Author: jawi
Date: Wed Apr 25 09:50:28 2012
New Revision: 1330176
URL: http://svn.apache.org/viewvc?rev=1330176&view=rev
Log:
Added a WiP article on authentication.
Added:
ace/site/trunk/content/dev-doc/design/ace-authentication.mdtext (with
props)
ace/site/trunk/content/dev-doc/design/auth_api.svg (with props)
ace/site/trunk/content/dev-doc/design/auth_connectionfactory.svg (with
props)
ace/site/trunk/content/dev-doc/design/auth_main_components.svg (with
props)
Added: ace/site/trunk/content/dev-doc/design/ace-authentication.mdtext
URL:
http://svn.apache.org/viewvc/ace/site/trunk/content/dev-doc/design/ace-authentication.mdtext?rev=1330176&view=auto
==============================================================================
--- ace/site/trunk/content/dev-doc/design/ace-authentication.mdtext (added)
+++ ace/site/trunk/content/dev-doc/design/ace-authentication.mdtext Wed Apr 25
09:50:28 2012
@@ -0,0 +1,193 @@
+_Enabling authentication in ACE_
+
+last updated: April 24th, 2012
+
+
+## Introduction
+
+When provisioning software (partly) to targets, one has to rely upon the
trustworthiness of both the network and the target. Even if everything is under
your control and governance, one cannot entirely be sure that unwanted access
takes place. A first step in order to prevent unwanted access is
*authentication*, which gives you the ability to verify the identity of
someone. Once the identity is known, one can apply *authentication* in order to
determine what actions are allowed and which are not.
+In this article, the recently added authentication layer of ACE is explained
in more depth, and some details on how extensions can be written for additional
mechanisms are given. The remainder of this article assumes the reader has
basic knowledge of the principles behind ACE, and has sufficient programming
skills. For this article, the latest code of ACE (0.8.1-SNAPSHOT, rev.1329269)
was used.
+
+
+## Communication paths
+
+Before going in more depth on the authentication layer of ACE, we first need
to pinpoint all places were authentication is to be applied. The following
figure shows the main components in ACE and their communication paths,
providing a global overview of where authentication is applicable to ACE.
+
+
+
+In figure 1, several communication paths exists (denoted by the circled
digits):
+
+1. the client communicates to the server by means of both direct calls to its
services as well as remoted calls (by means of HTTP[^1]);
+2. a management agent (representing the target) communicates to the management
server through HTTP calls;
+3. the REST API exposes the entire client API in a RESTful way. Communication
to the client occurs by both direct calls as well as through HTTP;
+4. the Vaadin Web UI exposes the entire client API as web application. Similar
as the REST API, it communicates both directly as through HTTP with the client.
+
+As can be seen from the above figure, most of the communication paths are
based on HTTP. The reason for this is twofold:
+
+1. It allows reuse of components; for example access to the OBR-servlet is
used by the both the client-API as well the web UI to upload new artifacts;
+2. it allows components to be deployed on different machines; for example, one
does not need to run the client on the same machine as the server. This could
be useful for working on high-latency networks.
+
+All direct communication paths do not need to be authenticated, as they
require that both caller and callee run in the same virtual machine, making it
impossible to be used outside the virtual machine[^2]. Hence, we only need to
add an authentication layer to the HTTP endpoints. However, adding
authentication to all HTTP endpoints poses us with the challenge to let the
internal communication paths that rely on HTTP to authenticate themselves as
well. Not doing so would prevent ACE from functioning correctly. A disadvantage
of this approach is that it is an all-or-nothing approach, either all users of
the HTTP endpoints use authentication, or none of them. However, the way users
authenticate themselves can be different, meaning that one set of users can use
HTTP basic authentication to identify themselves, while another set uses client
certificates to identify themselves.
+
+
+## Authentication design
+
+The high-level design for security in ACE is explained in the [remote
interface design](/dev-doc/design/remote-interfaces.html). From this design, we
can derive several requirements for the design of ACE's authentication layer:
+
+1. should be applicable and configurable for all remoted endpoints. If a new
endpoint is added to ACE, it should be easy to add and configure authentication
for it;
+2. should be optional. If no authentication is desired, one should be able to
remove its services from the ACE distribution;
+3. should be pluggable. Various ways of authentication exist, and new ones can
emerge. Making the authentication mechanism pluggable allows new ways of
authentication to be used easily.
