Difference between revisions of "ESciDoc Authorization Authentication Architecture"
Jump to navigation
Jump to search
Line 2: | Line 2: | ||
At present only core services are secured: | At present only core services are secured: | ||
#Each resource handler has built-in service interceptor that is intercepting all requests to the service | #Each resource handler has built-in service interceptor that is intercepting all requests to the service | ||
#The service interceptor analyzes the request and forwards it to the PDP engine | #The service interceptor analyzes the request and forwards it to the PDP engine | ||
#The PDP engine provides allow/deny response for the request | #The PDP engine provides allow/deny response for the request | ||
#In case of deny response from the PDP engine the service responses with a security exception to the service requestor | #In case of deny response from the PDP engine the service responses with a security exception to the service requestor |
Revision as of 12:06, 15 October 2007
Present architecture
At present only core services are secured:
- Each resource handler has built-in service interceptor that is intercepting all requests to the service
- The service interceptor analyzes the request and forwards it to the PDP engine
- The PDP engine provides allow/deny response for the request
- In case of deny response from the PDP engine the service responses with a security exception to the service requestor