Red Hat Summit이 콘텐츠는 선택한 언어로 제공되지 않습니다.
D.7. TPS-specific ACLs
This section covers the default access control configuration attributes which are set specifically for the Token Processing System (TPS). The TPS ACL configuration also includes all of the common ACLs listed in Section D.2, “Common ACLs”.
D.7.1. certServer.tps.account
링크 복사링크가 클립보드에 복사되었습니다!
Controls that users can log in and log out.
allow (login,logout) user="anybody"
allow (login,logout) user="anybody"| Operations | Description | Allow/Deny Access | Targeted Users/Groups |
|---|---|---|---|
| login | Log into the TPS | Allow | All users |
| logout | Log out from the TPS | Allow | All users |
D.7.2. certServer.tps.authenticators
링크 복사링크가 클립보드에 복사되었습니다!
Controls that only administrators can access authenticators.
allow (read,change-status,add,modify,remove) group="Administrators"
allow (read,change-status,add,modify,remove) group="Administrators"| Operations | Description | Allow/Deny Access | Targeted Users/Groups |
|---|---|---|---|
| read | Read authenticators | Allow | Administrators |
| change-status | Change status of authenticators | Allow | Administrators |
| add | Add authenticators | Allow | Administrators |
| modify | Update authenticators | Allow | Administrators |
| remove | Remove authenticators | Allow | Administrators |
D.7.3. certServer.tps.audit
링크 복사링크가 클립보드에 복사되었습니다!
Controls that only administrators can access the audit configuration.
allow (read,modify) group="Administrators"
allow (read,modify) group="Administrators"| Operations | Description | Allow/Deny Access | Targeted Users/Groups |
|---|---|---|---|
| read | Read configuration audit settings | Allow | Administrators |
| modify | Update configuration audit settings | Allow | Administrators |
D.7.4. certServer.tps.config
링크 복사링크가 클립보드에 복사되었습니다!
Controls that only administrators can access the configuration.
allow (read,modify) group="Administrators"
allow (read,modify) group="Administrators"| Operations | Description | Allow/Deny Access | Targeted Users/Groups |
|---|---|---|---|
| read | Read configuration settings | Allow | Administrators |
| modify | Update configuration settings | Allow | Administrators |
D.7.5. certServer.tps.connectors
링크 복사링크가 클립보드에 복사되었습니다!
Controls that only administrators can access connectors.
allow (read,change-status,add,modify,remove) group="Administrators"
allow (read,change-status,add,modify,remove) group="Administrators"| Operations | Description | Allow/Deny Access | Targeted Users/Groups |
|---|---|---|---|
| read | Read connectors | Allow | Administrators |
| change-status | Change the status of connectors | Allow | Administrators |
| add | Add connectors | Allow | Administrators |
| modify | Update connectors | Allow | Administrators |
| remove | Remove connectors | Allow | Administrators |
D.7.6. certServer.tps.groups
링크 복사링크가 클립보드에 복사되었습니다!
Enables administrators to execute group operations.
allow (execute) group="Administrators"
allow (execute) group="Administrators"| Operations | Description | Allow/Deny Access | Targeted Users/Groups |
|---|---|---|---|
| execute | Execute group operations | Allow | Administrators |
D.7.7. certServer.tps.users
링크 복사링크가 클립보드에 복사되었습니다!
Enables administrators to execute user operations.
allow (execute) group="Administrators"
allow (execute) group="Administrators"| Operations | Description | Allow/Deny Access | Targeted Users/Groups |
|---|---|---|---|
| execute | Execute user operations | Allow | Administrators |
D.7.8. certServer.tps.profiles
링크 복사링크가 클립보드에 복사되었습니다!
Allows that administrators and TPS agents can read and change the status of profiles. However, only administrators can add, modify, and remove profiles.
allow (read,change-status) group="Administrators" || group="TPS Agents" ; allow (add,modify,remove) group="Administrators"
allow (read,change-status) group="Administrators" || group="TPS Agents" ; allow (add,modify,remove) group="Administrators"| Operations | Description | Allow/Deny Access | Targeted Users/Groups |
|---|---|---|---|
| read | Read profiles | Allow | Administrators, TPS agents |
| change-status | Change status of profiles | Allow | Administrators, TPS agents |
| add | Add profiles | Allow | Administrators |
| modify | Update profiles | Allow | Administrators |
| remove | Remove profiles | Allow | Administrators |
D.7.9. certServer.tps.profile-mappings
링크 복사링크가 클립보드에 복사되었습니다!
Controls that only administrators can access profile mappings.
allow (read,change-status,add,modify,remove) group="Administrators"
allow (read,change-status,add,modify,remove) group="Administrators"| Operations | Description | Allow/Deny Access | Targeted Users/Groups |
|---|---|---|---|
| read | Read profile mappings | Allow | Administrators |
| change-status | Change status of profile mappings | Allow | Administrators |
| add | Add profile mappings | Allow | Administrators |
| modify | Update profile settings | Allow | Administrators |
| remove | Remove profile settings | Allow | Administrators |
D.7.10. certServer.tps.selftests
링크 복사링크가 클립보드에 복사되었습니다!
Controls that only administrators can access self tests.
allow (read,execute) group="Administrators"
allow (read,execute) group="Administrators"| Operations | Description | Allow/Deny Access | Targeted Users/Groups |
|---|---|---|---|
| read | Read self tests | Allow | Administrators |
| execute | Execute self tests | Allow | Administrators |
D.7.11. certServer.tps.tokens
링크 복사링크가 클립보드에 복사되었습니다!
Controls that administrators, agents, and operators can read tokens. However, only administrators can add and remove tokens, and only agents can modify tokens.
allow (read) group="Administrators" || group="TPS Agents" || group="TPS Operators"; allow (add,remove) group="Administrators" ; allow (modify) group="TPS Agents"
allow (read) group="Administrators" || group="TPS Agents" || group="TPS Operators"; allow (add,remove) group="Administrators" ; allow (modify) group="TPS Agents"| Operations | Description | Allow/Deny Access | Targeted Users/Groups |
|---|---|---|---|
| read | Read tokens | Allow | Administrators, TPS agents, TPS operators |
| add | Add tokens | Allow | Administrators |
| remove | Remove tokens | Allow | Administrators |
| modify | Update tokens | Allow | TPS agents |
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}