SAS 9.1.3 Integration Technologies » Administrator's Guide (LDAP Version)

Security
Setting up Person Entries
Sun ONE and Netscape Directory Server Access Control Overview
Setting Access Permissions for an Object
Specifying Bind Rules
IBM SecureWay Directory Server Access Control Overview
Setting Access Control for Objects
Security

Security

For the LDAP server and SAS Integration Technologies, you can implement security using authentication and authorization mechanisms. Authentication is the process of verifying that a person is who they say they are. Authorization is the process of evaluating whether a given user has permission to perform a task (such as read or write) on a given resource.

SAS Integration Technologies 9.1 supports Sun ONE Directory Server Version 5.1, Netscape Directory Server 4.12 (also owned by Sun Microsystems, and previously sold under the name iPlanet Directory Server), and IBM Secureway Server Version 3.2.2.

To implement security for SAS Integration Technologies, follow these steps:

  1. Define Person Entries for Authentication. To enable authentication against the LDAP server, you must set up your person entries on the LDAP server. For details, see Defining Person Entries

  2. Implement Server Security (optional). If you are using an IOM Bridge server, you can use a SAS Login definition to ensure that only authorized users obtain access to SAS data and processes. The login definition specifies which specific users or groups of users can access the server. For more information, see Defining a SAS Login.

  3. Define Access Controls for Authorization. You can update access controls on the LDAP server. Authorization in SAS Integration Technologies is accomplished using access control information (ACI) rules (for the Sun ONE Directory Server and Netscape Directory Server) and access control permissions (for the IBM Secureway Directory Server).

    For general information about access control, see Sun ONE and Netscape Directory Server Access Control Overview and Secureway Directory Server Access Control Overview. You can also refer to the Sun Product Documentation Web site. (The Sun ONE Directory Server is referred to as iPlanet Directory Server on this page.)

    For information about using the Integration Technologies Administrator to specify ACI rules for the iPlanet Directory Server, see Setting Access Permissions for an Object and Specifying Bind Rules. For information about using the Integration Technologies Administrator to set access control for the Secureway Directory Server, see Setting Access Control for Objects.