Skip to Content
0
Former Member
Nov 21, 2019 at 02:35 AM

IAM and authorization trace issue

621 Views

Hi,

I have some authorizations holes in our current setup, but I'm facing two issues with the current authorization tools at our disposal :

1/ Using the Authorization trace : It displays the restriction type which is checked, the value checked, but it displays all the roles that are relevant for the restriction type. what I need is that it displays THE roles(s) that succeed in this restriction type check, not ALL the roles which are relevant to that restriction check.

Do you know how to get the desired result ?

2/ Using the IAM, I am able to download all the restrictions currently set on all the business roles, so I can check if there is some missed restrictions.

Great.

Except that the IAM does not displays restrictions on access categories which are defined as "unrestricted", so I can't know where are such big holes except looking at each role... so far.

Do you know how to have all the unrestricted access catagories displayed on the restriction report in IAM or other tool ?

Thanks in advance,

Kind regards,

Franck