You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@lenya.apache.org by an...@apache.org on 2007/11/05 18:31:02 UTC
svn commit: r592096 - in
/lenya/branches/docu_shibboleth/src/documentation/content/xdocs/docs/1_2_x/components/accesscontrol:
attributes/attributes.xml shibboleth/architecture.xml
Author: andreas
Date: Mon Nov 5 09:31:01 2007
New Revision: 592096
URL: http://svn.apache.org/viewvc?rev=592096&view=rev
Log:
Updated shibboleth and attribute docs
Modified:
lenya/branches/docu_shibboleth/src/documentation/content/xdocs/docs/1_2_x/components/accesscontrol/attributes/attributes.xml
lenya/branches/docu_shibboleth/src/documentation/content/xdocs/docs/1_2_x/components/accesscontrol/shibboleth/architecture.xml
Modified: lenya/branches/docu_shibboleth/src/documentation/content/xdocs/docs/1_2_x/components/accesscontrol/attributes/attributes.xml
URL: http://svn.apache.org/viewvc/lenya/branches/docu_shibboleth/src/documentation/content/xdocs/docs/1_2_x/components/accesscontrol/attributes/attributes.xml?rev=592096&r1=592095&r2=592096&view=diff
==============================================================================
--- lenya/branches/docu_shibboleth/src/documentation/content/xdocs/docs/1_2_x/components/accesscontrol/attributes/attributes.xml (original)
+++ lenya/branches/docu_shibboleth/src/documentation/content/xdocs/docs/1_2_x/components/accesscontrol/attributes/attributes.xml Mon Nov 5 09:31:01 2007
@@ -78,10 +78,11 @@
<section id="attributeTranslator">
<title>Attribute Translator</title>
<p>
- The attribute translator service is the default attribute definition. It allows to define a
- human-readable short name for each attribute which is provided by the authentication service.
- This short name is used in <a href="#rules">attribute rules</a>, it helps to keep the rules
- less verbose than with the original attribute names.
+ The attribute translator service is used by the default attribute definition service, the
+ <code>SamlAttributeDefinition</code>, to obtain the list of available attributes.
+ It allows to define a human-readable short name for each attribute which is provided by the
+ authentication service. This short name is used in <a href="#rules">attribute rules</a>,
+ it helps to keep the rules less verbose than with the original attribute names.
</p>
<p>
The attribute translator is declared in <code>cocoon.xconf</code>. To declare your own
Modified: lenya/branches/docu_shibboleth/src/documentation/content/xdocs/docs/1_2_x/components/accesscontrol/shibboleth/architecture.xml
URL: http://svn.apache.org/viewvc/lenya/branches/docu_shibboleth/src/documentation/content/xdocs/docs/1_2_x/components/accesscontrol/shibboleth/architecture.xml?rev=592096&r1=592095&r2=592096&view=diff
==============================================================================
--- lenya/branches/docu_shibboleth/src/documentation/content/xdocs/docs/1_2_x/components/accesscontrol/shibboleth/architecture.xml (original)
+++ lenya/branches/docu_shibboleth/src/documentation/content/xdocs/docs/1_2_x/components/accesscontrol/shibboleth/architecture.xml Mon Nov 5 09:31:01 2007
@@ -28,7 +28,7 @@
<figure alt="Shibboleth integration class diagram" src="classes.png"></figure>
</section>
<section>
- <title>ShibbolethAuthenticator</title>
+ <title>org.apache.lenya.ac.shibboleth.ShibbolethAuthenticator</title>
<p>
The entry point from the Lenya application's point of view is the <code>ShibbolethAuthenticator</code>
class. It is an implementation the <code>Authenticator</code> service, providing the functionality
@@ -46,8 +46,37 @@
If the attribute request was successful, a <code>TransientUser</code> object is created by calling
<code>UserManager.getUser(String)</code> with a non-existing ID, initialized
with the attributes provided by the IdP, and attached to the Identity object which is stored
- in the session.
+ in the session. The IdP attributes are mapped to Lenya user attributes (e-mail, first name,
+ last name) using the <code>UserFieldsMapping</code> service
+ (see section <a href="site:attributes-authorization">attribute-based authorization</a> for more information).
</p>
+ </section>
+
+ <section>
+ <title>org.apache.lenya.ac.shibboleth.ShibbolethModule</title>
+ <p>
+ The <code>ShibbolethModule</code> is an input module which provides access
+ to Shibboleth attributes in sitemaps.
+ It is used to obtain the WAYF server URL and the request parameters which
+ have to be attatched when the Login usecase redirects to the WAYF server.
+ </p>
+ <p>
+ The attributes are
+ </p>
+ <dl>
+ <dt>wayfServer</dt>
+ <dd>The URL of the WAYF server</dd>
+ <dt>shire</dt>
+ <dd>The value of the <em>shire</em> request parameter for the WAYF server.</dd>
+ <dt>target</dt>
+ <dd>The value of the <em>target</em> request parameter for the WAYF server.</dd>
+ <dt>providerId</dt>
+ <dd>The value of the <em>providerId</em> request parameter for the WAYF server.</dd>
+ </dl>
+ </section>
+
+ <section>
+ <title></title>
</section>
</body>
</document>
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@lenya.apache.org
For additional commands, e-mail: commits-help@lenya.apache.org