dpConfigAAAPolicyTable

An AAA policy establishes the configuration to support the authentication
and authorization of users requesting resources from the back-end servers.
An AAA policy consists of the following components. Identity extraction
One of many methods that discovers which identity is asserted in the
service request. This processing phase answers the question, 'What is your
name?' Authentication One of many methods that authenticates the asserted
identity. Methods include communication with external authorities, such as
an LDAP server. The identity is accepted as authentic or rejected. When
authenticated successfully, the identity is used as a credential. Resource
extraction One of many methods that discovers which resource service is
requested (such as query an account or perform an update) This processing
phase answers the question, 'What do you want to do?' Credential mapping
While an identity can be authenticated by one authority as valid, this
identity or credential might not be known to the authority that authorizes
the requested resource. This processing phase allows the mapping of
credentials from one form to another for interoperability between systems.
Resource mapping While a resource can be identified from the service
request, this resource name might not be known to the authority that
authorizes use of the requested resource. This processing phase allows the
mapping of resource names from one form to another for interoperability
between systems. Authorization The combination of the authenticated and
possibly remapped credential with the requested and possibly remapped
resource are submitted to an authority for authorization. That authority
could reside elsewhere on the network. The request for service is accepted
or rejected. Postprocessing Additional processing to perform after
authorization, such as the generation of a WS-Trust token or SAML
assertion.

MIB

DATAPOWER-CONFIG-MIB

OID

.1.3.6.1.4.1.14685.3.2.91

Type

table

Status

current

Parent

dpConfig

Children

1