| 摘要 |
<p>A network infrastructure element such as a router or switch performs brokering network user identity and credential information. An application or administrative user can declare a policy for user identity information extraction, authentication and authorization. Based on the policy, the network element extracts user identity information or credentials from a transport-layer message header, application-layer message header, and message body. Based on the policy, the network element performs one or more authentication or authorization operations with the user identity information or credentials. As a result, a network element can broker identity information among incompatible applications and perform identity operations for the applications.</p> |
