[Yanel-commits] rev 32342 -
public/yanel/trunk/src/realms/yanel-website/content/documentation/security
michi at wyona.com
michi at wyona.com
Thu Feb 21 23:38:43 CET 2008
Author: michi
Date: 2008-02-21 23:38:42 +0100 (Thu, 21 Feb 2008)
New Revision: 32342
Modified:
public/yanel/trunk/src/realms/yanel-website/content/documentation/security/custom-identity-manager-custom-policy-manager.html
Log:
custom policy manager and web authenticator fixed
Modified: public/yanel/trunk/src/realms/yanel-website/content/documentation/security/custom-identity-manager-custom-policy-manager.html
===================================================================
--- public/yanel/trunk/src/realms/yanel-website/content/documentation/security/custom-identity-manager-custom-policy-manager.html 2008-02-21 22:00:03 UTC (rev 32341)
+++ public/yanel/trunk/src/realms/yanel-website/content/documentation/security/custom-identity-manager-custom-policy-manager.html 2008-02-21 22:38:42 UTC (rev 32342)
@@ -7,107 +7,56 @@
</head>
<body>
-<h1>CustomIdentityManager / CustomPolicyManager / CustomWebAuthenticator</h1>
-
+<h1>Custom IdentityManager, custom PolicyManager and custom WebAuthenticator</h1>
<p>The default IdentityManager and PolicyManager implementations are part of the org.wyona.security.impl package, for example YarepIdentityManagerImpl and PolicyManagerImplVersion2.</p>
-
<hr/>
-
<h2>Custom IdentityManager</h2>
-
<p>To create a custom IdentityManager you will need to develop your own implementations of the interfaces IdentityManagerFactory and IdentityManager which are part of the org.wyona.security.core package.</p>
-
<p>Once you have your custom implementations they need to be added to the configuration of your realm (realm.xml). Examples are shown below.</p>
-
<p><strong>Instead of these:</strong></p>
<p>org.wyona.security.impl.IdentityManagerFactoryImpl<br/>
org.wyona.security.impl.yarep.YarepIdentityManagerImpl</p>
<p><strong>use these:</strong></p>
<p>foo.bar.security.impl.IdentityManagerFactoryImpl<br/>
foo.bar.security.impl.IdentityManagerImpl</p>
-
<h3>Configuration example: realm.xml</h3>
<p>
-<pre>
-<ac-identities class="foo.bar.security.impl.IdentityManagerFactoryImpl">
- <bar:repository-config xmlns:bar="http//www.bar.foo/security/1.0">config/ac-identities-repository.xml</bar:repository-config>
- <bar:max-number-of-failed-login-attempts xmlns:bar="http//www.bar.foo/security/1.0">3</bar:max-number-of-failed-login-attempts>
-</ac-identities>
-</pre>
-</p>
-
+</p><pre><ac-identities class="foo.bar.security.impl.IdentityManagerFactoryImpl"><br/> <bar:repository-config xmlns:bar="http//www.bar.foo/security/1.0">config/ac-identities-repository.xml</bar:repository-config><br/> <bar:max-number-of-failed-login-attempts xmlns:bar="http//www.bar.foo/security/1.0">3</bar:max-number-of-failed-login-attempts><br/></ac-identities><br/></pre>
<h3>Configuration example: ac-identities-repository.xml</h3>
<p>
-<pre>
-<repository class="org.wyona.yarep.impl.repo.vfs.VirtualFileSystemRepository">
- <name>Yanel Access Control Identities</name>
- <content src="../ac-identities"/>
-</repository>
-</pre>
-</p>
-
+</p><pre><repository class="org.wyona.yarep.impl.repo.vfs.VirtualFileSystemRepository"><br/> <name>Yanel Access Control Identities</name><br/> <content src="../ac-identities"/><br/></repository><br/></pre>
<br/><br/>
<hr/>
-
<h2>Custom PolicyManager</h2>
-<p>Creating a CustomPolicyManager is basically the same as creating a CustomIdentityManager.</p>
-<p><strong>Override these:</strong></p>
+<p>Creating a custom PolicyManager is very similar to creating a custom IdentityManager.</p>
+<p><strong>Instead of these:</strong></p>
<p>org.wyona.security.impl.PolicyManagerFactoryImpl<br/>
-org.wyona.security.impl.PolicyManagerImpl</p>
-<p><strong>with these:</strong></p>
-<p>com.company.security.impl.PolicyManagerFactoryImpl<br/>
-com.company.security.impl.PolicyManagerImpl</p>
