Identity Broker作为中间服务,连接不同身份提供者和业务服务,建立与外部身份验证服务的信任关系。用户通过选择身份提供者进行登录,经过身份验证后,Red Hat Single Sign-On处理认证响应,创建或链接用户,并发出自己的令牌,允许访问受保护资源。该过程实现了身份联合和账户链接,解耦了客户端应用与外部身份提供者。
定义
An Identity Broker is an intermediary service that connects multiple service providers with different identity providers. As an intermediary service, the identity broker is responsible for creating a trust relationship with an external identity provider in order to use its identities to access internal services exposed by service providers.
一个中间层服务,通过多个不同的身份验证服务,来连接多个系统间的业务服务。
它负责和外部系统身份验证提供者建立信任关系,获取外部系统的安全令牌,从而给内部系统访问外部系统服务资源创造信任授权。
An identity provider is usually based on a specific protocol that is used to authenticate and communicate authentication and authorization information to their users. It can be a social provider such as Facebook, Google or Twitter. It can be a business partner whose users need to access your services. Or it an be a cloud-based identity service that you want to integrate with.
身份验证提供者一般基于专用协议和用户交换验证和授权信息。它可以是社交服务供应商,像Facebook,Google或者Twitter。也可以是访问你内部服务的业务伙伴。或者是你想集成的云端的身份认证服务。
常用协议如下,
- SAML v2.0
- OpenID Connect v1.0
- OAuth v2.0
概览
Identity Broker Flow
最低0.47元/天 解锁文章
扫一扫
8893
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
