SAP Commerce Cloud OCC User Role
官方文檔
-
Principal: A user who gains access to the application is called a principal. It does not have to be a real user, it can be an external system like a backend or frontend application, or a mobile application. Principal 不一定是一個(gè)真實(shí)的用戶,也可以是來自外部系統(tǒng)的后臺(tái)或者前臺(tái)應(yīng)用,或者是一個(gè)移動(dòng)應(yīng)用。
-
Authentication means checking provided credentials. If credentials are valid, then the proper roles are assigned to a principal.
Authentication - 認(rèn)證,意思是檢查principal提供的credentails,如果有效,就頒發(fā)對(duì)應(yīng)的role給principal.
- Authorization: means deciding if a principal can perform a given action. 決定一個(gè)principal是否能夠執(zhí)行某項(xiàng)操作。
This is determined based on the assigned roles of the principal and also on other constraints, for example secure communication channel.
根據(jù)principal分配的roles或者其他限制來決定。
The authorization process takes place separately in two layers:
OCC User Roles
The security of OCC calls is based mainly on user roles. These roles are assigned to the principal depending on the authentication type:
參與OAuth認(rèn)證的principal,可以分配不同的role:
Anonymous:A non-authenticated principal is assigned a built-in ANONYMOUS role by default. 默認(rèn)的role
Clients:Every client application that was authenticated using an OAuth2 token in the client credentials flow is assigned a specific role depending on the client definition.
每個(gè)使用OAuth 2 token 參與client credentials flow認(rèn)證的客戶端應(yīng)用,都分配一個(gè)Clients role.
When defining the clients remember to assign either the ROLE_CLIENT or ROLE_TRUSTED_CLIENT to them, because these roles allow client access to the ycommercewebservices extension.
ROLE_CLIENT 或者 ROLE_TRUSTED_CLIENT,允許客戶端使用 ycommercewebservices extension.
By default, CUSTOMERGROUP and CUSTOMERMANAGERGROUP roles are used.
For such users, a built-in GUEST role is assigned.
總結(jié)
以上是生活随笔為你收集整理的SAP Commerce Cloud OCC User Role的全部?jī)?nèi)容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: 单身的原因找到了!研究表明单身人士更爱玩
- 下一篇: RxJs Subject, Anonym