You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@cocoon.apache.org by mi...@apache.org on 2003/08/15 01:16:35 UTC
cvs commit: cocoon-site/site/lenya/docs/concepts/accesscontrol terms.html
michi 2003/08/14 16:16:35
Added: site/lenya/docs/concepts/accesscontrol terms.html
Log:
Access Controller added
Revision Changes Path
1.1 cocoon-site/site/lenya/docs/concepts/accesscontrol/terms.html
Index: terms.html
===================================================================
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<META http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Basic Terms</title>
<link type="text/css" href="../../../skin/page.css" rel="stylesheet">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<!--================= start Banner ==================-->
<table summary="header with logos" width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<!--================= start Group Logo ==================-->
<td valign="bottom" bgcolor="#FFFFFF">
<div class="headerlogo">
<a href="http://cocoon.apache.org"><img border="0" class="logoImage" alt="Apache Cocoon" src="../../../images/cocoon-project-logo-big.png"></a>
</div>
<span class="textheader">Apache Cocoon</span>
<!--================= start Tabs ==================-->
<div class="tab">
<table summary="tab bar" border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="10" valign="bottom">
<div class="tab-separator">
<img alt="" width="10" src="../../../skin/images/spacer.gif"></div>
</td><td valign="bottom" class="tab">
<div class="tab-separator">
<table cellspacing="0" cellpadding="0" border="0">
<tr>
<td style="background-image: url(../../../skin/images/tab-left.png)" valign="top" width="5" height="5"><img alt="" src="../../../skin/images/tab-corner-left.png"></td><td rowspan="2" valign="bottom" class="tab">
<div class="tab-not-selected-shadow">
<div class="tab-not-selected">
<a href="../../../project/index.html"><font face="Arial, Helvetica, Sans-serif">Project Information</font></a>
</div>
</div>
</td><td style="background-image: url(../../../skin/images/tab-right.png)" valign="top" width="5" height="5"><img alt="" src="../../../skin/images/tab-corner-right.png"></td>
</tr>
<tr>
<td style="background-image: url(../../../skin/images/tab-left.png)" valign="bottom">
<div class="tab-not-selected-shadow-left">
<img alt="" width="4" src="../../../skin/images/spacer.gif"></div>
</td><td style="background-image: url(../../../skin/images/tab-right.png)" valign="bottom">
<div class="tab-not-selected-shadow-right">
<img alt="" width="4" src="../../../skin/images/spacer.gif"></div>
</td>
</tr>
</table>
</div>
</td><td valign="bottom" class="tab">
<div class="tab-separator">
<table cellspacing="0" cellpadding="0" border="0">
<tr>
<td style="background-image: url(../../../skin/images/tab-left.png)" valign="top" width="5" height="5"><img alt="" src="../../../skin/images/tab-corner-left.png"></td><td rowspan="2" valign="bottom" class="tab">
<div class="tab-not-selected-shadow">
<div class="tab-not-selected">
<a href="../../../installation/index.html"><font face="Arial, Helvetica, Sans-serif">Installation</font></a>
</div>
</div>
</td><td style="background-image: url(../../../skin/images/tab-right.png)" valign="top" width="5" height="5"><img alt="" src="../../../skin/images/tab-corner-right.png"></td>
</tr>
<tr>
<td style="background-image: url(../../../skin/images/tab-left.png)" valign="bottom">
<div class="tab-not-selected-shadow-left">
<img alt="" width="4" src="../../../skin/images/spacer.gif"></div>
</td><td style="background-image: url(../../../skin/images/tab-right.png)" valign="bottom">
<div class="tab-not-selected-shadow-right">
<img alt="" width="4" src="../../../skin/images/spacer.gif"></div>
</td>
</tr>
</table>
</div>
</td><td style="background-image: url(../../../skin/images/tab-left-selected.png)" valign="top" width="5"><img alt="" src="../../../skin/images/tab-corner-left-selected.png"></td><td valign="bottom" class="tab">
<div class="tab-selected">
<a href="../../index.html"><font color="#000000">Documentation</font></a>
</div>
</td><td style="background-image: url(../../../skin/images/tab-right-selected.png)" valign="top" width="5"><img alt="" src="../../../skin/images/tab-corner-right-selected.png"></td><td valign="bottom" class="tab">
<div class="tab-separator">
<table cellspacing="0" cellpadding="0" border="0">
<tr>
<td style="background-image: url(../../../skin/images/tab-left.png)" valign="top" width="5" height="5"><img alt="" src="../../../skin/images/tab-corner-left.png"></td><td rowspan="2" valign="bottom" class="tab">
<div class="tab-not-selected-shadow">
<div class="tab-not-selected">
<a href="../../../community/index.html"><font face="Arial, Helvetica, Sans-serif">Community</font></a>
</div>
</div>
