You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@lenya.apache.org by an...@apache.org on 2007/11/05 18:31:02 UTC

svn commit: r592096 - in /lenya/branches/docu_shibboleth/src/documentation/content/xdocs/docs/1_2_x/components/accesscontrol: attributes/attributes.xml shibboleth/architecture.xml

Author: andreas
Date: Mon Nov  5 09:31:01 2007
New Revision: 592096

URL: http://svn.apache.org/viewvc?rev=592096&view=rev
Log:
Updated shibboleth and attribute docs

Modified:
    lenya/branches/docu_shibboleth/src/documentation/content/xdocs/docs/1_2_x/components/accesscontrol/attributes/attributes.xml
    lenya/branches/docu_shibboleth/src/documentation/content/xdocs/docs/1_2_x/components/accesscontrol/shibboleth/architecture.xml

Modified: lenya/branches/docu_shibboleth/src/documentation/content/xdocs/docs/1_2_x/components/accesscontrol/attributes/attributes.xml
URL: http://svn.apache.org/viewvc/lenya/branches/docu_shibboleth/src/documentation/content/xdocs/docs/1_2_x/components/accesscontrol/attributes/attributes.xml?rev=592096&r1=592095&r2=592096&view=diff
==============================================================================
--- lenya/branches/docu_shibboleth/src/documentation/content/xdocs/docs/1_2_x/components/accesscontrol/attributes/attributes.xml (original)
+++ lenya/branches/docu_shibboleth/src/documentation/content/xdocs/docs/1_2_x/components/accesscontrol/attributes/attributes.xml Mon Nov  5 09:31:01 2007
@@ -78,10 +78,11 @@
     <section id="attributeTranslator">
       <title>Attribute Translator</title>
       <p>
-        The attribute translator service is the default attribute definition. It allows to define a
-        human-readable short name for each attribute which is provided by the authentication service.
-        This short name is used in <a href="#rules">attribute rules</a>, it helps to keep the rules
-        less verbose than with the original attribute names.
+        The attribute translator service is used by the default attribute definition service, the
+        <code>SamlAttributeDefinition</code>, to obtain the list of available attributes.
+        It allows to define a human-readable short name for each attribute which is provided by the
+        authentication service. This short name is used in <a href="#rules">attribute rules</a>,
+        it helps to keep the rules less verbose than with the original attribute names.
       </p>
       <p>
         The attribute translator is declared in <code>cocoon.xconf</code>. To declare your own

Modified: lenya/branches/docu_shibboleth/src/documentation/content/xdocs/docs/1_2_x/components/accesscontrol/shibboleth/architecture.xml
URL: http://svn.apache.org/viewvc/lenya/branches/docu_shibboleth/src/documentation/content/xdocs/docs/1_2_x/components/accesscontrol/shibboleth/architecture.xml?rev=592096&r1=592095&r2=592096&view=diff
==============================================================================
--- lenya/branches/docu_shibboleth/src/documentation/content/xdocs/docs/1_2_x/components/accesscontrol/shibboleth/architecture.xml (original)
+++ lenya/branches/docu_shibboleth/src/documentation/content/xdocs/docs/1_2_x/components/accesscontrol/shibboleth/architecture.xml Mon Nov  5 09:31:01 2007
@@ -28,7 +28,7 @@
       <figure alt="Shibboleth integration class diagram" src="classes.png"></figure>
     </section>
     <section>
-      <title>ShibbolethAuthenticator</title>
+      <title>org.apache.lenya.ac.shibboleth.ShibbolethAuthenticator</title>
       <p>
         The entry point from the Lenya application's point of view is the <code>ShibbolethAuthenticator</code>
         class. It is an implementation the <code>Authenticator</code> service, providing the functionality
@@ -46,8 +46,37 @@
         If the attribute request was successful, a <code>TransientUser</code> object is created by calling
         <code>UserManager.getUser(String)</code> with a non-existing ID, initialized
         with the attributes provided by the IdP, and attached to the Identity object which is stored
-        in the session.
+        in the session. The IdP attributes are mapped to Lenya user attributes (e-mail, first name,
+        last name) using the <code>UserFieldsMapping</code> service
+        (see section <a href="site:attributes-authorization">attribute-based authorization</a> for more information).
       </p>
+    </section>
+    
+    <section>
+      <title>org.apache.lenya.ac.shibboleth.ShibbolethModule</title>
+      <p>
+        The <code>ShibbolethModule</code> is an input module which provides access
+        to Shibboleth attributes in sitemaps.
+        It is used to obtain the WAYF server URL and the request parameters which
+        have to be attatched when the Login usecase redirects to the WAYF server.
+      </p>
+      <p>
+        The attributes are
+      </p>
+      <dl>
+        <dt>wayfServer</dt>
+        <dd>The URL of the WAYF server</dd>
+        <dt>shire</dt>
+        <dd>The value of the <em>shire</em> request parameter for the WAYF server.</dd>
+        <dt>target</dt>
+        <dd>The value of the <em>target</em> request parameter for the WAYF server.</dd>
+        <dt>providerId</dt>
+        <dd>The value of the <em>providerId</em> request parameter for the WAYF server.</dd>
+      </dl>
+    </section>
+    
+    <section>
+      <title></title>
     </section>
   </body>
 </document>



---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@lenya.apache.org
For additional commands, e-mail: commits-help@lenya.apache.org