How does access control work in service management in Access Manager?
Access control for service management is based on a delegation model. Realms enable the delegation of policy management privileges within a realm hierarchy. In service management, Access Manager obtains and evaluates delegation permissions through the com.sun.identity.delegation APIs for read, write, save, and delete operations. The DelegationPermission parameter specifies an access-control permission on a resource in a realm. The parameter contains a realm name, a service name, a version number, a configuration type, a subconfiguration name, and a set of actions a duly authorized user can perform. Additionally, DelegationPermission contains a map for future extensions. The DelegationEvaluator parameter evaluates access permissions. Based on the results of the evaluation, Access Manager allows or denies users the privilege of performing actions on the resources of a realm. For more information on setting permissions and rules, see the Access Manager documentation on policies and delega
Related Questions
- Once the referral is made for the case management service, does the case manager control the other services that are recommended by the assessment?
- Can I use the Windows2000 Service Control Manager to automatically restart an OmniRush service that has stopped?
- Can Dell Software Inventory & Usage Management Service integrate with Dell Desktop Manager?
