我正在寻找一种解决方案,即 Orion Context Broker 中某个实体的属性值(由 Wilma PEP 代理和 Keyrock 保护)只能由特定用户(创建实体的用户)更改.
上下文代理包含多个实体,我想根据“实体所有者”限制访问。
我该如何继续实现这一目标?
问问题
45 次
1 回答
1
Not sure about Wilma PEP, but with Steelskin PEP (and side componentes Keystone and Keypass) you can use multitenancy to secure the access to your entities, at two levels:
- Service
- Subservice (also known as "service path")
Thus, users in a given subservice (in a given service) would access only to the entities belonging to such subservice (in the given service). Access to other subservices will be forbidden.
As a reference, you can use this link as an example to deploy and interact with the different components APIs based on KeyStone security stack.
于 2021-09-01T10:27:49.120 回答