directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From plusplusjia...@apache.org
Subject svn commit: r1689993 - in /directory/site/trunk: content/kerby/ content/kerby/user-guide/ templates/kerby/
Date Thu, 09 Jul 2015 07:06:57 GMT
Author: plusplusjiajia
Date: Thu Jul  9 07:06:57 2015
New Revision: 1689993

URL: http://svn.apache.org/r1689993
Log:
Add more in kerby user guide.

Added:
    directory/site/trunk/content/kerby/developer-guide.mdtext
    directory/site/trunk/content/kerby/user-guide/4-identity-backend.mdtext
    directory/site/trunk/content/kerby/user-guide/5-crypto-and-encryption-types.mdtext
    directory/site/trunk/content/kerby/user-guide/6-network-support.mdtext
    directory/site/trunk/content/kerby/user-guide/7-dependency.mdtext
Removed:
    directory/site/trunk/content/kerby/developers-guide.mdtext
Modified:
    directory/site/trunk/content/kerby/features.mdtext
    directory/site/trunk/content/kerby/issues.mdtext
    directory/site/trunk/content/kerby/user-guide.mdtext
    directory/site/trunk/content/kerby/user-guide/3.3-klist.mdtext
    directory/site/trunk/templates/kerby/page.html

Added: directory/site/trunk/content/kerby/developer-guide.mdtext
URL: http://svn.apache.org/viewvc/directory/site/trunk/content/kerby/developer-guide.mdtext?rev=1689993&view=auto
==============================================================================
--- directory/site/trunk/content/kerby/developer-guide.mdtext (added)
+++ directory/site/trunk/content/kerby/developer-guide.mdtext Thu Jul  9 07:06:57 2015
@@ -0,0 +1,48 @@
+Title: Developer's Guide
+Notice: Licensed to the Apache Software Foundation (ASF) under one
+    or more contributor license agreements.  See the NOTICE file
+    distributed with this work for additional information
+    regarding copyright ownership.  The ASF licenses this file
+    to you under the Apache License, Version 2.0 (the
+    "License"); you may not use this file except in compliance
+    with the License.  You may obtain a copy of the License at
+    .
+    http://www.apache.org/licenses/LICENSE-2.0
+    .
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied.  See the License for the
+    specific language governing permissions and limitations
+    under the License.
+
+# Developer's Guide
+
+This is a simple guide to help developers get going.
+
+## Source Repository
+
+To get the source, you will need to have git installed. Just type the following command to
get the latest development version:
+
+	git clone https://git-wip-us.apache.org/repos/asf/directory-kerby.git
+	
+## Git Mirror
+
+The git repository is mirrored to Github: <https://github.com/apache/directory-kerby/>.
+
+## Build
+
+    mvn clean package
+
+## Setup Intellij
+
+1. File -> Import Project...
+2. Choose 'directory-kerby' as root directory
+3. Import project from external model -> Maven
+4. Finish
+
+## Issue Tracker
+
+[Jira](https://issues.apache.org/jira/browse/DIRKRB).
+
+

Modified: directory/site/trunk/content/kerby/features.mdtext
URL: http://svn.apache.org/viewvc/directory/site/trunk/content/kerby/features.mdtext?rev=1689993&r1=1689992&r2=1689993&view=diff
==============================================================================
--- directory/site/trunk/content/kerby/features.mdtext (original)
+++ directory/site/trunk/content/kerby/features.mdtext Thu Jul  9 07:06:57 2015
@@ -21,44 +21,44 @@ Notice: Licensed to the Apache Software
 Apache Kerby is a Java Kerberos binding. It provides a rich, intuitive and interoperable
implementation, library, KDC and various facilities that integrates PKI, OTP and token (OAuth2)
as desired in modern environments such as cloud, Hadoop and mobile.
 The features are already supported as follows:
 
