA policy to any of the services mentioned below.

  • XML Firewall
  • MPGW
  • Web Service proxy
  • XSL proxy



References:

Datapower Architectural Design Patterns -Integrating and Securing Services Across Domains -   http://www.redbooks.ibm.com/abstracts/sg247620.html?Open
Posted by No comments:
Labels: , , ,

What is AAA? (107/285 technotes for 2015)

AAA - stands for 

  • Authentication
  • Authorization
  • Auditing
Datapower makes clear separation of processing of all three in a loosely coupled way.

The steps for AAA are:
  1. Extract identity (EI) claim - such as username /password from HTTP basic authentication.
  2. Extract resource (ER) - such as Web services URL being accessed.
  3. Authenticates (AU) the extracted identity - with either an on-board / off-board identity server - LDAP
  4. Map Credentials (MC)- using rewrite rules
  5. Map Resource (MR) - mapped using rewrite rules
  6. Authorize (AU)- submit to a policy server for authorization.
  7. Post Processing (PP) - audit

































References: 

Datapower Architectural Design Patterns -Integrating and Securing Services Across Domains -   http://www.redbooks.ibm.com/abstracts/sg247620.html?Open
Posted by No comments:
Labels: , ,
Subscribe to: Posts (Atom)