TODO and README for JaasSupport component.

auth_token/server/JaasSupport/README

@@ -0,0 +1,82 @@
+/***********************************************************************
+ *
+ *  README for JaasSupport
+ *
+ ***********************************************************************/
+
+INTRODUCTION
+
+CasaLoginModule is a JAAS login module which can be configured
+to validate credentials consisting of CASA Authentication Tokens.
+
+CONFIGURATION
+
+To use CasaLoginModule for your service, set the java.security.auth.login.config
+property to point to the JAAS configuration file for your application. You must
+also set the org.xml.sax.driver property to point to an appropriate SAX Parser.
+The Xerces SAX Parser is a good option (org.apache.xerces.parsers.SAXParser).
+
+The JAAS configuration file should include the following line:
+
+com.novell.casa.jaas.CasaLoginModule Required;
+
+The CasaLoginModule supports the following parameters:
+
+PerformUsernameCheck - This parameter when set to true tells the CasaLoginModule
+that it must verify that the username is set to "CasaPrincipal". If the parameter
+is not specified the username is not checked.
+
+CLIENT PROGRAMMING NOTES
+
+Clients must specify the same service name when requesting Authentication
+Tokens from the CASA Client as the service name specified by the server
+when opening a JAAS Context.
+
+SERVER PROGRAMMING NOTES
+
+Server applications validating credentials containing CASA Authentication
+tokens can obtain information about the authenticated identity by getting
+access to the CasaPrincipal that gets associated with the Subject object
+returned from a successful JAAS login. The CasaPrincipal provides the
+following information: username, name of the identity data source (realm),
+and an URL to the identity data source. The CasaPrincipal also contains
+the attributes of the authenticated identity configured as required by the
+service in the Authentication Token Service.
+
+EXAMPLE SERVER APPLICATION
+
+See src/com/novell/casa/jaas/sample/SampleApp.java for an example application
+using JAAS to authenticate credentials consisting of CASA Authentication Tokens.
+
+Note that to get the application to run you must set the path to the JAAS configuration
+file as the JAVA property java.security.auth.login.config. You must also make sure that
+the JAVA property org.xml.sax.driver.org is set to a valid SAX parser. The following shows
+the JAVA options that you would set to run the test application: -Djava.security.auth.login.
+config=/home/user/SampleApp/SampleApp.conf -Dorg.xml.sax.driver=org.apache.xerces.parsers.
+SAXParser
+
+The SampleApp.conf file should have the following contents:
+
+SampleApp {
+	com.novell.casa.jaas.CasaLoginModule Required debug=true;
+};
+
+You must also include the CasaJaasSupport.jar and CasaAuthToken.jar files in the
+CLASSPATH of the application.
+
+SECURITY CONSIDERATIONS
+
+CASA Authenticatication Tokens when compromised can be used to either impersonate
+a user or to obtain identity information about the user. Because of this it is
+important that the tokens be secured by applications making use of them. It is
+recommended that the tokens be transmitted using SSL.
+ 
+
+
+
+                
+
+
+
+
+

auth_token/server/JaasSupport/TODO

@@ -0,0 +1,14 @@
+/***********************************************************************
+ *
+ *  TODO for JaasSupport
+ *
+ ***********************************************************************/
+
+INTRODUCTION
+
+This file contains a list of the items still outstanding for JaasSupport.
+
+OUTSTANDING ITEMS
+
+- Change the username that the login module checks to be CasaPrincipal.
+- Change the setting for checking usernames to be PerformUsernameCheck.