-* 1.	Kerberos library:
-a)	KrbClient API
-b)	KDC server API
-c)	Kadmin API
-d)	Credential cache and keytab utilities
-
-* 2.	Provides a standalone KDC server .
-
-* 3.	Supports various identity backends including:
-a)	MemoryIdentityBackend
-b)	JsonIdentityBackend
-c)	LdapIdentityBackend
-d)	ZookeeperIdentityBackend
-e)	MavibotBackend.
-
-* 4.	Provides an embedded KDC server named SimpleKdcServer that applications can easily integrate
into products, unit tests or integration tests.
-
-* 5.	Supports FAST/Preauthentication framework to allow popular and useful authentication
mechanisms.
-
-* 6.	Supports Token Preauth mechanism to allow clients to request tickets using JWT tokens.
-
-* 7.	Client can request a TGT with:
-a)	User plain password credential
-b)	User keyTab
-c)	User token credential
-
-* 8.	Client can request a service ticket with:
-a)	user TGT credential for a server 
-b)	user AccessToken credential for a server 
-
-* 9.	Network support including UDP and TCP transport with two implementations: 
-a)	Default implementation based on the JRE without depending on other libraries.
-b)	Netty based implementation for better throughput, lower latency.
-
-* 10.	Tools:
-a)	kadmin: Command-line interfaces to the Kerby administration system.
-b)	kinit: Obtains and caches an initial ticket-granting ticket for principal.
-c)	klist: Lists the Kerby principal and tickets held in a credentials cache, or the keys
held in a keytab file.
+* Kerberos library:
+    * KrbClient API
+    * KDC server API
+    * Kadmin API
+    * Credential cache and keytab utilities
+
+* Provides a standalone KDC server .
+
+* Supports various identity backends including:
+    * MemoryIdentityBackend
+    * JsonIdentityBackend
+    * LdapIdentityBackend
+    * ZookeeperIdentityBackend
+    * MavibotBackend.
+
+* Provides an embedded KDC server named SimpleKdcServer that applications can easily integrate
into products, unit tests or integration tests.
+
+* Supports FAST/Preauthentication framework to allow popular and useful authentication mechanisms.
+
+* Supports Token Preauth mechanism to allow clients to request tickets using JWT tokens.
+
+* Client can request a TGT with:
+    * User plain password credential
+    * User keyTab
+    * User token credential
+
+* Client can request a service ticket with:
+    * user TGT credential for a server 
+    * user AccessToken credential for a server 
+
+* Network support including UDP and TCP transport with two implementations: 
+    * Default implementation based on the JRE without depending on other libraries.
+    * Netty based implementation for better throughput, lower latency.
+
+* Tools:
+    * kadmin: Command-line interfaces to the Kerby administration system.
+    * kinit: Obtains and caches an initial ticket-granting ticket for principal.
+    * klist: Lists the Kerby principal and tickets held in a credentials cache, or the keys
held in a keytab file.
 
-* 11.	Provides support for JAAS, GSSAPI and SASL frameworks that applications can leverage
the authentication mechanisms provided by Kerby.
+* Provides support for JAAS, GSSAPI and SASL frameworks that applications can leverage the
authentication mechanisms provided by Kerby.
 

Modified: directory/site/trunk/content/kerby/issues.mdtext
URL: http://svn.apache.org/viewvc/directory/site/trunk/content/kerby/issues.mdtext?rev=1689993&r1=1689992&r2=1689993&view=diff
==============================================================================
--- directory/site/trunk/content/kerby/issues.mdtext (original)
+++ directory/site/trunk/content/kerby/issues.mdtext Thu Jul  9 07:06:57 2015
@@ -29,3 +29,4 @@ Issues, bugs, and feature requests shoul
 |:-:|:-:|---|
 | Kerby | DIRKRB | [http://issues.apache.org/jira/browse/DIRKRB](http://issues.apache.org/jira/browse/DIRKRB)
|
 
+Umbrella JIRA: it's tracked in the master JIRA DIRKRB-102(issues.apache.org/jira/browse/DIRKRB-102),
and find tasks there.
\ No newline at end of file

