svn commit: r1011801 - in /websites/staging/directory/trunk/content: ./ fortress/testimonials.html

[bu...@apache.org]

Author: buildbot
Date: Sun May  7 17:44:20 2017
New Revision: 1011801

Log:
Staging update by buildbot for directory

Modified:
    websites/staging/directory/trunk/content/   (props changed)
    websites/staging/directory/trunk/content/fortress/testimonials.html

Propchange: websites/staging/directory/trunk/content/
------------------------------------------------------------------------------
--- cms:source-revision (original)
+++ cms:source-revision Sun May  7 17:44:20 2017
@@ -1 +1 @@
-1794231
+1794232

Modified: websites/staging/directory/trunk/content/fortress/testimonials.html
==============================================================================
--- websites/staging/directory/trunk/content/fortress/testimonials.html (original)
+++ websites/staging/directory/trunk/content/fortress/testimonials.html Sun May  7 17:44:20 2017
@@ -169,11 +169,14 @@
 }
 h2:hover > .headerlink, h3:hover > .headerlink, h1:hover > .headerlink, h6:hover > .headerlink, h4:hover > .headerlink, h5:hover > .headerlink, dt:hover > .elementid-permalink { visibility: visible }</style>
 <h1 id="testimonials">Testimonials<a class="headerlink" href="#testimonials" title="Permanent link">&para;</a></h1>
-<h2 id="contributed-by-yudhi-karunia-surtan-for-pt-global-digital-niaga-bliblicom">Contributed by Yudhi Karunia Surtan for PT. Global Digital Niaga (blibli.com).<a class="headerlink" href="#contributed-by-yudhi-karunia-surtan-for-pt-global-digital-niaga-bliblicom" title="Permanent link">&para;</a></h2>
+<h2 id="credits">Credits<a class="headerlink" href="#credits" title="Permanent link">&para;</a></h2>
+<p>This work was contributed by Yudhi Karunia Surtan of PT. Global Digital Niaga (blibli.com).  Thanks to him and his team for their efforts in helping others use Fortress.</p>
+<h2 id="introduction">Introduction<a class="headerlink" href="#introduction" title="Permanent link">&para;</a></h2>
 <p>This document contains an overview of the URL filtering mechanism.</p>
+<h3 id="destailed-description-of-the-project">Destailed description of the project<a class="headerlink" href="#destailed-description-of-the-project" title="Permanent link">&para;</a></h3>
 <p>I created this solution because at the time I was looking an IAM and SSO solution, and there were no open source solution to provide everything that I required.</p>
 <p>Basically, the idea is, I wanted to have a framework where the developer doesn't need to programmatically make authorization calls, use annotation or any other kind of “if condition” statements, in their code. With this solution, I'm can have a declarative mechanism capable of dynamic authorization decisions, even if the user hasn't been logged in or has the the proper role activated.  This is because the authorization has been centralized at the server and that server can activate and deactivate user roles that are needed to access the runtime environment.</p>
-<p>I searched for all available open source solutions and finally decided to use Apereo CAS and Apache Fortress as the combined solution. Apereo CAS does the authentication and Apache Fortress will handle the authorization.</p>
+<p>I searched across all available open source solutions and finally decided to use Apereo CAS and Apache Fortress as the combined solution. Apereo CAS does the authentication and Apache Fortress will handle the authorization.</p>
 <p>Apereo CAS is very good way to handle the Single Sign-On and Single Sign-Out problems, on the other hand Apereo CAS lacks authorization capaibilities because there are no standardized solutions for the authorization in that space yet. Apache Fortress is good at authorization because it uses standard RBAC. However, Apache Fortress doesn't have an SSO solution yet. That is why I think both can be combined and create a good solution because they complement each other.  Unfortunately, there isn't a good documentation resource available to combine both solution into wone which is why I needed to create this to other developers on my team and make their life easier.</p>
 <p>With this solution, I have successfully run inside a production environment since 2015 and have maintained this solution for almost 2 years now, I write this documentation to describe how it works and how you can try something like this as well.</p>
 <p>Here are the technologies stack used within my extended framework:</p>
@@ -198,6 +201,7 @@ h2:hover > .headerlink, h3:hover > .head
 <li>Create own implementation for CasAuthenticationProvider</li>
 </ol>
 <h2 id="code-descriptions">Code Descriptions<a class="headerlink" href="#code-descriptions" title="Permanent link">&para;</a></h2>
+<p>The following sections contain code and xml snippets describing how the CAS and Fortress integration was accomplished.</p>
 <h3 id="server-side-development">Server side development:<a class="headerlink" href="#server-side-development" title="Permanent link">&para;</a></h3>
 <h4 id="the-authentication-handler">The Authentication Handler<a class="headerlink" href="#the-authentication-handler" title="Permanent link">&para;</a></h4>
 <p>The interesting part for this solution is how to maintain both the Apereo CAS and Apache Fortress sessions. Luckily, CAS is using a token for maintaining their session and that token is also designed to have some extended attributes included with it.  Using this knowledge, we can modify the profile given by CAS Server to the client. Let's have a look what I've done with combining the Apereo CAS and Apache Fortress sessions in the code that follows.</p>
@@ -505,13 +509,13 @@ h2:hover > .headerlink, h3:hover > .head
 <p>For testing this example, you need to understand that Apache Fortress configuration is necessary to find fortress.properties on the classpath so it might be good if you put that configuration file at the same classpath, for instance, if you are using tomcat remove all the fortress.properties inside the classes directory and put it on $TOMCAT_HOME/lib/ folder. Make sure get Apache Fortress running at the first step. Here are the detailed instructions for testing this example:</p>
 <h4 id="server-section">Server Section<a class="headerlink" href="#server-section" title="Permanent link">&para;</a></h4>
 <p>Read and find the instruction at :
- * https://github.com/apache/directory-fortress-core
- * https://github.com/apache/directory-fortress-enmasse
- * https://github.com/apache/directory-fortress-commander
- * and configure your Apache Fortress properly.
- * Clone the project from link at Where to download section below, change the configuration properly inside cas-fortress-servers/src/main/resources folder and package it using mvn clean package.
- * Copy the war file from cas-fortress-server/target into the web-container deploy directory.
- * Start your web-container and you get cas fortress integrated.</p>
+  * https://github.com/apache/directory-fortress-core
+  * https://github.com/apache/directory-fortress-enmasse
+  * https://github.com/apache/directory-fortress-commander
+  * and configure your Apache Fortress properly.
+  * Clone the project from link at Where to download section below, change the configuration properly inside cas-fortress-servers/src/main/resources folder and package it using mvn clean package.
+  * Copy the war file from cas-fortress-server/target into the web-container deploy directory.
+  * Start your web-container and you get cas fortress integrated.</p>
 <h4 id="client-section">Client Section<a class="headerlink" href="#client-section" title="Permanent link">&para;</a></h4>
 <ul>
 <li>Simply put the war file inside the web-container deploy directory.</li>