 |
|
| Introduction |
Authorization Facility
The SAS Metadata Server uses an authorization facility to control access to metadata repositories and to specific metadata in the metadata repositories. Authorization processes are insulated from metadata-related processes in the SAS Metadata Server. The authorization facility provides an interface for querying authorization metadata that is on the metadata server, and returns authorization decisions based on rules that are stored in the metadata.
The SAS Metadata Server uses the authorization facility to make queries about ReadMetadata and WriteMetadata permissions on metadata and enforces the decisions that are returned by the authorization facility. It is not necessary for SAS Open Metadata Interface clients to enforce authorization decisions regarding the ReadMetadata and WriteMetadata permissions.
SAS Open Metadata Interface clients can use the authorization facility to request authorization decisions on other types of access (for example, to request authorization decisions on data that is represented by SAS metadata). For example, other SAS IOM servers define and enforce Read, Write, Create, and Delete permissions on data that is represented by metadata. Applications that use the authorization facility to request authorization decisions on application-defined actions and objects must enforce the authorization decisions themselves.
The authorization facility's interface consists of a set of methods that are available in the ISecurity server interface. For more information, see Authorization (ISecurity Interface).
For information about the types of access controls supported by the authorization facility and how the authorization facility makes authorization decisions, see the SAS Intelligence Platform: Security Administration Guide.
SAS 9.2 introduces a security administration interface to facilitate the creation and query of access controls. Security administration methods are available in the ISecurityAdmin server interface. For more information, see Overview of the ISecurityAdmin Server Interface.
|
|
Copyright © 2010 by SAS Institute Inc., Cary, NC, USA. All rights reserved.