geos_one/CASA
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Partial changes to enable client-ats communciations over SSL.

Browse Source
This commit is contained in:
Juan Carlos Luciani
2006-11-03 06:32:50 +00:00
parent 57405d8b45
commit 47a2358a9e
6 changed files with 794 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
CASA-auth-token/java/server/Svc/README
View File

@@ -96,11 +96,10 @@ The following is an example svc.settings file:
<settings>
<SessionTokenLifetime>43200</SessionTokenLifetime>
<LifetimeShorter>10</LifetimeShorter>
<IAConfigFile>/home/jluciani/jakarta-tomcat-5.0.28/webapps/CasaAuthTokenSvc/WEB-INF/conf/iaRealms.xml</IAConfigFile>
<IAConfigFile>/etc/CASA/authtoken/svc/iaRealms.xml</IAConfigFile>
<ReconfigureInterval>60</ReconfigureInterval>
<startSearchContext>o=novell</startSearchContext>
<SigningKeyAliasName>signingKey<SigningKeyAliasName>
<KeyStorePwd>foobar<KeyStorePwd>
<KeyStorePwd>secret<KeyStorePwd>
</settings>
Note the following about the sample svc.settings file:
@@ -129,12 +128,6 @@ Note the following about the sample svc.settings file:
initialized, thus requiring that the servlet be re-initialized to make configuration
changes take effect.
- The startSearchContext setting specifies the begin location for initiating
context searches. The absence of this setting will result in searches ocurring
from the root of the tree. This setting or an equivalent setting will be moved
to the identity abstraction configuration file where it belongs. Once this is done,
the setting will no longer be recognized within the svc.settings file.
- The SigningKeyAliasName setting specifies the alias name of the entry in the keystore
with the private key utilized to sign tokens. The value of this setting defaults to
"signingKey".
@@ -174,7 +167,7 @@ authenticate to them with the exception of when the service resides in the same
ATS in which case the host folder name is "localhost" and the host name specified by the
application is the host's DNS name.
The services folder must contain an auth.policy file, an authtoken.settings file,
The services folder can contain an auth.policy file, an authtoken.settings file,
and an identoken.settings file. In the absence of any one of those files or if the service
is not explicitedly configured, the ATS will default to utilizing the files present under
its conf folder.