+org.wyona.security.impl.PolicyManagerImplVersion2</p>
+<p><strong>use these:</strong></p>
+<p>foo.bar.security.impl.PolicyManagerFactoryImpl<br/>
+foo.bar.security.impl.PolicyManagerImplVersion2</p>
-<h3>Configuration example (ac-policies-repository.xml)</h3>
+<h3>Configuration example: realm.xml</h3>
<p>
-<pre>
-<repository>
- <name>Company Access Control Policies Repository</name>
+</p><pre><ac-policies class="foo.bar.security.impl.PolicyManagerFactoryImpl"><br/> <bar:repository-config xmlns:bar="http//www.bar.foo/security/1.0">config/ac-policies-repository.xml</bar:repository-config><br/> <bar:policy-caching-enabled xmlns:bar="http://www.bar.foo/security/1.0">false</bar:policy-caching-enabled><br/></ac-policies><br/></pre>
- <paths class="org.wyona.yarep.impl.VFileSystemMapImpl" src="../ac-policies"/>
-
- <storage class="org.wyona.yarep.core.impl.vfs.VFileSystemStorage">
- <content src="../ac-policies"/>
- </storage>
-</repository>
-</pre>
-</p>
-
-<h3>Configuration example (realm.xml)</h3>
+<h3>Configuration example (ac-policies-repository.xml)</h3>
<p>
-<ac-policies class="com.company.security.impl.PolicyManagerFactoryImpl">
-<br/>
- <com:repository-config xmlns:com="http//www.company.com/wyona/1.0">config/ac-policies-repository.xml</com:repository-config>
- <br/>
- <com:policy-caching-enabled xmlns:com="http://www.company.com/wyona/1.0">false</com:policy-caching-enabled>
- <br/>
-</ac-policies>
-</p>
+</p><pre><repository><br/> <name>Company Access Control Policies Repository</name><br/> <paths class="org.wyona.yarep.impl.VFileSystemMapImpl" src="../ac-policies"/><br/> <storage class="org.wyona.yarep.core.impl.vfs.VFileSystemStorage"><br/> <content src="../ac-policies"/><br/> </storage><br/></repository><br/></pre>
+
<br/><br/>
<hr/>
-
<h2>Custom WebAuthenticator</h2>
-<p>The WebAuthenticator is specific to the webapp (or servlet)</p>
-<p>In the future there will need to be a logout overwriting functionality</p>
-<p><strong>Override this:</strong></p>
-<p>org.wyona.yanel.servlet.security.impl.DefaultWebAuthenticatorImpl</p>
-<p><strong>with this:</strong></p>
-<p>com.company.yanel.servlet.security.impl.CompanyWebAuthenticatorImpl</p>
+<p>A custom WebAuthenticator can be necessary if custom HTTP headers shall be processed or some other custom webapp functionality needs to be implemented<br/></p>
-<h3>Configuration example (realm.xml)</h3>
+<p><strong>Instead of this:</strong></p>
+<p>org.wyona.yanel.servlet.security.impl.DefaultWebAuthenticatorImpl</p>
+<p><strong>use this:</strong></p>
+<p>foo.bar.yanel.servlet.security.impl.CompanyWebAuthenticatorImpl</p>
+<h3>Configuration example: realm.xml</h3>
<p>
-<web-authenticator class="com.company.yanel.servlet.security.impl.CompanyWebAuthenticatorImpl">
-<br/>
- <com:proxyRedirectURI xmlns:com="http://www.company.com/wyona/1.0">/strongAuth.html</com:proxyRedirectURI>
-<br/>
- <com:welcomeRedirectURI xmlns:com="http://www.company.com/wyona/1.0">/welcome.html</com:welcomeRedirectURI>
-<br/>
- <com:lockedRedirectURI xmlns:com="http://www.company.com/wyona/1.0">/userLocked.html</com:lockedRedirectURI>
-<br/>
- <com:expiredRedirectURI xmlns:com="http://www.company.com/wyona/1.0">/login/expired</com:expiredRedirectURI>
-<br/>
-</web-authenticator>
-</p>
+</p><pre><web-authenticator class="foo.bar.yanel.servlet.security.impl.CompanyWebAuthenticatorImpl"><br/> <bar:proxyRedirectURI xmlns:bar="http://www.company.com/wyona/1.0">http://proxy.bar.foo</bar:proxyRedirectURI><br/> <bar:welcomeRedirectURI xmlns:bar="http://www.company.com/wyona/1.0">/welcome.html</bar:welcomeRedirectURI><br/> <bar:lockedRedirectURI xmlns:bar="http://www.company.com/wyona/1.0">/userLocked.html</bar:lockedRedirectURI><br/> <bar:expiredRedirectURI xmlns:bar="http://www.company.com/wyona/1.0">/login/expired.html</bar:expiredRedirectURI><br/></web-authenticator><br/></pre>
+
</body>
-</html>
+</html>
\ No newline at end of file
More information about the Yanel-commits
mailing list