+
+Based on these requirements, the design of the authentication layer is
represented in the following figure:
+
+
+
+The `AuthenticationService` is responsible for authenticating a user based on
some piece of information. This piece of information can be a username/password
combination, a `HttpServletRequest` containing authentication request headers,
or any other set of information capable of uniquely identifying a user. The
actual authentication itself is delegated to one or more
`AuthenticationProcessor`s, which know how to handle a given set of
information (e.g., `HttpServletRequest`) and can map this information to a
particular user. In more detail, the calling sequence of
`AuthenticationService#authenticate` would be:
+
+1. `AuthenticationService#authenticate` is called with a blob of data, for
example the `HttpServletRequest`;
+2. for each known `AuthenticationProcessor`:
+ - `AuthenticationProcessor#canHandle` is called with that blob of data. An
authentication processor can decide whether the given blob is something it can
handle or not;
+ - if it can be handled, the `AuthenticationProcessor#authenticate` is
called with that blob of data, along with an instance of the UserAdmin service.
The authentication processor is now responsible for converting the blob of data
to an authenticated user, if possible.
+3. if a `User` object is returned from the authentication service[^3], the
authentication phase will be regarded as successful. If *no* `User` object is
returned, the authentication phase will be regarded unsuccessful.
+
+This is only half the story for authentication. As stated before, ACE
internally also communicates through HTTP to access certain services. Without
any changes, all those remote calls will fail due to missing credentials. If we
want to leave those means of communications as-is, we would need to track down
all places where remote calls are being made and inject the proper credentials
at those places. However, doing this is not only *very* invasive and error
prone but also not very developer friendly from a service-oriented perspective.
Alternatively, we could try to include the credentials in the URL itself,
making it self-contained. Not only would this approach limit our ability to use
any kind of authentication mechanism (it only works for username/password
combos), it also required us to supply the credentials manually each and every
time we want to create a remote connection. Instead, we would like to refrain
from passing around credentials, and leverage the service orien
ted aspects of OSGi to create remote connections for us. This service could
then be responsible for adding the right credentials for us, leaving the
calling party totally unaware about the fact authentication might be used. Such
a service is denoted in the following figure:
+
+
+
+The `ConnectionFactory` is responsible for creating `URLConnection`s, given a
"plain" URL. So, instead of calling `URL#openConnection()` or
`URL#openStream()`, we'll now have to call
`ConnectionFactory#createConnection(url)` instead. But, what advantage does
this bring us? In order to allow the connection factory to supply the
credentials to `URLConnection`s, it is also registered as
`ManagedServiceFactory` that enables us to provide multiple configurations of
which credentials should be supplied to what (sets of) URLs. The introduction
of the connection factory allows us to abstract the creation of a connection
and passing of credentials to it from the URL. Internally, the connection
factory will match each URL given in `createConnection` with the URLs it is
configured with. If a matching URL is found, it will use the credentials in
that configuration to supply to the `URLConnection`.
+
+We've now closed the circle: we not only have defined how remote endpoints can
apply authentication, but also how all calling parties can remain using these
remote endpoints without having to be aware of authentication.
+
+
+## Configuring authentication
+
+Before continuing on the details of configuring authentication for ACE, we
first identify what remote services are available, and how they can be
configured.
+
+### Remote services
+
+All remote services in ACE are configurable with respect to the endpoint they
can be accessed. The following table shows an overview of the remote services,
including the default endpoint they use:
+
+Name | Description | Default endpoint | Configuration PID
+------- | --------------- | --------------------- | ---------------------
+`BundleServlet` | provides access to the OBR (bundle repository) of ACE |
`/obr` | `org.apache.ace.obr.servlet`
+`DeploymentServlet` | handles the actual provisioning of deployment packages
to a target | `/deployment` |`org.apache.ace.deployment.servlet`
+`LogServlet` | allows any number of logs for a target to be synchronized and
accessed | `/auditlog`[^4] |
`org.apache.ace.server.log.servlet.factory`<br/>**note: this is a configuration
factory!**
+`RepositoryServlet` | provides access to the various
(artifact/feature/distribution/target) internal repositories of ACE |
`/repository` | `org.apache.ace.repository.servlet.RepositoryServlet`
+`RepositoryReplicationServlet` | allows *relay nodes* to replicate the
internal repositories of ACE | `/replication` |
`org.apache.ace.repository.servlet.RepositoryReplicationServlet`
+`RESTClientServlet` | provides the RESTful interface to ACE |`/client` |
`org.apache.ace.client.rest`
+`VaadinServlet` | provides the Vaadin web interface | `/ace` |
`org.apache.ace.webui.vaadin`
+
+### Configuring authentication for remote services
+
+In the section on the design of the authentication layer, we've mentioned that
if a remote service wants to make use of authentication, it can make use of the
`AuthenticationService`. However, one of the design requirements was that
authentication should be optional as well. In order to enable or disable
authentication, each remote service needs to do the following:
+
+1. add a **mandatory** configuration property `authentication.enabled =
false|true` to their configuration. Although any kind of name for this
configuration property can be used, it is *strongly* advised to stick to the
same name for all services;
+2. when the configuration of a remote service is updated, it should add a
service dependency to the `AuthenticationService`. By making this service
*required* when authentication is enabled, and *optional* when authentication
is disabled, we can adhere to the requirement of optionality for authentication;
+3. in case authentication is *enabled*, each request the service obtains needs
to be passed to the `AuthenticationService` first, and depending on its
outcome, the request can continue or not.
