西维蜀黍

【Security】Authentication(身份认证)- OpenID Connect (OIDC)

OpenID Connect (OIDC) OpenID Connect(简称 OIDC)是一个基于 OAuth 2.0 协议的身份认证层,它允许客户端应用程序验证用户的身份,并获取用户的基本信息(称为 profile 信息)   ...


【Security】Authorization(授权)- OAuth 2

Background

为了理解OAuth的适用场合,让我举一个假设的例子。

有一个"云冲印"的网站,可以将用户储存在Google的照片,冲印出来。用户为了使用该服务,必须让"云冲印"读取自己储存在Google上的照片。

  ...


【Security】Identity and Access Management (IAM) - Authentication(身份认证)和 Authorization(授权)

Identity and Access Management (IAM)

Identity and access management (IAM or IdAM for short) is a way to tell who a user is and what they are allowed to do. IAM is like the bouncer at the door of a nightclub with a list of who is allowed in, who isn’t allowed in, and who is able to access the VIP area. IAM is also called identity management (IdM).

  ...


【Security】Single Sign-On(SSO,单点登录)

Single Sign-On(SSO) Single sign-on (SSO) is a service that enables users to authenticate only once. Users sign in to the SSO service, which then passes on this authentication to every application by sending a digital authentication message to each application as needed. It should not be confused with same-sign on (Directory Server Authentication), often accomplished by using the Lightweight   ...


【Engineering】Diagram

  ...