Formated configuration files to make more readable. Update the README
and got rid of some un-necessary printfs.
This commit is contained in:
parent
f2b9c95d89
commit
af93081d2e
@ -64,10 +64,10 @@ Thhe following is an example svc.settings file:
|
|||||||
|
|
||||||
<?xml version="1.0" encoding="ISO-8859-1"?>
|
<?xml version="1.0" encoding="ISO-8859-1"?>
|
||||||
<settings>
|
<settings>
|
||||||
<SessionTokenLifetime>720</SessionTokenLifetime>
|
<SessionTokenLifetime>43200</SessionTokenLifetime>
|
||||||
<LifetimeShorter>10</LifetimeShorter>
|
<LifetimeShorter>10</LifetimeShorter>
|
||||||
<IAConfigFile>/home/jluciani/jakarta-tomcat-5.0.28/webapps/CasaAuthTokenSvc/WEB-INF/conf/iaRealms.xml</IAConfigFile>
|
<IAConfigFile>/home/jluciani/jakarta-tomcat-5.0.28/webapps/CasaAuthTokenSvc/WEB-INF/conf/iaRealms.xml</IAConfigFile>
|
||||||
<startSearchContext>o=novell</startSearchContext>
|
<startSearchContext>o=novell</startSearchContext>
|
||||||
</settings>
|
</settings>
|
||||||
|
|
||||||
Note the following about the sample svc.settings file:
|
Note the following about the sample svc.settings file:
|
||||||
@ -77,7 +77,7 @@ Note the following about the sample svc.settings file:
|
|||||||
|
|
||||||
- The SessionTokenLifetime setting specifies the number of seconds for which a
|
- The SessionTokenLifetime setting specifies the number of seconds for which a
|
||||||
session token is good for after being issued. The default value for this setting
|
session token is good for after being issued. The default value for this setting
|
||||||
is 360 seconds. Note that a larger value reduces overhead.
|
is 43200 seconds. Note that a larger value reduces overhead.
|
||||||
|
|
||||||
- The LifetimeShorter setting specifies the number of seconds that should be substracted
|
- The LifetimeShorter setting specifies the number of seconds that should be substracted
|
||||||
from the SessionTokenLifetime when calculating the number of seconds that clients are
|
from the SessionTokenLifetime when calculating the number of seconds that clients are
|
||||||
@ -122,16 +122,16 @@ The following is an example auth.policy file:
|
|||||||
|
|
||||||
<?xml version="1.0" encoding="ISO-8859-1"?>
|
<?xml version="1.0" encoding="ISO-8859-1"?>
|
||||||
<auth_policy>
|
<auth_policy>
|
||||||
<auth_source>
|
<auth_source>
|
||||||
<realm>CorpTree</realm>
|
<realm>CorpTree</realm>
|
||||||
<mechanism>Krb5Authenticate</mechanism>
|
<mechanism>Krb5Authenticate</mechanism>
|
||||||
<mechanism_info>host@tokenserver.company.novell.com</mechanism_info>
|
<mechanism_info>host@tokenserver.company.novell.com</mechanism_info>
|
||||||
</auth_source>
|
</auth_source>
|
||||||
<auth_source>
|
<auth_source>
|
||||||
<realm>CorpTree</realm>
|
<realm>CorpTree</realm>
|
||||||
<mechanism>PwdAuthenticate</mechanism>
|
<mechanism>PwdAuthenticate</mechanism>
|
||||||
<mechanism_info></mechanism_info>
|
<mechanism_info></mechanism_info>
|
||||||
</auth_source>
|
</auth_source>
|
||||||
</auth_policy>
|
</auth_policy>
|
||||||
|
|
||||||
Note the following about the sample auth.policy file:
|
Note the following about the sample auth.policy file:
|
||||||
@ -165,9 +165,9 @@ The following is an example authtoken.settings file:
|
|||||||
|
|
||||||
<?xml version="1.0" encoding="ISO-8859-1"?>
|
<?xml version="1.0" encoding="ISO-8859-1"?>
|
||||||
<settings>
|
<settings>
|
||||||
<TokenLifetime>720</TokenLifetime>
|
<TokenLifetime>3600</TokenLifetime>
|
||||||
<LifetimeShorter>10</LifetimeShorter>
|
<LifetimeShorter>10</LifetimeShorter>
|
||||||
<IdentityTokenType>CasaIdentityToken</IdentityTokenType>
|
<IdentityTokenType>CasaIdentityToken</IdentityTokenType>
|
||||||
</settings>
|
</settings>
|
||||||
|
|
||||||
Note the following about the sample authtoken.settings file:
|
Note the following about the sample authtoken.settings file:
|
||||||
@ -177,7 +177,7 @@ Note the following about the sample authtoken.settings file:
|
|||||||
its default value is utilized.