Modified: directory/site/trunk/content/kerby/user-guide.mdtext
URL: http://svn.apache.org/viewvc/directory/site/trunk/content/kerby/user-guide.mdtext?rev=1689993&r1=1689992&r2=1689993&view=diff
==============================================================================
--- directory/site/trunk/content/kerby/user-guide.mdtext (original)
+++ directory/site/trunk/content/kerby/user-guide.mdtext Thu Jul  9 07:06:57 2015
@@ -32,3 +32,7 @@ This is a simple guide to help users and
     * [3.1 - kadmin](user-guide/3.1-kadmin.html)
     * [3.2 - kinit](user-guide/3.2-kinit.html)
     * [3.3 - klist](user-guide/3.3-klist.html)
+* [4 - Identity Backend](user-guide/4-identity-backend.html)
+* [5 - Kerberos Crypto and Encryption Types](user-guide/5-crypto-and-encryption-types.html)
+* [6 - Network Support](user-guide/6-network-support.html)
+* [7 - Dependency](user-guide/7-dependency.html)

Modified: directory/site/trunk/content/kerby/user-guide/3.3-klist.mdtext
URL: http://svn.apache.org/viewvc/directory/site/trunk/content/kerby/user-guide/3.3-klist.mdtext?rev=1689993&r1=1689992&r2=1689993&view=diff
==============================================================================
--- directory/site/trunk/content/kerby/user-guide/3.3-klist.mdtext (original)
+++ directory/site/trunk/content/kerby/user-guide/3.3-klist.mdtext Thu Jul  9 07:06:57 2015
@@ -3,6 +3,8 @@ NavPrev: 3.2-kinit.html
 NavPrevText: 3.2 - kinit
 NavUp: 3-tools.html
 NavUpText: 3.1 - tools
+NavNext: 4-identity-backend.html
+NavNextText: 4 - Identity Backend
 Notice: Licensed to the Apache Software Foundation (ASF) under one
     or more contributor license agreements.  See the NOTICE file
     distributed with this work for additional information

Added: directory/site/trunk/content/kerby/user-guide/4-identity-backend.mdtext
URL: http://svn.apache.org/viewvc/directory/site/trunk/content/kerby/user-guide/4-identity-backend.mdtext?rev=1689993&view=auto
==============================================================================
--- directory/site/trunk/content/kerby/user-guide/4-identity-backend.mdtext (added)
+++ directory/site/trunk/content/kerby/user-guide/4-identity-backend.mdtext Thu Jul  9 07:06:57
2015
@@ -0,0 +1,41 @@
+Title: 4 - Identity Backend
+NavPrev: 3.3-klist.html
+NavPrevtext: 3.3 - klist
+NavUp: ../user-guide.html
+NavUpText: User Guide
+NavNext: 5-crypto-and-encryption-types.html
+NavNextText: 5 - Kerberos Crypto and Encryption Types
+Notice: Licensed to the Apache Software Foundation (ASF) under one
+    or more contributor license agreements.  See the NOTICE file
+    distributed with this work for additional information
+    regarding copyright ownership.  The ASF licenses this file
+    to you under the Apache License, Version 2.0 (the
+    "License"); you may not use this file except in compliance
+    with the License.  You may obtain a copy of the License at
+    .
+    http://www.apache.org/licenses/LICENSE-2.0
+    .
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied.  See the License for the
+    specific language governing permissions and limitations
+    under the License.
+
+# 4 - Identity Backend
+A standalone KDC server that can integrate various identity back ends including:
+
+* MemoryIdentityBackend.
+It is default Identity Backend, and no cofiguration is needed. This backend is for no permanent
storage requirements.
+
+* JsonIdentityBackend.
+It implemented by Gson which is used to convert Java Objects into their JSON representation
and convert a JSON string to an equivalent Java object. A json file will be created in "backend.json.file".
This backend is for small, easy, development and test environment.
+
+* ZookeeperIdentityBackend.
+Currently it uses an embedded Zookeeper. In follow up it will be enhanced to support standalone
Zookeeper cluster for replication and reliability. Zookeeper backend would be a good choice
for high reliability, high performance and high scalability requirement and scenarios.
+
+* LdapIdentityBackend.
+The Ldap server can be standalone or embedded using ApacheDS server as the backend. It is
used when there is exist ldap server.
+
+* MavibotBackend.
+A backend based on Apache Mavibot(an MVCC BTree library).
\ No newline at end of file