+
+To make this more concrete, an example of how the `BundleServlet` is to be
configured:
+
+#### Service configuration
+
+The service configuration, located in `org.apache.ace.obr.servlet.cfg`, looks
like:
+
+ # Endpoint for this servlet
+ org.apache.ace.server.servlet.endpoint=/obr
+ # Whether or not authentication is to be used
+ authentication.enabled = true
+
+In `BundleServlet` we add the following code:
+
+ private volatile boolean m_useAuth;
+ private volatile AuthenticationService m_authService;
+
+ // ...
+
+ public void updated(Dictionary settings) throws ConfigurationException {
+ if (settings != null) {
+ String useAuthString = (String)
settings.get("authentication.enabled");
+ if (useAuthString == null ||
!("true".equalsIgnoreCase(useAuthString) ||
"false".equalsIgnoreCase(useAuthString))) {
+ throw new ConfigurationException("authentication.enabled",
"Missing or invalid value!");
+ }
+ boolean useAuth = Boolean.parseBoolean(useAuthString);
+
+ m_useAuth = useAuth;
+ }
+ else {
+ m_useAuth = false;
+ }
+ }
+
+ // ...
+
+ /**
+ * Called by Dependency Manager upon initialization of this component.
+ */
+ protected void init(Component comp) {
+ comp.add(m_dm.createServiceDependency()
+ .setService(AuthenticationService.class)
+ .setRequired(m_useAuth)
+ .setInstanceBound(true)
+ );
+ }
+
+As almost all of the services in ACE are managed by the Dependency Manager, we
can leverage its dynamics to inject our `BundleServlet` with an instance of the
`AuthenticationService` and provide us with a configuration[^5].
+
+#### Implemention
+
+The actual authentication implementation itself is rather trivial: we simply
intercept all incoming requests in our servlet and verify whether it resolves
to a valid user:
+
+ @Override
+ protected void service(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
+ if (!authenticate(req)) {
+ // Authentication failed; don't proceed with the original
request...
+ resp.sendError(SC_UNAUTHORIZED);
+ } else {
+ // Authentication successful, proceed with original request...
+ super.service(req, resp);
+ }
+ }
+
+ private boolean authenticate(HttpServletRequest request) {
+ User user = null;
+ if (m_useAuth) {
+ User user = m_authService.authenticate(request);
+ }
+ if (user == null) {
+ m_log.log(LogService.LOG_INFO, "Authentication failure!");
+ }
+ return (user != null);
+ }
+
+Note that this implementation does not tell *how* the authentication should
occur, only that it should occur. How the authentication is performed, is
determined internally by the `AuthenticationService`, with the help of the
registered `AuthenticationProcessor`s.
+
+### Configuring the connection factory
+
+Now that the remote service itself is no longer accepting unauthenticated
requests, we need to supply the credentials to access this service to the
`ConnectionFactory` service. This service can be configured using the PID
`org.apache.ace.connectionfactory` (*note that it is a configuration
factory!*), which would result in the following configuration for accessing our
`BundleServlet`:
+
+ # What kind of authentication should we supply
+ authentication.type = basic
+ # The actual credentials for basic authentication
+ authentication.user.name = d
+ authentication.user.password = f
+ # What is the base URL that these credentials apply to:
+ authentication.baseURL = http://localhost:8080/obr/
+
+When this configuration is supplied to the `ConnectionFactory`, it will
provide a basic HTTP authentication header to each connection created for any
URL starting with "http://localhost:8080/obr/"[^6].
+
+### Configuring the management agent
+
+â¦
+
+
+[^1]: Other communication protocols could be used as well. However, currently,
only HTTP is natively supported by ACE. For the remainder of this article,
we'll assume HTTP as protocol.
+
+[^2]: Assuming that all components in the management server are trusted and
obtained from trusted sources. If untrusted components would be allowed, we
need to add authentication to these communication paths as well.
+
+[^3]: It is up to the implementation of `AuthenticationService` whether the
*first* found user is returned, or whether it checks if all authentication
processors yield the *same* user, or any other strategy that is desired.
+
+[^4]: Amongst others, any number of log-endpoints can be defined, at least one
is needed for the audit log to be synchronized between target and management
server.
+
+[^5]: Note that we're using a configuration dependency for this service. This
way, the configuration **must** be present before the service itself is
registered, which allows us to determine if authentication should be used or
not.
