directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From build...@apache.org
Subject svn commit: r1014484 - in /websites/staging/directory/trunk/content: ./ fortress/overview.html
Date Sun, 25 Jun 2017 14:32:59 GMT
Author: buildbot
Date: Sun Jun 25 14:32:59 2017
New Revision: 1014484

Log:
Staging update by buildbot for directory

Modified:
    websites/staging/directory/trunk/content/   (props changed)
    websites/staging/directory/trunk/content/fortress/overview.html

Propchange: websites/staging/directory/trunk/content/
------------------------------------------------------------------------------
--- cms:source-revision (original)
+++ cms:source-revision Sun Jun 25 14:32:59 2017
@@ -1 +1 @@
-1799804
+1799805

Modified: websites/staging/directory/trunk/content/fortress/overview.html
==============================================================================
--- websites/staging/directory/trunk/content/fortress/overview.html (original)
+++ websites/staging/directory/trunk/content/fortress/overview.html Sun Jun 25 14:32:59 2017
@@ -180,20 +180,24 @@ h2:hover > .headerlink, h3:hover > .head
 </ul>
 <p>It's released under terms of the Apache License 2.0. </p>
 <h2 id="how-does-it-work">How Does It Work?<a class="headerlink" href="#how-does-it-work"
title="Permanent link">&para;</a></h2>
-<p>To learn, check out the quickstarts:</p>
+<p>Fortress is a Role-Based Access Control security system.  It uses a directory server
to store the information about users, roles, permissions, etc.  Out-of-the-box it supports
either ApacheDS or OpenLDAP servers but is LDAPv3 compliant and would work with any compliant
system.</p>
+<p>To learn how to install, setup and configure with either of the supported servers,
check out the quickstarts:</p>
+<div class="codehilite"><pre><span class="o">*</span>  <span class="p">[</span><span
class="n">QUICKSTARTS</span><span class="p">](</span><span class="n">installation</span><span
class="p">.</span><span class="n">html</span><span class="p">)</span>
+</pre></div>
+
+
+<h2 id="other-guides">Other Guides<a class="headerlink" href="#other-guides" title="Permanent
link">&para;</a></h2>
+<h3 id="api-usage">Api usage<a class="headerlink" href="#api-usage" title="Permanent
link">&para;</a></h3>
+<p>Probably the best place to start is the javadoc.  To understand how RBAC works,
look at the interfaces like AccessMgr, AdminMgr and ReviewMgr.  For ARBAC add 'Del' to the
name - for delegated.  DelAdminMgr, DelAccessMgr, etc.  For password policies, PwPolicyMgr.</p>
+<h3 id="configuration">Configuration<a class="headerlink" href="#configuration"
title="Permanent link">&para;</a></h3>
+<p>Next is to understand how the runtime works.  As you might expect, Fortress requires
a large number of parameters that bind it to a runtime environment.  For example the LDAP
server's coordinates, hostname, port, suffix, service account credentials and more.  The configuration
subsystem pulls these parameters from a variety of locations.</p>
 <ul>
-<li><a href="https://github.com/apache/directory-fortress-core/blob/master/README-QUICKSTART-APACHEDS.md">README-QUICKSTART-APACHEDS.md</a>
- Install Core for use with APACHEDS</li>
-<li><a href="https://github.com/apache/directory-fortress-core/blob/master/README-QUICKSTART-SLAPD.md">README-QUICKSTART-SLAPD.md</a>
- Install Core for use with OPENLDAP</li>
-<li><a href="https://github.com/apache/directory-fortress-core/blob/master/README-QUICKSTART-DOCKER-SLAPD.md">README-QUICKSTART-DOCKER-SLAPD.md</a>
- Install Core for use with OPENLDAP running inside DOCKER</li>
-<li><a href="https://github.com/apache/directory-fortress-realm/blob/master/REALM-HOST-SETUP.md">REALM-HOST-SETUP.md</a>
- Configure Tomcat Global Security using Realm</li>
-<li><a href="https://github.com/apache/directory-fortress-realm/blob/master/REALM-CONTEXT-SETUP.md">REALM-CONTEXT-SETUP.md</a>