Added: directory/site/trunk/content/kerby/user-guide/5-crypto-and-encryption-types.mdtext
URL: http://svn.apache.org/viewvc/directory/site/trunk/content/kerby/user-guide/5-crypto-and-encryption-types.mdtext?rev=1689993&view=auto
==============================================================================
--- directory/site/trunk/content/kerby/user-guide/5-crypto-and-encryption-types.mdtext (added)
+++ directory/site/trunk/content/kerby/user-guide/5-crypto-and-encryption-types.mdtext Thu
Jul  9 07:06:57 2015
@@ -0,0 +1,48 @@
+Title: 5 - Kerberos Crypto and Encryption Types
+NavPrev: 4-identity-backend.html
+NavPrevtext: 4 - Identity Backend
+NavUp: ../user-guide.html
+NavUpText: User Guide
+NavNext: 6-network-support.html
+NavNextText: 6 - Network Support
+Notice: Licensed to the Apache Software Foundation (ASF) under one
+    or more contributor license agreements.  See the NOTICE file
+    distributed with this work for additional information
+    regarding copyright ownership.  The ASF licenses this file
+    to you under the Apache License, Version 2.0 (the
+    "License"); you may not use this file except in compliance
+    with the License.  You may obtain a copy of the License at
+    .
+    http://www.apache.org/licenses/LICENSE-2.0
+    .
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied.  See the License for the
+    specific language governing permissions and limitations
+    under the License.
+
+# 5 - Kerberos Crypto and Encryption Types
+
+Supported des, des3, rc4, aes, camellia encryption and corresponding checksum types
+Interoperates with MIT Kerberos and Microsoft AD
+Independent of Kerberos code in JRE, but rely on JCE
+
+| Encryption Type | Description |
+| --------------- | ----------- |
+| des-cbc-crc | DES cbc mode with CRC-32 (weak) |
+| des-cbc-md4 | DES cbc mode with RSA-MD4 (weak) |
+| des-cbc-md5 |	DES cbc mode with RSA-MD5 (weak) |
+| des3-cbc-sha1 des3-hmac-sha1 des3-cbc-sha1-kd |	Triple DES cbc mode with HMAC/sha1 |
+| des-hmac-sha1 |	DES with HMAC/sha1 (weak) |
+| aes256-cts-hmac-sha1-96 aes256-cts AES-256 	| CTS mode with 96-bit SHA-1 HMAC |
+| aes128-cts-hmac-sha1-96 aes128-cts AES-128 	| CTS mode with 96-bit SHA-1 HMAC |
+| arcfour-hmac rc4-hmac arcfour-hmac-md5 |	RC4 with HMAC/MD5 |
+| arcfour-hmac-exp rc4-hmac-exp arcfour-hmac-md5-exp |	Exportable RC4 with HMAC/MD5 (weak)
|
+| camellia256-cts-cmac camellia256-cts |	Camellia-256 CTS mode with CMAC |
+| camellia128-cts-cmac camellia128-cts |	Camellia-128 CTS mode with CMAC |
+| des |	The DES family: des-cbc-crc, des-cbc-md5, and des-cbc-md4 (weak) |
+| des3 |	The triple DES family: des3-cbc-sha1 |
+| aes |	The AES family: aes256-cts-hmac-sha1-96 and aes128-cts-hmac-sha1-96 |
+| rc4 |	The RC4 family: arcfour-hmac |
+| camellia | The Camellia family: camellia256-cts-cmac and camellia128-cts-cmac |
\ No newline at end of file

