To control access to systems of a plurality of enterprises by authentication of one authentication and authorization system and to consolidate user attribute information even when a user has authorities over a plurality of enterprises to access systems of the plurality of enterprises from one authentication and authorization server.
An authentication and authorization server 1 acquires user information (user A) from an authentication repository (authentication repository A2a) assigned to an enterprise (enterprise A) designated by the user and determines the user information as a main job. The authentication and authorization server 1 acquires user information (user A') of a linked authentication repository (authentication repository B2b) from the acquired user information and determines the user information (user A') as an auxiliary job. The authentication and authorization server 1 acquires an authority over a business server of the enterprise A from an ACLDB 3 with the user information (user A) as the main job and acquires an authority over a business server of an enterprise B from the ACLDB 3 with the user information (user A') as the auxiliary job, to perform access control.
COPYRIGHT: (C)2008,JPO&INPIT
Kazuyuki Fukunishi
Mitsubishi Electric Information Systems Co., Ltd.
JP200192782A | ||||
JP2000148737A | ||||
JP2003203145A | ||||
JP2000122910A |