It also offered guidance on modifying the Document Management portlets to use the LTPA token approach.
LTPA身份驗*的另一個方面是加密密匙共享。
Use this step only if you want to configure Scenario 2. Both application servers have to use the same LTPA token.
只有在您打算配置場景2 時才用到這一步,兩個應用程序服務器都必須使用相同的LTPA令牌。
Another aspect of LTPA authentication is encryption key sharing.
LTPA定義了存儲在客户端上的令牌格式。
They do not, however, want to tie themselves to the implementation of the outsourced service by requiring the service provider to understand LTPA tokens.
The client domain gateway expects a request message with an LTPA token in a Web services security (WS-Security) header as generated by the configuration described in Part 4 of this series.
The new LTPA token USES the following strong cryptographic techniques.
Security attribute propagation also works in environments where servers are not sharing the same user registry and the LTPA keys.
While you can transmit LTPA tokens over an unencrypted channel, for maximum protection, it is best that they are sent over an encrypted link.
登錄期間創建的安全標誌(LTPA)隨數據請求傳遞到後端系統,使後端系統可以執行授權,從而提供對數據的有控制的訪問。
確保這些服務器不共享相同的LTPA密鑰,為這兩台服務器生成兩個不同的LTPA密鑰。
Instead, figure 13 shows information about the request message that DataPower forwarded to "Application b", where you can see the LTPA cookie added by post processing action (figure 12).
Complete the following steps to export the client's LTPA key and password.
客户端域網關期望Web服務安全(WS安全)標頭中具有LTPA令牌的請求消息(該標頭由本系列文章的 第 4部分描述的配置生成)。
第一步是翻轉一個開關,表示您想要配置LTPA用户名稱。
If an LTPA token is successfully captured, the thief can impersonate the user identified until it expires.
The security token (LTPA) created during the login is passed with data requests to back-end systems to enable them to perform authorization in providing controlled access to the data.
Now look at the request flow scenario for an LTPA junction.
For our sample, the client's LTPA key and password must be Shared with the LTPA token validation module.