You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@clerezza.apache.org by Apache Wiki <wi...@apache.org> on 2012/06/25 16:39:13 UTC
[Clerezza Wiki] Update of "Security management in Clerezza" by FlorentAndre
Dear Wiki user,
You have subscribed to a wiki page or wiki category on "Clerezza Wiki" for change notification.
The "Security management in Clerezza" page has been changed by FlorentAndre:
http://wiki.apache.org/clerezza/Security%20management%20in%20Clerezza
New page:
== Introduction ==
* Security in Clerezza is done at two level : platform Bundles and Graph read/write access.
* Security and permission are managed with JAAS
* Authentication can be done with one of this method :
* cookie
* http basic auth
* webID
* Clerezza Security code reside in plateform.security.* bundles
== How it's work ==
=== Authentication ===
* AuthenticatingFilter : is the http endpoint
* call all registered AuthenticationMethod and WeightedAuthenticationMethod implementations
* call the authenticationService : that will use all registered authenticationChecker to validate the provided username and password.
* call each authenticationChecker : the first one that authenticate the user is ok.
* Implement WeightedAuthenticationMethod, allow you to add others authentication protocol to Clerezza (ex : oAuth, openId,...)
* Implement authenticationChecker, allow you to connect your specific authentication tool (LDAP, database,...)
=== Authorization ===
* TBD
== Resources ==
* JAAS :
* http://docs.oracle.com/javase/1.5.0/docs/guide/security/jgss/tutorials/AcnAndAzn.html
* http://docs.oracle.com/javase/1.4.2/docs/guide/security/jaas/tutorials/GeneralAcnAndAzn.html#RunAzn
* http://www.jaasbook.com/
* Clerezza security
* see thread with subject "Auth management in Clerezza" in https://mail-archives.apache.org/mod_mbox/incubator-clerezza-dev/201206.mbox/browser