ace-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From j...@apache.org
Subject svn commit: r1330212 - in /ace/site/trunk/content/dev-doc/design: ace-authentication.mdtext auth_connectionfactory.svg
Date Wed, 25 Apr 2012 11:35:35 GMT
Author: jawi
Date: Wed Apr 25 11:35:34 2012
New Revision: 1330212

URL: http://svn.apache.org/viewvc?rev=1330212&view=rev
Log:
Small updates to text; new version of image.

Modified:
    ace/site/trunk/content/dev-doc/design/ace-authentication.mdtext
    ace/site/trunk/content/dev-doc/design/auth_connectionfactory.svg

Modified: ace/site/trunk/content/dev-doc/design/ace-authentication.mdtext
URL: http://svn.apache.org/viewvc/ace/site/trunk/content/dev-doc/design/ace-authentication.mdtext?rev=1330212&r1=1330211&r2=1330212&view=diff
==============================================================================
--- ace/site/trunk/content/dev-doc/design/ace-authentication.mdtext (original)
+++ ace/site/trunk/content/dev-doc/design/ace-authentication.mdtext Wed Apr 25 11:35:34 2012
@@ -17,8 +17,8 @@ Before going in more depth on the authen
 
 In figure 1, several communication paths exists (denoted by the circled digits):
 
-1. the client communicates to the server by means of both direct calls to its services as
well as remoted calls (by means of HTTP[^1]);
-2. a management agent (representing the target) communicates to the management server through
HTTP calls;
+1. the client communicates to the ACE server by means of both direct calls to its services
as well as remoted calls (by means of HTTP[^1]);
+2. a management agent (representing the target) communicates to the ACE server through HTTP
calls;
 3. the REST API exposes the entire client API in a RESTful way. Communication to the client
occurs by both direct calls as well as through HTTP;
 4. the Vaadin Web UI exposes the entire client API as web application. Similar as the REST
API, it communicates both directly as through HTTP with the client.
 
@@ -91,6 +91,7 @@ To make this more concrete, an example o
 
 The service configuration, located in `org.apache.ace.obr.servlet.cfg`, looks like:
 
+    :::properties
     # Endpoint for this servlet
     org.apache.ace.server.servlet.endpoint=/obr
     # Whether or not authentication is to be used
@@ -98,6 +99,7 @@ The service configuration, located in `o
 
 In `BundleServlet` we add the following code:
 
+    :::java
     private volatile boolean m_useAuth;
     private volatile AuthenticationService m_authService;
     
@@ -137,6 +139,7 @@ As almost all of the services in ACE are
 
 The actual authentication implementation itself is rather trivial: we simply intercept all
incoming requests in our servlet and verify whether it resolves to a valid user:
 
+    :::java
     @Override
     protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException,
IOException {
         if (!authenticate(req)) {
@@ -165,6 +168,7 @@ Note that this implementation does not t
 
 Now that the remote service itself is no longer accepting unauthenticated requests, we need
to supply the credentials to access this service to the `ConnectionFactory` service. This
service can be configured using the PID `org.apache.ace.connectionfactory` (*note that it
is a configuration factory!*), which would result in the following configuration for accessing
our `BundleServlet`:
 
+    :::properties
     # What kind of authentication should we supply
     authentication.type = basic
     # The actual credentials for basic authentication
@@ -182,11 +186,11 @@ When this configuration is supplied to t
 
 [^1]: Other communication protocols could be used as well. However, currently, only HTTP
is natively supported by ACE. For the remainder of this article, we'll assume HTTP as protocol.
 
-[^2]: Assuming that all components in the management server are trusted and obtained from
trusted sources. If untrusted components would be allowed, we need to add authentication to
these communication paths as well.
+[^2]: Assuming that all components in the ACE server are trusted and obtained from trusted
sources. If untrusted components would be allowed, we need to add authentication to these
communication paths as well.
 
 [^3]: It is up to the implementation of `AuthenticationService` whether the *first* found
user is returned, or whether it checks if all authentication processors yield the *same* user,
or any other strategy that is desired.
 
-[^4]: Amongst others, any number of log-endpoints can be defined, at least one is needed
for the audit log to be synchronized between target and management server.
+[^4]: Amongst others, any number of log-endpoints can be defined, at least one is needed
for the audit log to be synchronized between target and ACE server.
 
 [^5]: Note that we're using a configuration dependency for this service. This way, the configuration
**must** be present before the service itself is registered, which allows us to determine
if authentication should be used or not.
 

Modified: ace/site/trunk/content/dev-doc/design/auth_connectionfactory.svg
URL: http://svn.apache.org/viewvc/ace/site/trunk/content/dev-doc/design/auth_connectionfactory.svg?rev=1330212&r1=1330211&r2=1330212&view=diff
==============================================================================
--- ace/site/trunk/content/dev-doc/design/auth_connectionfactory.svg (original)
+++ ace/site/trunk/content/dev-doc/design/auth_connectionfactory.svg Wed Apr 25 11:35:34 2012
@@ -1,13 +1,23 @@
 <?xml version="1.0" encoding="utf-8" ?>
 <!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
-<svg height="98" version="1.1" width="262" xmlns="http://www.w3.org/2000/svg">
-<rect fill="#ffffff" height="70" stroke="#ffffff" stroke-width="1" width="234" x="14"
y="14"/>
-<rect fill="none" height="70" stroke="#000000" stroke-width="1" width="234" x="14" y="14"/>
-<text font-family="Lucida Grande" font-size="13" x="72" y="48">
+<svg height="226" version="1.1" width="262" xmlns="http://www.w3.org/2000/svg">
+<rect fill="#ffffff" height="70" stroke="#ffffff" stroke-width="1" width="234" x="14"
y="142"/>
+<rect fill="none" height="70" stroke="#000000" stroke-width="1" width="234" x="14" y="142"/>
+<text font-family="Lucida Grande" font-size="13" x="72" y="176">
 ConnectionFactory</text>
-<text font-family="Lucida Grande" font-size="13" x="83" y="29">
+<text font-family="Lucida Grande" font-size="13" x="83" y="157">
 &lt;&lt;interface&gt;&gt;</text>
-<rect fill="#000000" height="1" stroke="#000000" stroke-width="1" width="234" x="14" y="58"/>
-<text font-family="Lucida Grande" font-size="13" x="18" y="73">
+<rect fill="#000000" height="1" stroke="#000000" stroke-width="1" width="234" x="14" y="186"/>
+<text font-family="Lucida Grande" font-size="13" x="18" y="201">
 createConnection() : URLConnection</text>
+<rect fill="#ffffff" height="72" stroke="#ffffff" stroke-width="1" width="232" x="14"
y="14"/>
+<rect fill="none" height="72" stroke="#000000" stroke-width="1" width="232" x="14" y="14"/>
+<text font-family="Lucida Grande" font-size="13" x="57" y="48">
+ManagedServiceFactory</text>
+<text font-family="Lucida Grande" font-size="13" x="82" y="29">
+&lt;&lt;interface&gt;&gt;</text>
+<rect fill="#000000" height="1" stroke="#000000" stroke-width="1" width="232" x="14" y="58"/>
+<polyline fill="none" points="131,142 131,85" stroke="#333399" stroke-width="1"/>
+<polygon fill="#ffffff" points="131,85 138,97 124,97" stroke="#ffffff" stroke-width="1"/>
+<polygon fill="none" points="131,85 138,97 124,97" stroke="#333399" stroke-width="1"/>
 </svg>



Mime
View raw message