| 摘要 |
Techniques for validating identities are provided. A sign-on request is authenticated for a given principal. Attributes associated with that principal are acquired from an identity service and compared against local maintained attributes for that principal. If the identity-service acquired attributes match the local attributes, then the principal is validated for access. During principal access, selective events drive updates to the identity-service acquired attributes, and the comparison with the local attributes is performed again to determine whether the validated principal is to be invalidated or is to remain validated. |
