
Chapter 7. Access control in a distributed environment 171
Master Authentication Server (MAS) in the home domain. Once the initial
authentication has taken place, the user has an e-community identity based upon
the home domain's user registry. A user's e-community identity may
subsequently be mapped, as required, to local identities by WebSEAL servers in
other domains within the e-community.
The e-community model is shown in Figure 7-12.
Figure 7-12 The e-community model
The e-community mechanism involves the following steps, generally:
1. A user makes a request for a protected resource controlled by a WebSEAL
server in one of the e-community do ...