CA ControlMinder, like many other security models, does not permit a regular user to ask: “Can user A access resource X?” The only question a regular user can ask is: “Can I access resource X?” However, a process that supplies services to many users, such as a database server service or an in‑house application, should be permitted to ask for authorization on behalf of other users.
The SERVER attribute allows a process to ask for authorization for users. Users with the SERVER attribute set can issue the SEOSROUTE_VerifyCreate API.
Note: For more information about the server attribute and CA ControlMinder APIs, see the SDK Guide.
Copyright © 2013 CA Technologies.
All rights reserved.
|
|