Added: directory/site/trunk/content/kerby/user-guide/6-network-support.mdtext
URL: http://svn.apache.org/viewvc/directory/site/trunk/content/kerby/user-guide/6-network-support.mdtext?rev=1689993&view=auto
==============================================================================
--- directory/site/trunk/content/kerby/user-guide/6-network-support.mdtext (added)
+++ directory/site/trunk/content/kerby/user-guide/6-network-support.mdtext Thu Jul  9 07:06:57
2015
@@ -0,0 +1,30 @@
+Title: 6 - Network Support
+NavPrev: 5-crypto-and-encryption-types.html
+NavPrevtext: 5 - Kerberos Crypto and Encryption Types
+NavUp: ../user-guide.html
+NavUpText: User Guide
+Notice: Licensed to the Apache Software Foundation (ASF) under one
+    or more contributor license agreements.  See the NOTICE file
+    distributed with this work for additional information
+    regarding copyright ownership.  The ASF licenses this file
+    to you under the Apache License, Version 2.0 (the
+    "License"); you may not use this file except in compliance
+    with the License.  You may obtain a copy of the License at
+    .
+    http://www.apache.org/licenses/LICENSE-2.0
+    .
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied.  See the License for the
+    specific language governing permissions and limitations
+    under the License.
+
+# 6 - Network Support
+
+* Include UDP and TCP transport.
+* Default KDC server implementation.
+    * The Networking Classes in the JDK is used.
+* Netty based KDC server implementation.
+    * Netty is an asynchronous event-driven network application framework for rapid development
of maintainable high performance protocol servers & clients.
+    * With better throughput, lower latency.
\ No newline at end of file

Added: directory/site/trunk/content/kerby/user-guide/7-dependency.mdtext
URL: http://svn.apache.org/viewvc/directory/site/trunk/content/kerby/user-guide/7-dependency.mdtext?rev=1689993&view=auto
==============================================================================
--- directory/site/trunk/content/kerby/user-guide/7-dependency.mdtext (added)
+++ directory/site/trunk/content/kerby/user-guide/7-dependency.mdtext Thu Jul  9 07:06:57
2015
@@ -0,0 +1,28 @@
+Title: 7 - Dependency
+NavPrev: 6-network-support.html
+NavPrevtext: 6 - Network Support
+NavUp: ../user-guide.html
+NavUpText: User Guide
+Notice: Licensed to the Apache Software Foundation (ASF) under one
+    or more contributor license agreements.  See the NOTICE file
+    distributed with this work for additional information
+    regarding copyright ownership.  The ASF licenses this file
+    to you under the Apache License, Version 2.0 (the
+    "License"); you may not use this file except in compliance
+    with the License.  You may obtain a copy of the License at
+    .
+    http://www.apache.org/licenses/LICENSE-2.0
+    .
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied.  See the License for the
+    specific language governing permissions and limitations
+    under the License.
+
+# 7 - Dependency
+
+* The core part is ensured to only depend on the JRE and SLF4J. Every external dependency
is taken carefully and maintained separately.
+* [Nimbus JOSE + JWT](http://connect2id.com/products/nimbus-jose-jwt), needed by token-provider
and TokenPreauth mechanism.
+* [Netty](http://netty.io/), needed by netty based KDC server.
+* [Zookeeper](https://zookeeper.apache.org/), needed by zookeeper identity backend.
\ No newline at end of file

Modified: directory/site/trunk/templates/kerby/page.html
URL: http://svn.apache.org/viewvc/directory/site/trunk/templates/kerby/page.html?rev=1689993&r1=1689992&r2=1689993&view=diff
==============================================================================
--- directory/site/trunk/templates/kerby/page.html (original)
+++ directory/site/trunk/templates/kerby/page.html Thu Jul  9 07:06:57 2015
@@ -22,14 +22,14 @@
     </ul>
     <h5>Getting Started</h5>
     <ul>
-        <li><a href="{{base}}kerby/vision.html">Vision</a></li>
+        <!--li><a href="{{base}}kerby/vision.html">Vision</a></li-->
         <li><a href="{{base}}kerby/issues.html">Issues</a></li>
     </ul>
     <h5>Documentation</h5>
     <ul>
         <li><a href="{{base}}kerby/overview.html">Overview</a></li>
 	 <!--li><a href="{{base}}kerby/quick-start.html">Quick Start</a></li-->
-        <li><a href="{{base}}kerby/user-guide.html">Users Guide</a></li>
+        <li><a href="{{base}}kerby/user-guide.html">User Guide</a></li>
         <!--li><a href="{{base}}kerby/gen-docs/latest/apidocs/">JavaDocs</a></li-->
         <!--li><a href="{{base}}kerby/gen-docs/latest/xref/">Cross-Reference</a></li-->
         <!--li><a href="{{base}}kerby/gen-docs/latest/">Generated Reports</a></li-->



Mime
View raw message