Foreign principal names are defined on CA Top Secret to indicate the realm from which the foreign user will be mapped into a local ACID. The following format is used for this fully qualified reference:
/…/foreign_realm/foreign_principal_name
The foreign_principal_name should be defined in the foreign_realm as a local principal in that system. The foreign_principal_name need not be identical with its associated ACID in the foreign system.
The local ACID need not be defined as a Kerberos local principal. It serves as a surrogate for security activities by the foreign principal in the local environment.
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|