</td><td style="background-image: url(../../../skin/images/tab-right.png)" valign="top" width="5" height="5"><img alt="" src="../../../skin/images/tab-corner-right.png"></td>
</tr>
<tr>
<td style="background-image: url(../../../skin/images/tab-left.png)" valign="bottom">
<div class="tab-not-selected-shadow-left">
<img alt="" width="4" src="../../../skin/images/spacer.gif"></div>
</td><td style="background-image: url(../../../skin/images/tab-right.png)" valign="bottom">
<div class="tab-not-selected-shadow-right">
<img alt="" width="4" src="../../../skin/images/spacer.gif"></div>
</td>
</tr>
</table>
</div>
</td>
</tr>
</table>
</div>
<!--================= end Tabs ==================-->
</td>
<!--================= end Group Logo ==================-->
<!--================= start Project Logo ==================--><td width="100%" valign="bottom" align="right" bgcolor="#FFFFFF">
<div style="padding: 10px" class="headerlogo">
<a href="http://cocoon.apache.org/lenya"><img border="0" class="logoImage" alt="Lenya" src="../../../images/apache-lenya-light.png"></a>
</div>
<div class="tab-separator"></div>
</td>
<!--================= end Project Logo ==================-->
</tr>
</table>
<!--================= end Banner ==================-->
<div class="tab-bar">
<img alt="" height="5" src="../../../skin/images/spacer.gif"></div>
<!--================= start Menu, NavBar, Content ==================-->
<table summary="page content" bgcolor="#ffffff" width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td valign="top">
<table summary="menu" border="0" cellspacing="0" cellpadding="0">
<tr>
<!--================= start left top NavBar ==================-->
<!--================= end left top NavBar ==================-->
<td valign="top">
<div class="tab-subbar">
<img width="10" height="5" alt="" src="../../../skin/images/spacer.gif"></div>
</td><td valign="top">
<!--================= start Menu items ==================-->
<div class="menu">
<div class="menutitle"></div>
<div class="menuitemgroup">
<div class="menutitle">Integrator/Dev Guide</div>
<div class="menuitemgroup">
<div class="menutitle">Concepts and Best Practises</div>
<div class="menuitemgroup">
<div class="menutitle">Access Control</div>
<div class="menuitemgroup">
<div class="menupage">
<div class="menupagetitle">Basic Terms</div>
<div class="menupageitemgroup">
<div class="menupageitem">
<a href="#Role">Role</a>
</div>
<div class="menupageitem">
<a href="#Identifiable">Identifiable</a>
</div>
<div class="menupageitem">
<a href="#Identity">Identity</a>
</div>
<div class="menupageitem">
<a href="#Accreditable">Accreditable</a>
</div>
<div class="menupageitem">
<a href="#Credential">Credential</a>
</div>
<div class="menupageitem">
<a href="#Policy">Policy</a>
</div>
</div>
</div>
<div class="menuitem">
<a href="accesscontrollers.html">Access Controllers</a>
</div>
<div class="menuitem">
<a href="accesscontrollerresolvers.html">Access Controller Resolvers</a>
</div>
<div class="menuitem">
<a href="authenticators.html">Authenticators</a>
</div>
<div class="menuitem">
<a href="authorizers.html">Authorizers</a>
</div>
<div class="menuitem">
<a href="policymanagers.html">Policy Managers</a>
</div>
<div class="menuitem">
<a href="accreditablemanagers.html">Accreditable Managers</a>
</div>
</div>
</div>
</div>
</div>
</div>
<!--================= end Menu items ==================-->
</td><td valign="top">
<div class="tab-subbar"> </div>
</td>
</tr>
<tr>
<td></td><td height="5"><img alt="" width="150" height="1" src="../../../skin/images/spacer.gif"></td><td></td>
</tr>
</table>
</td><td valign="top" width="100%">
<table summary="content" width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td valign="top" colspan="3">
<div class="tab-subbar"> </div>
</td>
</tr>
<!--================= start Content==================-->
<tr>
<td align="left" width="10"><img width="10" height="1" alt="" src="../../../skin/images/spacer.gif"></td><td align="left" width="100%">
<div class="content">
<table cellspacing="0" cellpadding="0" class="title">
<tr>
<td valign="middle">
<h1>Basic Terms</h1>
</td><td nowrap="nowrap" width="40" align="center"><a class="dida" href="terms.pdf"><img alt="PDF" src="../../../skin/images/pdfdoc.gif" border="0"><br>
PDF</a></td>
</tr>
</table>
<a name="N101C9"></a><a name="Role"></a>
<h3>Role</h3>
<div style="margin-left: 0 ; border: 2px">
<p>Roles are the connection between access control and CMS functionality. On
the access control side, you assign roles to users, IP address ranges and
groups at certain URL spaces. On the CMS side, you define which roles are
needed to execute certain usecases and workflow transitions.</p>
<p>Examples of roles are</p>
<ul>
<li>author</li>
<li>editor</li>
<li>admin</li>
</ul>
</div>
<a name="N101E2"></a><a name="Identifiable"></a>
<h3>Identifiable</h3>
<div style="margin-left: 0 ; border: 2px">
<p>An Identifiable is a characteristic of the client that can be identified.
