Documentation updates.
This commit is contained in:
Juan Carlos Luciani
parent
af1ddd2db3
commit
f85d93e73d
@ -1,13 +1,13 @@
|
||||
/***********************************************************************
|
||||
*
|
||||
* README for CasaAuthServer
|
||||
* README for AuthTokenSvc
|
||||
*
|
||||
***********************************************************************/
|
||||
|
||||
INTRODUCTION
|
||||
|
||||
CasaAuthServer is the CASA Authentication Token Service (ATS). It is implemented
|
||||
as a set of Java servlets and classes that execute in the Tomcat environment.
|
||||
AuthTokenSvc is the CASA Authentication Token Service (ATS). It is implemented
|
||||
as a Java servlet and supporting classes that execute in the Tomcat environment.
|
||||
|
||||
The ATS is responsible for providing clients with the necessary authentication
|
||||
policy information, for authenticating client entities, and for providing
|
||||
@ -17,9 +17,30 @@ to CASA Authentication enabled services.
|
||||
The ATS utilizes mechanism plug-ins for authenticating client entities as well
|
||||
Identity Token Providers for the generation of Identity Tokens.
|
||||
|
||||
CONFIGURING ADDITIONAL AUTHENTICATION MECHANISMS
|
||||
CONFIGURATION
|
||||
|
||||
AuthTokenSvc configuration consists of multiple entities. Most of the AuthTokenSvc
|
||||
configuration is contained within the "conf" folder under the WEB-INF folder of the
|
||||
application. For an example configuration setup for the AuthTokenSvc see the
|
||||
sampleConf folder.
|
||||
|
||||
CONFIGURING AUTHENTICATION MECHANISMS
|
||||
|
||||
Authentication mechanisms available to the AuthTokenSvc are configured by creating
|
||||
a sub-folder named after the authentication mechanism type under the
|
||||
conf/auth_mechanisms folder. The authentication mechanism folders must contain a
|
||||
settings file named mechanism.settings. The mechanism.settings file must contain the
|
||||
name of the class implementing the mechanism along with path information which
|
||||
can be utilized by the ATS to load the class. The mechanism.settings file can
|
||||
also contain mechanism specific settings.
|
||||
|
||||
The following setting is mandatory:
|
||||
|
||||
One of the following settngs must be included:
|
||||
|
||||
For example mechanism.settings files look at sampleConf/auth_mechanisms/
|
||||
|
||||
|
||||
- TBD -
|
||||
|
||||
CONFIGURING ADDITIONAL IDENTITY TOKEN PROVIDERS
|
||||
|
||||
|
||||
@ -1,22 +1,20 @@
|
||||
/***********************************************************************
|
||||
*
|
||||
* TODO for CasaAuthServer
|
||||
* TODO for AuthTokenSvc
|
||||
*
|
||||
***********************************************************************/
|
||||
|
||||
INTRODUCTION
|
||||
|
||||
This file contains a list of the items still outstanding for CasaAuthServer.
|
||||
This file contains a list of the items still outstanding for AuthTokenSvc.
|
||||
|
||||
OUTSTANDING ITEMS
|
||||
|
||||
- Switch to a Web Services model where the Client/Server protocol uses SOAP.
|
||||
- Switch to use WS-Security and WS-Trust for Authentication Tokens.
|
||||
- Switch to use WS-Security, WS-Policy, and WS-Conversation for Authentication Tokens and Session Tokens.
|
||||
- Add code to verify that client/server communications occur over HTTPS.
|
||||
- Add logging.
|
||||
- Create plug-in API for Identity Token Providers.
|
||||
- Create plug-in API for Authentication Mechanisms.
|
||||
- Obtain authentication policy configuration from file system.
|
||||
- Integrate into CASA build environment.
|
||||
- Review Code.
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user