100 likes | 114 Vues
The Exchange Network Node Mentoring Workshop. User Management on the Exchange Network Joe Carioti February 28, 2005. Agenda. Types of Accounts What is an Exchange Network (EN) Account? What Types of Accounts are There? Account Attributes Account Usage What Account Should I Use?
E N D
The Exchange NetworkNode Mentoring Workshop User Management on the Exchange Network Joe Carioti February 28, 2005
Agenda • Types of Accounts • What is an Exchange Network (EN) Account? • What Types of Accounts are There? • Account Attributes • Account Usage • What Account Should I Use? • Node Authorization Policies • Authorization Policies • Authorization Process • Conclusion • Questions
What is an Exchange Network Account? Accounts on the EN are network accounts; they are not node-specific accounts. Once you have obtained an account on the EN, you need to request permissions for your account to interact with other nodes. The Node Administrator must be contacted with this request
What Type of Accounts are There? • Administrator Account • Administrator accounts have all access rights to the nodes they manage, including managing user accounts, creating authorization policies, and invoking methods on the node • Operator Account • Operator accounts by default, can conduct data flow operations on the node they are affiliated to, which means that the operator has access rights to all Web methods provided by the node • User Account • User accounts by default have no access rights to the node. Administrators need to grant rights by explicitly creating authorization policies
AccountAttributes • Username • Valid e-mail address • UserType • Admin, operator, or user • Password • Minimum of eight characters • Must contain at least one upper case letter, one numerical character, and no more than two repetitive letters • Affiliate • Node ID associated with the account • Used to validate node policies
What Account Should I Use? • Administrator Account • Account Management • Create / modify / delete accounts • Node Management • Create / modify / delete policies • Node Administrator accounts must not be used for data submissions • Operator / User Accounts • To be used for conducting data flow operations
Node Authorization Policies • What are node authorization policies? • A security mechanism made available by Network Authentication and Authorization Server (NAAS) to assist node administrators in managing access to their node • Nodes are responsible for taking proper action when a request is unauthorized • How are they used? • ResourceURI parameter on the validate Web service call • Authorization Granularity • Node Level • Service Request Level • Parameter Level
Conclusion • Accounts on the EN • Different types of accounts • When the different type of accounts should be used • Authorization policies