Every Identifiable is Accreditable. Lenya currently supports the following
identifiables:</p>
<ul>
<li>users</li>
<li>machines</li>
<li>the world (this idenitifiable is assigned to every client that tries to
access the system)</li>
</ul>
</div>
<a name="N101F8"></a><a name="Identity"></a>
<h3>Identity</h3>
<div style="margin-left: 0 ; border: 2px">
<p>An Identity is the collection of all Identifiables that have access to the
system in the current session. The identity always contains the world and
the machine that produced the request. If you logged in, the user is also
contained in the identity.</p>
<p>For instance, if you log in from the machine 192.168.0.16 as the user john,
your identity contains this machine, this user and the world.</p>
</div>
<a name="N10205"></a><a name="Accreditable"></a>
<h3>Accreditable</h3>
<div style="margin-left: 0 ; border: 2px">
<p>An Accreditable can be accredited with roles at URLs. Lenya currently
supports the following accreditables:</p>
<ul>
<li>users</li>
<li>machines (accredition not implemented, use IP ranges instead)</li>
<li>IP address ranges</li>
<li>the world</li>
<li>groups</li>
</ul>
</div>
<a name="N10221"></a><a name="Credential"></a>
<h3>Credential</h3>
<div style="margin-left: 0 ; border: 2px">
<p>A Credential assigns a set of Roles to an Accreditable, e.g.:</p>
<ul>
<li>
<span class="codefrag">news_editors: editor, reviewer</span> means "The group
<span class="codefrag">news_editors</span> has the roles <span class="codefrag">editor</span> and <span class="codefrag">
reviewer</span>."</li>
</ul>
</div>
<a name="N1023C"></a><a name="Policy"></a>
<h3>Policy</h3>
<div style="margin-left: 0 ; border: 2px">
<p>A Policy defines a set of Credentials for a certain URL. It has the
responsibility to return all Roles of an Accreditable at a certain URL.</p>
<p>If for instance the policy for the URL /tv/news contains the credentials</p>
<ul>
<li>
<span class="codefrag">news_editors: editor, reviewer</span>
</li>
<li>
<span class="codefrag">john: admin</span>
</li>
<li>
<span class="codefrag">192.168.0.72: visitor</span>
</li>
</ul>
<p>and user <span class="codefrag">john</span> belongs to the group <span class="codefrag">news_editors</span>
and has logged in from the machine <span class="codefrag">192.168.0.72</span>, the policy
returns the role set <span class="codefrag">editor, reviewer, admin, visitor</span> for the
accreditable <span class="codefrag">john</span>.</p>
<p>A policy may not contain invalid accreditables. E.g., if a user is deleted
and another user with the same ID is created, he may not get the same
privileges as the former one.</p>
</div>
</div>
</td><td width="10"><img width="10" height="1" alt="" src="../../../skin/images/spacer.gif"></td>
</tr>
<!--================= end Content==================-->
</table>
</td>
</tr>
<tr>
<td>
<br>
<br>
</td>
</tr>
</table>
<!--================= end Menu, NavBar, Content ==================-->
<!--================= start Footer ==================-->
<div class="footer">
<table summary="footer" cellspacing="0" cellpadding="0" width="100%" border="0">
<tr>
<td colspan="2" height="1"><img height="1" width="1" alt="" src="../../../skin/images/spacer.gif"><a href="../../../skin/images/label.gif"></a><a href="../../../skin/images/page.gif"></a><a href="../../../skin/images/chapter.gif"></a><a href="../../../skin/images/chapter_open.gif"></a><a href="../../../skin/images/current.gif"></a></td>
</tr>
<tr>
<td colspan="2" class="copyright" align="center" width="90%"><span class="footnote">Copyright ©
2002-2003 The Apache Software Foundation. All rights reserved.
<br>
<script type="text/javascript" language="JavaScript"><!--
document.write(" - "+"Last Published: " + document.lastModified);
// --></script></span></td><td nowrap="nowrap" align="right" class="logos"><a href="http://validator.w3.org/check/referer"><img width="88" height="31" alt="Valid HTML 4.01!" src="../../../skin/images/valid-html401.png" class="logoImage" border="0"></a><a href="http://jigsaw.w3.org/css-validator/"><img width="88" height="31" alt="Valid CSS!" src="../../../skin/images/vcss.png" class="logoImage" border="0"></a></td>
</tr>
</table>
</div>
<!--================= end Footer ==================-->
</body>
</html>