directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From build...@apache.org
Subject svn commit: r1011801 - in /websites/staging/directory/trunk/content: ./ fortress/testimonials.html
Date Sun, 07 May 2017 17:44:20 GMT
Author: buildbot
Date: Sun May  7 17:44:20 2017
New Revision: 1011801

Log:
Staging update by buildbot for directory

Modified:
    websites/staging/directory/trunk/content/   (props changed)
    websites/staging/directory/trunk/content/fortress/testimonials.html

Propchange: websites/staging/directory/trunk/content/
------------------------------------------------------------------------------
--- cms:source-revision (original)
+++ cms:source-revision Sun May  7 17:44:20 2017
@@ -1 +1 @@
-1794231
+1794232

Modified: websites/staging/directory/trunk/content/fortress/testimonials.html
==============================================================================
--- websites/staging/directory/trunk/content/fortress/testimonials.html (original)
+++ websites/staging/directory/trunk/content/fortress/testimonials.html Sun May  7 17:44:20
2017
@@ -169,11 +169,14 @@
 }
 h2:hover > .headerlink, h3:hover > .headerlink, h1:hover > .headerlink, h6:hover
> .headerlink, h4:hover > .headerlink, h5:hover > .headerlink, dt:hover > .elementid-permalink
{ visibility: visible }</style>
 <h1 id="testimonials">Testimonials<a class="headerlink" href="#testimonials" title="Permanent
link">&para;</a></h1>
-<h2 id="contributed-by-yudhi-karunia-surtan-for-pt-global-digital-niaga-bliblicom">Contributed
by Yudhi Karunia Surtan for PT. Global Digital Niaga (blibli.com).<a class="headerlink"
href="#contributed-by-yudhi-karunia-surtan-for-pt-global-digital-niaga-bliblicom" title="Permanent
link">&para;</a></h2>
+<h2 id="credits">Credits<a class="headerlink" href="#credits" title="Permanent link">&para;</a></h2>
+<p>This work was contributed by Yudhi Karunia Surtan of PT. Global Digital Niaga (blibli.com).
 Thanks to him and his team for their efforts in helping others use Fortress.</p>
+<h2 id="introduction">Introduction<a class="headerlink" href="#introduction" title="Permanent
link">&para;</a></h2>
 <p>This document contains an overview of the URL filtering mechanism.</p>
+<h3 id="destailed-description-of-the-project">Destailed description of the project<a
class="headerlink" href="#destailed-description-of-the-project" title="Permanent link">&para;</a></h3>
 <p>I created this solution because at the time I was looking an IAM and SSO solution,
and there were no open source solution to provide everything that I required.</p>
 <p>Basically, the idea is, I wanted to have a framework where the developer doesn't
need to programmatically make authorization calls, use annotation or any other kind of “if
condition” statements, in their code. With this solution, I'm can have a declarative
mechanism capable of dynamic authorization decisions, even if the user hasn't been logged
in or has the the proper role activated.  This is because the authorization has been centralized
at the server and that server can activate and deactivate user roles that are needed to access
the runtime environment.</p>
-<p>I searched for all available open source solutions and finally decided to use Apereo
CAS and Apache Fortress as the combined solution. Apereo CAS does the authentication and Apache
Fortress will handle the authorization.</p>
+<p>I searched across all available open source solutions and finally decided to use
Apereo CAS and Apache Fortress as the combined solution. Apereo CAS does the authentication
and Apache Fortress will handle the authorization.</p>
 <p>Apereo CAS is very good way to handle the Single Sign-On and Single Sign-Out problems,
on the other hand Apereo CAS lacks authorization capaibilities because there are no standardized
solutions for the authorization in that space yet. Apache Fortress is good at authorization
because it uses standard RBAC. However, Apache Fortress doesn't have an SSO solution yet.
That is why I think both can be combined and create a good solution because they complement
each other.  Unfortunately, there isn't a good documentation resource available to combine
both solution into wone which is why I needed to create this to other developers on my team
and make their life easier.</p>
 <p>With this solution, I have successfully run inside a production environment since
2015 and have maintained this solution for almost 2 years now, I write this documentation
to describe how it works and how you can try something like this as well.</p>
 <p>Here are the technologies stack used within my extended framework:</p>
@@ -198,6 +201,7 @@ h2:hover > .headerlink, h3:hover > .head
 <li>Create own implementation for CasAuthenticationProvider</li>
 </ol>
 <h2 id="code-descriptions">Code Descriptions<a class="headerlink" href="#code-descriptions"
title="Permanent link">&para;</a></h2>
+<p>The following sections contain code and xml snippets describing how the CAS and
Fortress integration was accomplished.</p>
 <h3 id="server-side-development">Server side development:<a class="headerlink" href="#server-side-development"
title="Permanent link">&para;</a></h3>
 <h4 id="the-authentication-handler">The Authentication Handler<a class="headerlink"
href="#the-authentication-handler" title="Permanent link">&para;</a></h4>
 <p>The interesting part for this solution is how to maintain both the Apereo CAS and
Apache Fortress sessions. Luckily, CAS is using a token for maintaining their session and
that token is also designed to have some extended attributes included with it.  Using this
knowledge, we can modify the profile given by CAS Server to the client. Let's have a look
what I've done with combining the Apereo CAS and Apache Fortress sessions in the code that
follows.</p>
@@ -505,13 +509,13 @@ h2:hover > .headerlink, h3:hover > .head
 <p>For testing this example, you need to understand that Apache Fortress configuration
is necessary to find fortress.properties on the classpath so it might be good if you put that
configuration file at the same classpath, for instance, if you are using tomcat remove all
the fortress.properties inside the classes directory and put it on $TOMCAT_HOME/lib/ folder.
Make sure get Apache Fortress running at the first step. Here are the detailed instructions
for testing this example:</p>
 <h4 id="server-section">Server Section<a class="headerlink" href="#server-section"
title="Permanent link">&para;</a></h4>
 <p>Read and find the instruction at :
- * https://github.com/apache/directory-fortress-core
- * https://github.com/apache/directory-fortress-enmasse
- * https://github.com/apache/directory-fortress-commander
- * and configure your Apache Fortress properly.
- * Clone the project from link at Where to download section below, change the configuration
properly inside cas-fortress-servers/src/main/resources folder and package it using mvn clean
package.
- * Copy the war file from cas-fortress-server/target into the web-container deploy directory.
- * Start your web-container and you get cas fortress integrated.</p>
+  * https://github.com/apache/directory-fortress-core
+  * https://github.com/apache/directory-fortress-enmasse
+  * https://github.com/apache/directory-fortress-commander
+  * and configure your Apache Fortress properly.
+  * Clone the project from link at Where to download section below, change the configuration
properly inside cas-fortress-servers/src/main/resources folder and package it using mvn clean
package.
+  * Copy the war file from cas-fortress-server/target into the web-container deploy directory.
+  * Start your web-container and you get cas fortress integrated.</p>
 <h4 id="client-section">Client Section<a class="headerlink" href="#client-section"
title="Permanent link">&para;</a></h4>
 <ul>
 <li>Simply put the war file inside the web-container deploy directory.</li>



Mime
View raw message