- Configure Tomcat Local Security using Realm</li>
-<li><a href="https://github.com/apache/directory-fortress-enmasse/blob/master/README-QUICKSTART.md">README-QUICKSTART.md</a>
- Install Fortress Rest to Tomcat</li>
-<li><a href="https://github.com/apache/directory-fortress-commander/blob/master/README-QUICKSTART.md">README-QUICKSTART.md</a>
- Install Fortress Web to Tomcat</li>
+<li><a href="https://github.com/apache/directory-fortress-core/blob/master/README-CONFIG.md">README-CONFIG.md</a>
- How the Fortress Config subsystem works</li>
 </ul>
-<p>Other Guides:</p>
+<h3 id="multitenancy">Multitenancy<a class="headerlink" href="#multitenancy" title="Permanent
link">&para;</a></h3>
+<p>The Fortress APIs and data storage is fully multitenant.  To understand how that
works.</p>
 <ul>
 <li><a href="https://github.com/apache/directory-fortress-core/blob/master/README-MULTITENANCY.md">README-MULTITENANCY.md</a>
- How Fortress Multitenancy works</li>
-<li><a href="https://github.com/apache/directory-fortress-core/blob/master/README-CONFIG.md">README-CONFIG.md</a>
- How the Fortress Config subsystem works</li>
 </ul>
 <h2 id="what-technologies-at-play">What technologies at play?<a class="headerlink"
href="#what-technologies-at-play" title="Permanent link">&para;</a></h2>
 <p>Fortress products run on open system hardware and software platforms supporting
LDAPv3, HTTP &amp; Java.  </p>
@@ -207,7 +211,7 @@ h2:hover > .headerlink, h3:hover > .head
 <h3 id="administrative-role-based-access-control-arbac02">Administrative Role-Based
Access Control (<a href="http://profsandhu.com/journals/tissec/p113-oh.pdf">ARBAC02</a>)<a
class="headerlink" href="#administrative-role-based-access-control-arbac02" title="Permanent
link">&para;</a></h3>
 <p>The ARBAC model explains how <a href="http://csrc.nist.gov/groups/SNS/rbac/documents/draft-rbac-implementation-std-v01.pdf">RBAC</a>
can be extended with organizational controls to govern policies regarding the security administration
process. ARBAC helps by allowing administrative tasks be delegated to end users who fall outside
typical datacenter operations. </p>
 <h3 id="ietf-password-policies">IETF Password Policies<a class="headerlink" href="#ietf-password-policies"
title="Permanent link">&para;</a></h3>
-<p>OpenLDAP has supported this draft since 2005.  Fortress adds by integrating with
its administrative and access control APIs.  These APIs enable outside apps to participate
and manipulate OpenLDAP password policies without understanding the specifics of how they
work. Fortress provides services for setting up new policies and ensuring password policies
are tracked and enforced across all avenues.</p>
+<p>Fortress sully supports password policies of both ApacheDS and OpenLDAP.  It adds
by integrating with its administrative and access control APIs.  These APIs enable outside
apps to participate and manipulate OpenLDAP password policies without understanding the specifics
of how they work. Fortress provides services for setting up new policies and ensuring password
policies are tracked and enforced across all avenues.</p>
 <h3 id="auditing">Auditing<a class="headerlink" href="#auditing" title="Permanent
link">&para;</a></h3>
 <p>Fortress audits use OpenLDAP's slapd access log overlay.</p>
 <p>The Fortress audits rely on slapd events to track its data exchanges performed within
its own APIs.  Change event tracking includes adds, updates, and deletes of Fortress entities.
 Read and search events tracked include user authentication, authorization, and policy interrogations.
 Full historical data change tracking is maintained and may be searched later with APIs to
be used for monitoring, reporting, and undo. The log may be retrieved later to synch with
outside database for long-term regulatory and compliance concerns.  </p>



Mime
View raw message