No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

eSight V300R010C00SPC200, 300, and 500 Self-Service Integration Guide 11

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Security Mechanism

Security Mechanism

Security Authentication Description

Login is required for accessing the eSight system. Access to key data must be authorized by the administrator.

Figure 3-4 Security authentication mechanism

Security Authentication Scenarios

  • Scenario 1

    A user accesses the eSight system through a browser. When the user is logging in, the eSight system assigns a user token to the user: When the browser sends the HTTP login request to the server, the security filter of the system converts the session ID in the request to a token, which is used to access service data (such as alarms and performance data). The eSight system determines whether a user can access data based on the token.

  • Scenario 2

    When the eSight system uses multi-process deployment, the interactions between processes require authentication during eSight startup. No user is used in the interactions during the startup. A third party uses a service token for authentication when accessing service data (such as alarms and performance data). The eSight system determines whether the third party can access data based on the token. (The service token is also used in the scheduled task scenario.)

    The service token is used for access authentication and can access any interface. Therefore, it must be used in the trusted domain (within the firewall). Otherwise, it may cause security risks when it is intercepted by external parties.

  • Scenario 3

    When third-party systems are integrated with eSight, the interfaces of eSight must be stable. Therefore, a separate set of interfaces are provided to third-party systems through independent processes (OpenAPI). When accessing the interfaces, a user must log in and be assigned an open ID, which is used to identify the user during the session. When open API is used to access the eSight system, the open ID is converted into a token. Subsequent processing is similar to that in scenario 1.

Download
Updated: 2019-12-13

Document ID: EDOC1100044386

Views: 21605

Downloads: 93

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Share
Previous Next