AAA Policy

IBM WebSphere DataPower Community Forum

October 12, 2008, 01:47:48 PM

Welcome, Guest. Please login or register.

News: IBM WebSphere DataPower SOA Appliance Forum - Just Launched come share your knowledge!!! These forums will be a great place to build a community. This site is not associated with IBM.

IBM WebSphere DataPower Community Forum > DataPower > DataPower Certification > AAA Policy

Pages: [1] Go Down

« previous next »

Author

Topic: AAA Policy (Read 816 times)

onno

Newbie

Offline

Posts: 3

AAA Policy

« on: November 14, 2007, 03:46:18 PM »

I have a question regarding the AAA policy ?

In a AAA Policy, the PP (Post Processing) step only runs if which previous AAA step was successful?

=> MC (Map Credentials)
=> AU (Authentication)
=> MR (Map Resource)
=> AZ (Authorization)

I was not sure about my answer "AZ", am I right... Huh

Thanks, Onno


	Logged

Onno Fles
Integration Consultant @ InterAccess

craven

Newbie

Offline

Posts: 8

Re: AAA Policy

« Reply #1 on: November 15, 2007, 12:32:40 PM »

I agree, I think AZ is the correct answer.

From the documentation:
"After authorizing the client, an Access Control Policy may perform optional post-processing activities...."

Although this might be a 'trick' question as Authentication is performed before Authorization (in the out of the box 'AAA' policy). So the key phrase in the question is "...previous AAA step."


	Logged

nmcglennon

Newbie

Offline

Posts: 10

Re: AAA Policy

« Reply #2 on: November 27, 2007, 06:37:59 PM »

Remember that even if Authentication (AU) fails, Authorization (AZ) will run. The user will just be 'unauthenticated' or a 'guest'. So in order for Post-Processing (PP) to occur, AZ must have run first.


	Logged

Senior Consultant
Security Practice
Ascendant Technology

Pages: [1] Go Up

« previous next »

DataPower Links

IBM
DataPower Home Firmware & Documenation Support Home DeveloperWorks Forum
Other Links
Prolifics