|
its default value is utilized.
|
||||||
|
|
||||||
- The TokenLifetime setting specifies the number of seconds for which a token is good
|
- The TokenLifetime setting specifies the number of seconds for which a token is good
|
||||||
for after being issued. The default value for this setting is 360 seconds. Note that
|
for after being issued. The default value for this setting is 3600 seconds. Note that
|
||||||
a larger value reduces overhead, but it also gives more time for an intruder to
|
a larger value reduces overhead, but it also gives more time for an intruder to
|
||||||
utilize the token if it becomes compromized.
|
utilize the token if it becomes compromized.
|
||||||
|
|
||||||
@ -196,9 +196,9 @@ The following is an example identoken.settings file:
|
|||||||
|
|
||||||
<?xml version="1.0" encoding="ISO-8859-1"?>
|
<?xml version="1.0" encoding="ISO-8859-1"?>
|
||||||
<settings>
|
<settings>
|
||||||
<Attributes>sn,groupMembership,guid</Attributes>
|
<Attributes>sn,groupMembership,guid</Attributes>
|
||||||
<EncryptAttributes>false</EncryptAttributes>
|
<EncryptAttributes>false</EncryptAttributes>
|
||||||
<Certificate>Base64 encoded certificate</Certificate>
|
<Certificate>Base64 encoded certificate</Certificate>
|
||||||
</settings>
|
</settings>
|
||||||
|
|
||||||
Note the following about the sample identoken.settings file:
|
Note the following about the sample identoken.settings file:
|
||||||
@ -251,9 +251,9 @@ mechanism:
|
|||||||
|
|
||||||
<?xml version="1.0" encoding="ISO-8859-1"?>
|
<?xml version="1.0" encoding="ISO-8859-1"?>
|
||||||
<settings>
|
<settings>
|
||||||
<ClassName>com.novell.casa.authtoksvc.Krb5Authenticate</ClassName>
|
<ClassName>com.novell.casa.authtoksvc.Krb5Authenticate</ClassName>
|
||||||
<RelativeClassPath>WEB-INF/classes</RelativeClassPath>
|
<RelativeClassPath>WEB-INF/classes</RelativeClassPath>
|
||||||
<ServicePrincipalName>host@tokenserver.company.novell.com</ServicePrincipalName>
|
<ServicePrincipalName>host@authtokenserver.company.com</ServicePrincipalName>
|
||||||
</settings>
|
</settings>
|
||||||
|
|
||||||
The base AuthTokenSvc package contains two authentication mechanisms, these are
|
The base AuthTokenSvc package contains two authentication mechanisms, these are
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
<?xml version="1.0" encoding="ISO-8859-1"?>
|
<?xml version="1.0" encoding="ISO-8859-1"?>
|
||||||
<settings>
|
<settings>
|
||||||
<TokenLifetime>3600</TokenLifetime>
|
<TokenLifetime>3600</TokenLifetime>
|
||||||
</settings>
|
</settings>
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
<?xml version="1.0" encoding="ISO-8859-1"?>
|
<?xml version="1.0" encoding="ISO-8859-1"?>
|
||||||
<settings>
|
<settings>
|
||||||
<EncryptAttributes>false</EncryptAttributes>
|
<EncryptAttributes>false</EncryptAttributes>
|
||||||
<Attributes>sn</Attributes>
|
<Attributes>sn</Attributes>
|
||||||
</settings>
|
</settings>
|
||||||
|
|
||||||
|
@ -1,13 +1,13 @@
|
|||||||
<?xml version="1.0" encoding="ISO-8859-1"?>
|
<?xml version="1.0" encoding="ISO-8859-1"?>
|
||||||
<auth_policy>
|
<auth_policy>
|
||||||
<auth_source>
|
<auth_source>
|
||||||
<realm>CorpTree</realm>
|
<realm>CorpTree</realm>
|
||||||
<mechanism>Krb5Authenticate</mechanism>
|
