directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From build...@apache.org
Subject svn commit: r1011812 - in /websites/staging/directory/trunk/content: ./ fortress/testimonials.html
Date Sun, 07 May 2017 18:13:08 GMT
Author: buildbot
Date: Sun May  7 18:13:08 2017
New Revision: 1011812

Log:
Staging update by buildbot for directory

Modified:
    websites/staging/directory/trunk/content/   (props changed)
    websites/staging/directory/trunk/content/fortress/testimonials.html

Propchange: websites/staging/directory/trunk/content/
------------------------------------------------------------------------------
--- cms:source-revision (original)
+++ cms:source-revision Sun May  7 18:13:08 2017
@@ -1 +1 @@
-1794242
+1794243

Modified: websites/staging/directory/trunk/content/fortress/testimonials.html
==============================================================================
--- websites/staging/directory/trunk/content/fortress/testimonials.html (original)
+++ websites/staging/directory/trunk/content/fortress/testimonials.html Sun May  7 18:13:08
2017
@@ -177,8 +177,8 @@ h2:hover > .headerlink, h3:hover > .head
 <p>I created this solution because at the time I was looking an IAM and SSO solution,
and there were no open source solution to provide everything that I required.</p>
 <p>Basically, the idea is, I wanted to have a framework where the developer doesn't
need to programmatically make authorization calls, use annotation or any other kind of “if
condition” statements, in their code. With this solution, I'm can have a declarative
mechanism capable of dynamic authorization decisions, even if the user hasn't been logged
in or has the the proper role activated.  This is because the authorization has been centralized
at the server and that server can activate and deactivate user roles that are needed to access
the runtime environment.</p>
 <p>I searched across all available open source solutions and finally decided to use
Apereo CAS and Apache Fortress as the combined solution. Apereo CAS does the authentication
and Apache Fortress will handle the authorization.</p>
-<p>Apereo CAS is very good way to handle the Single Sign-On and Single Sign-Out problems,
on the other hand Apereo CAS lacks authorization capaibilities because there are no standardized
solutions for the authorization in that space yet. Apache Fortress is good at authorization
because it uses standard RBAC. However, Apache Fortress doesn't have an SSO solution yet.
That is why I think both can be combined and create a good solution because they complement
each other.  Unfortunately, there isn't a good documentation resource available to combine
both solution into wone which is why I needed to create this to other developers on my team
and make their life easier.</p>
-<p>This solution I present to you here, has operated successfully inside a production
environment since 2015 and so we have maintained it for almost 2 years now, I write this documentation
to describe how it works and so it's something you could try as well.</p>
+<p>Apereo CAS is very good way to handle the Single Sign-On and Single Sign-Out problems,
on the other hand it lacks authorization capaibilities because there aren't standardized solutions
for authorization in that space yet. Apache Fortress is good at authorization because it uses
standard RBAC. However, Apache Fortress doesn't have an SSO solution yet. That is why I think
both should be combined because they complement each other.  Unfortunately, there aren't yet
good documentation resources available to combine these which is why I figured I needed to
create this, so other developers can follow my team's lead and make their life easier provding
good security for their webapps.</p>
+<p>The solution I present to you here has operated successfully inside production environments
since 2015 and so we have maintained it for almost 2 years now and it's quite mature.  I write
this documentation to describe how it works and it's intended as something you should try
as well.</p>
 <p>Here are the technologies stack used within my extended framework:
  * Apereo CAS -&gt; 4.2.x
  * Apache Fortress Enmasse (rest) -&gt; 1.0.0



Mime
View raw message