You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 14 Next »

Authorization policy defines the method of authorization.

An authorization policy is a connector that gets the parameters from the request and maps to a specified service for authorization. In other words, it executes an already defined service for authorization (authorization service) and use some of the request parameters for input.

Authorization Policy Identifier

An interface or a service can use a defined authorization policy for usage restriction.

Authorization policy  should have a unique name so that it can be referenced from an interface or service definition.

Parameter Mapping

Parameter mapping keeps the information of which request parameter is used for input of authorization service.

 parameter_mapping

As seen on figure, the request parameters first sent to Service B, after successful authorization, request parameters are sent to Service A (the target service).

Service B (Authorization service) requires serviceB_Parameter1 and serviceB_Parameter2 parameters. Authorization policy passes serviceA_Param2 to Service B as serviceB_Parameter1.

The parameter mapping should be as follow:

Authorization Parameter

Service Parameter

serviceA_Param2

serviceB_Parameter1

serviceA_Param3

serviceB_Parameter2

You can use the username and password parameters as authParam.

There are three kinds of authorization policies:

Executable Authorization Policy

This policy use an executable service for authorization.

  • No labels