<mechanism>Krb5Authenticate</mechanism>
|
||||||
<mechanism_info>host@tokenserver.company.novell.com</mechanism_info>
|
<mechanism_info>host@authtokenserver.company.com</mechanism_info>
|
||||||
</auth_source>
|
</auth_source>
|
||||||
<auth_source>
|
<auth_source>
|
||||||
<realm>CorpTree</realm>
|
<realm>CorpTree</realm>
|
||||||
<mechanism>PwdAuthenticate</mechanism>
|
<mechanism>PwdAuthenticate</mechanism>
|
||||||
<mechanism_info></mechanism_info>
|
<mechanism_info></mechanism_info>
|
||||||
</auth_source>
|
</auth_source>
|
||||||
</auth_policy>
|
</auth_policy>
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
<?xml version="1.0" encoding="ISO-8859-1"?>
|
<?xml version="1.0" encoding="ISO-8859-1"?>
|
||||||
<settings>
|
<settings>
|
||||||
<ClassName>com.novell.casa.authtoksvc.Krb5Authenticate</ClassName>
|
<ClassName>com.novell.casa.authtoksvc.Krb5Authenticate</ClassName>
|
||||||
<RelativeClassPath>WEB-INF/classes</RelativeClassPath>
|
<RelativeClassPath>WEB-INF/classes</RelativeClassPath>
|
||||||
<ServicePrincipalName>host@tokenserver.company.novell.com</ServicePrincipalName>
|
<ServicePrincipalName>host@tokenserver.company.novell.com</ServicePrincipalName>
|
||||||
</settings>
|
</settings>
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
<?xml version="1.0" encoding="ISO-8859-1"?>
|
<?xml version="1.0" encoding="ISO-8859-1"?>
|
||||||
<settings>
|
<settings>
|
||||||
<ClassName>com.novell.casa.authtoksvc.PwdAuthenticate</ClassName>
|
<ClassName>com.novell.casa.authtoksvc.PwdAuthenticate</ClassName>
|
||||||
<RelativeClassPath>WEB-INF/classes</RelativeClassPath>
|
<RelativeClassPath>WEB-INF/classes</RelativeClassPath>
|
||||||
</settings>
|
</settings>
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
<?xml version="1.0" encoding="ISO-8859-1"?>
|
<?xml version="1.0" encoding="ISO-8859-1"?>
|
||||||
<settings>
|
<settings>
|
||||||
<TokenLifetime>720</TokenLifetime>
|
<TokenLifetime>3600</TokenLifetime>
|
||||||
</settings>
|
</settings>
|
||||||
|
@ -1,13 +1,13 @@
|
|||||||
<?xml version="1.0" encoding="ISO-8859-1"?>
|
<?xml version="1.0" encoding="ISO-8859-1"?>
|
||||||
<auth_policy>
|
<auth_policy>
|
||||||
<auth_source>
|
<auth_source>
|
||||||
<realm>CorpTree</realm>
|
<realm>CorpTree</realm>
|
||||||
<mechanism>Krb5Authenticate</mechanism>
|
<mechanism>Krb5Authenticate</mechanism>
|
||||||
<mechanism_info>host@tokenserver.company.novell.com</mechanism_info>
|
<mechanism_info>host@tokenserver.company.novell.com</mechanism_info>
|
||||||
</auth_source>
|
</auth_source>
|
||||||
<auth_source>
|
<auth_source>
|
||||||
<realm>CorpTree</realm>
|
<realm>CorpTree</realm>
|
||||||
<mechanism>PwdAuthenticate</mechanism>
|
<mechanism>PwdAuthenticate</mechanism>
|
||||||
<mechanism_info></mechanism_info>
|
<mechanism_info></mechanism_info>
|
||||||
</auth_source>
|
</auth_source>
|
||||||
</auth_policy>
|
</auth_policy>
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
<?xml version="1.0" encoding="ISO-8859-1"?>
|
<?xml version="1.0" encoding="ISO-8859-1"?>
|
||||||
<settings>
|
<settings>
|
||||||
<TokenLifetime>720</TokenLifetime>
|
<TokenLifetime>3600</TokenLifetime>
|
||||||
</settings>
|
</settings>
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
<?xml version="1.0" encoding="ISO-8859-1"?>
|
