SAP Commerce Cloud OCC User Role
官方文檔
-
Principal: A user who gains access to the application is called a principal. It does not have to be a real user, it can be an external system like a backend or frontend application, or a mobile application. Principal 不一定是一個真實的用戶,也可以是來自外部系統的后臺或者前臺應用,或者是一個移動應用。
-
Authentication means checking provided credentials. If credentials are valid, then the proper roles are assigned to a principal.
Authentication - 認證,意思是檢查principal提供的credentails,如果有效,就頒發對應的role給principal.
- Authorization: means deciding if a principal can perform a given action. 決定一個principal是否能夠執行某項操作。
This is determined based on the assigned roles of the principal and also on other constraints, for example secure communication channel.
根據principal分配的roles或者其他限制來決定。
The authorization process takes place separately in two layers:
OCC User Roles
The security of OCC calls is based mainly on user roles. These roles are assigned to the principal depending on the authentication type:
參與OAuth認證的principal,可以分配不同的role:
Anonymous:A non-authenticated principal is assigned a built-in ANONYMOUS role by default. 默認的role
Clients:Every client application that was authenticated using an OAuth2 token in the client credentials flow is assigned a specific role depending on the client definition.
每個使用OAuth 2 token 參與client credentials flow認證的客戶端應用,都分配一個Clients role.
When defining the clients remember to assign either the ROLE_CLIENT or ROLE_TRUSTED_CLIENT to them, because these roles allow client access to the ycommercewebservices extension.
ROLE_CLIENT 或者 ROLE_TRUSTED_CLIENT,允許客戶端使用 ycommercewebservices extension.
By default, CUSTOMERGROUP and CUSTOMERMANAGERGROUP roles are used.
For such users, a built-in GUEST role is assigned.
總結
以上是生活随笔為你收集整理的SAP Commerce Cloud OCC User Role的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: 单身的原因找到了!研究表明单身人士更爱玩
- 下一篇: 显存容量很重要!RTX 3060 8GB