使用 Tivoli Identity Manager 控制对 SharePoint 列表的访问

发布于 2024-10-10 15:11:24 字数 208 浏览 7 评论 0原文

我们正在设计一个将使用 SharePoint 的系统,客户将 Tivoli Identity Manager 与 Active Directory 集成。

我们想到的一种方法是创建一个与 TIM 通信的 ASP.NET 成员资格提供程序。那么如何连接 TIM 中的角色来访问列表呢?

或者有人对如何做到这一点有更好的想法吗?

我们正在使用WSS 3.0。

We are designing a system where will use SharePoint, the customer has Tivoli Identity Manager integrated with Active Directory.

One way that we have thought of doing this is by creating an asp.net membership provider that communicates with TIM. But then how to connect roles in TIM to access to lists?

Or does anyone have a better idea of how to do this?

We are using WSS 3.0.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

满地尘埃落定 2024-10-17 15:11:24

我非常以 Microsoft 为中心,所以我不知道 TIM 和 TAM 之间的区别,但这也许会有所帮助。我们研究了 Tivoli Access Manager for Microsoft .NET 去年夏天,目标是将其用作没有 Active Directory ID 的用户的辅助身份验证选项

以下内容包含在下载的文档:

Tivoli Access Manager 角色和
ASP.NET 的会员提供程序

此用例的不同之处在于它是
不是单点登录解决方案并且
因此不需要 Tivoli
访问管理器认证模块
对于 ASP.NET,也不是 WebSEAL,或者
Web 服务器插件。

此用例利用角色和
会员提供者模型和摘要
ASP.NET 2.0 中引入的类
框架。通过做出适当的
web.config 文件中的配置,
ASP.NET 应用程序能够
外部化所有身份验证,
授权、角色和成员资格
行政管理职责
通过 Tivoli 的 Tivoli Access Manager
访问管理员角色和成员资格
ASP.NET 的提供程序。

此外,程序化和
声明式安全结构
.NET 语言也可以
在此用例中用作
HTTP 请求的主体将是
“提供商感知”并自动
查询配置的角色提供程序
授权决定。

最后,我们没有使用它,因为对服务器所需的更改被拒绝:

  • 安装和配置 Tivoli Access Manager Runtime 应用程序。
  • 在 IIS 中添加和配置新的 32 位启用网站,该网站将调用 WCF 服务(SharePoint 2010 是 64 位,而 Tivoli Access Manager Runtime 是 32 位,因此 IBM 创建了此服务来管理 WCF 服务之间的调用二)。
  • 自定义 SharePoint Web 应用程序的 web.config 文件。

I'm pretty Microsoft-centric, so I don't know the differences between TIM and TAM, but maybe this will help. We looked into Tivoli Access Manager for Microsoft .NET last summer with the goal of using it as a secondary authentication option for users that did not have Active Directory IDs

The following was contained within the downloaded documentation:

Tivoli Access Manager Role and
Membership Providers for ASP.NET

This use case differs in that it is
not a single sign-on solution and
therefore does not require the Tivoli
Access Manager authentication module
for ASP.NET, nor WebSEAL, or the
Plug-in for Web Servers.

This use case exploits the Role and
Membership Provider model and abstract
classes introduced to the ASP.NET 2.0
framework. By making the appropriate
configurations in the web.config file,
an ASP.NET application is able to
externalize all authentication,
authorization, role and membership
administration responsibilities to
Tivoli Access Manager via the Tivoli
Access Manager Role and Membership
Providers for ASP.NET.

Furthermore, the programmatic and
declarative security constructs of the
.NET languages are also able to be
utilized in this use case as the
Principal of the HTTP request will be
‘provider aware’ and automatically
query the configured role provider for
authorization decisions.

In the end, we did not use it because the required changes to the server were rejected:

  • Installation and configuration of the Tivoli Access Manager Runtime application.
  • Addition and configuration of new 32-bit enabled web site in IIS that will call a WCF service (SharePoint 2010 is 64-bit while the Tivoli Access Manager Runtime is 32-bit, so IBM has created this service that will manage the calls between the two).
  • Customization of the web.config file for the SharePoint web application.
~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文