<?xml version="1.0" encoding="ISO-8859-1"?>
|
||||||
<settings>
|
<settings>
|
||||||
<EncryptAttributes>false</EncryptAttributes>
|
<EncryptAttributes>false</EncryptAttributes>
|
||||||
<Attributes>sn,groupMembership</Attributes>
|
<Attributes>sn,groupMembership</Attributes>
|
||||||
</settings>
|
</settings>
|
||||||
|
|
||||||
|
@ -1,21 +1,25 @@
|
|||||||
<realms
|
<bci:realms
|
||||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||||
<realm
|
xmlns:bci="http://www.bandit-project.org/commonidentity"
|
||||||
|
xmlns:xacml="urn:oasis:names:tc:xacml:2.0:policy:schema:os"
|
||||||
|
xsi:schemaLocation="urn:oasis:names:tc:xacml:2.0:policy:schema:os:access_control-xacml-2.0-policy-schema-os.xsd">
|
||||||
|
<bci:realm
|
||||||
desc="My Corporate Directory"
|
desc="My Corporate Directory"
|
||||||
connectorType="org.bandit.ia.connectors.LDAPConnectorInitialCtxFactory"
|
connectorType="org.bandit.ia.connectors.LDAPConnectorInitialCtxFactory"
|
||||||
id="CorpTree">
|
id="jctree">
|
||||||
<connection xsi:type="ldapConnector">
|
<bci:connection xsi:type="bci:LDAPConnector">
|
||||||
<address>ldap://dirserver.companyname.com:389</address>
|
<bci:address>ldap://dirserver.companyname.com:389</bci:address>
|
||||||
<security>
|
<bci:security>
|
||||||
<authentication>simple</authentication>
|
<bci:authentication>simple</bci:authentication>
|
||||||
<principal>cn=admin,o=companyname</principal>
|
<bci:principal>cn=admin,o=companyname</bci:principal>
|
||||||
<credentials>password</credentials>
|
<bci:credentials>password</bci:credentials>
|
||||||
</security>
|
</bci:security>
|
||||||
</connection>
|
</bci:connection>
|
||||||
</realm>
|
</bci:realm>
|
||||||
<realm desc="Realm Join Definition" id="E263CCC1-8F9D-4551-B786-068AA84E8564">
|
<bci:realm desc="Realm Join Definition" id="E263CCC1-8F9D-4551-B786-068AA84E8564">
|
||||||
<connection xsi:type="joinConnector">
|
<bci:connection xsi:type="bci:JoinConnector">
|
||||||
<realmID>CorpTree</realmID>
|
<bci:realmID>CorpTree</bci:realmID>
|
||||||
</connection>
|
</bci:connection>
|
||||||
</realm>
|
</bci:realm>
|
||||||
</realms>
|
</bci:realms>
|
||||||
|
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
<?xml version="1.0" encoding="ISO-8859-1"?>
|
<?xml version="1.0" encoding="ISO-8859-1"?>
|
||||||
<settings>
|
<settings>
|
||||||
<EncryptAttributes>false</EncryptAttributes>
|
<EncryptAttributes>false</EncryptAttributes>
|
||||||
<Attributes>sn</Attributes>
|
<Attributes>sn</Attributes>
|
||||||
</settings>
|
</settings>
|
||||||
|
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
<?xml version="1.0" encoding="ISO-8859-1"?>
|
<?xml version="1.0" encoding="ISO-8859-1"?>
|
||||||
<settings>
|
<settings>
|
||||||
<IAConfigFile>/home/jluciani/jakarta-tomcat-5.0.28/webapps/CasaAuthTokenSvc/WEB-INF/conf/iaRealms.xml</IAConfigFile>
|
<IAConfigFile>/home/jluciani/jakarta-tomcat-5.0.28/webapps/CasaAuthTokenSvc/WEB-INF/conf/iaRealms.xml</IAConfigFile>
|
||||||
<startSearchContext>o=novell</startSearchContext>
|
<SessionTokenLifetime>43200</SessionTokenLifetime>
|
||||||
</settings>
|
</settings>
|
||||||
|
@ -493,12 +493,9 @@ public class CasaIdentityToken implements IdentityToken
|
|||||||
else
|
else
|
||||||
{
|
{
|
||||||
// The data is base64 encoded
|
// The data is base64 encoded
|
||||||
System.err.println("CasaIdentityToken SAXHandler.characters()- encodedChars = " + length);
|
|
||||||
char[] encodedChars = new char[length];
|
char[] encodedChars = new char[length];
|
||||||
System.arraycopy(ch, start, encodedChars, 0, length);
|
System.arraycopy(ch, start, encodedChars, 0, length);
|
||||||
System.err.println("CasaIdentityToken SAXHandler.characters()- encodedChars copied to new array");
|
|
||||||
m_casaIdentToken.m_attributes.put(m_currAttribute, Base64Coder.decode(encodedChars));
|
m_casaIdentToken.m_attributes.put(m_currAttribute, Base64Coder.decode(encodedChars));
|
||||||
System.err.println("CasaIdentityToken SAXHandler.characters()- encodedChars decoded");
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// Advance to the next state
|
// Advance to the next state
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
<?xml version="1.0" encoding="ISO-8859-1"?>
|
<?xml version="1.0" encoding="ISO-8859-1"?>
|
||||||
<settings>
|
<settings>
|
||||||
<description>This is the authentication mechanism for the Krb5Authenticate scheme. The Krb5Authenticate scheme authenticates entities using Kerberos-V tokens.</description>
|
<description>This is the authentication mechanism for the Krb5Authenticate scheme. The Krb5Authenticate scheme authenticates entities using Kerberos-V tokens.</description>
|
||||||
<ClassName>com.novell.casa.authtoksvc.Krb5Authenticate</ClassName>
|
<ClassName>com.novell.casa.authtoksvc.Krb5Authenticate</ClassName>
|
||||||
<RelativeClassPath>WEB-INF/classes</RelativeClassPath>
|
<RelativeClassPath>WEB-INF/classes</RelativeClassPath>
|
||||||
<ServicePrincipalName>Specify the service's kerberos principal name</ServicePrincipalName>
|
<ServicePrincipalName>Specify the service's kerberos principal name</ServicePrincipalName>
|
||||||
</settings>
|
</settings>
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
<?xml version="1.0" encoding="ISO-8859-1"?>
|
<?xml version="1.0" encoding="ISO-8859-1"?>
|
||||||
<settings>
|
<settings>
|
||||||
<description>This is the authentication mechanism for the PwdAuthenticate scheme. The PwdAuthenticate scheme authenticates entities using username/password tokens.</description>
|
<description>This is the authentication mechanism for the PwdAuthenticate scheme. The PwdAuthenticate scheme authenticates entities using username/password tokens.</description>
|
||||||
<ClassName>com.novell.casa.authtoksvc.PwdAuthenticate</ClassName>
|
<ClassName>com.novell.casa.authtoksvc.PwdAuthenticate</ClassName>
|
||||||
<RelativeClassPath>WEB-INF/classes</RelativeClassPath>
|
<RelativeClassPath>WEB-INF/classes</RelativeClassPath>
|
||||||
</settings>
|
</settings>
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
<?xml version="1.0" encoding="ISO-8859-1"?>
|
<?xml version="1.0" encoding="ISO-8859-1"?>
|
||||||
<settings>
|
<settings>
|
||||||
<IAConfigFile>Replace with path to the Identity Abstraction Realms Configuration File.</IAConfigFile>
|
<IAConfigFile>Replace with path to the Identity Abstraction Realms Configuration File.</IAConfigFile>
|
||||||
<SessionTokenLifetime>43200</SessionTokenLifetime>
|
<SessionTokenLifetime>43200</SessionTokenLifetime>
|
||||||
</settings>
|
</settings>
|
||||||
|
Loading…
Reference in New Issue
Block a user