+
+[^6]: Currently, a simple `String#startsWith()` is used to determine whether
or not a URL matches a configuration. This might change in the future when a
more sophisticated URL-matching strategy is needed.
Propchange: ace/site/trunk/content/dev-doc/design/ace-authentication.mdtext
------------------------------------------------------------------------------
svn:eol-style = native
Added: ace/site/trunk/content/dev-doc/design/auth_api.svg
URL:
http://svn.apache.org/viewvc/ace/site/trunk/content/dev-doc/design/auth_api.svg?rev=1330176&view=auto
==============================================================================
--- ace/site/trunk/content/dev-doc/design/auth_api.svg (added)
+++ ace/site/trunk/content/dev-doc/design/auth_api.svg Wed Apr 25 09:50:28 2012
@@ -0,0 +1,113 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN"
"http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd";>
+<svg height="404" version="1.1" width="716" xmlns="http://www.w3.org/2000/svg";>
+<rect fill="#ffffff" height="88" stroke="#ffffff" stroke-width="1" width="152"
x="14" y="150"/>
+<rect fill="none" height="88" stroke="#000000" stroke-width="1" width="152"
x="14" y="150"/>
+<text font-family="Lucida Grande" font-size="13" x="23" y="184">
+AuthenticationService</text>
+<text font-family="Lucida Grande" font-size="13" x="42" y="165">
+<<interface>></text>
+<rect fill="#000000" height="1" stroke="#000000" stroke-width="1" width="152"
x="14" y="194"/>
+<text font-family="Lucida Grande" font-size="13" x="18" y="209">
+authenticate() : User</text>
+<rect fill="#ffffff" height="87" stroke="#ffffff" stroke-width="1" width="164"
x="366" y="150"/>
+<rect fill="none" height="87" stroke="#000000" stroke-width="1" width="164"
x="366" y="150"/>
+<text font-family="Lucida Grande" font-size="13" x="371" y="184">
+AuthenticationProcessor</text>
+<text font-family="Lucida Grande" font-size="13" x="400" y="165">
+<<interface>></text>
+<rect fill="#000000" height="1" stroke="#000000" stroke-width="1" width="164"
x="366" y="194"/>
+<text font-family="Lucida Grande" font-size="13" x="370" y="209">
+canHandle() : Boolean</text>
+<text font-family="Lucida Grande" font-size="13" x="370" y="226">
+authenticate() : User</text>
+<polyline fill="none" points="165,198 366,198" stroke="#000000"
stroke-width="1"/>
+<polygon fill="#ffffff" points="165,198 175,193 185,198 175,203"
stroke="#ffffff" stroke-width="1"/>
+<polygon fill="none" points="165,198 175,193 185,198 175,203" stroke="#000000"
stroke-width="1"/>
+<text font-family="Lucida Grande" font-size="13" x="339" y="213">
+*</text>
+<rect fill="#ffffff" height="72" stroke="#ffffff" stroke-width="1" width="223"
x="198" y="318"/>
+<rect fill="none" height="72" stroke="#000000" stroke-width="1" width="223"
x="198" y="318"/>
+<text font-family="Lucida Grande" font-size="13" x="203" y="332">
+PasswordAuthenticationProcessor</text>
+<rect fill="#000000" height="1" stroke="#000000" stroke-width="1" width="223"
x="198" y="342"/>
+<rect fill="#000000" height="1" stroke="#000000" stroke-width="1" width="223"
x="198" y="365"/>
+<rect fill="#ffffff" height="68" stroke="#ffffff" stroke-width="1" width="224"
x="478" y="318"/>
+<rect fill="none" height="68" stroke="#000000" stroke-width="1" width="224"
x="478" y="318"/>
+<text font-family="Lucida Grande" font-size="13" x="483" y="332">
+BasicHttpAuthenticationProcessor</text>
+<rect fill="#000000" height="1" stroke="#000000" stroke-width="1" width="224"
x="478" y="342"/>
+<rect fill="#000000" height="1" stroke="#000000" stroke-width="1" width="224"
x="478" y="363"/>
+<rect fill="#ffffff" height="66" stroke="#ffffff" stroke-width="1" width="104"
x="396" y="14"/>
+<rect fill="none" height="66" stroke="#000000" stroke-width="1" width="104"
x="396" y="14"/>
+<text font-family="Lucida Grande" font-size="13" x="413" y="48">
+UserAdmin</text>
+<text font-family="Lucida Grande" font-size="13" x="400" y="29">
+<<interface>></text>
+<rect fill="#000000" height="1" stroke="#000000" stroke-width="1" width="104"
x="396" y="58"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="598" x2="598"
y1="318" y2="313"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="598" x2="598"
y1="308" y2="303"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="598" x2="598"
y1="298" y2="293"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="598" x2="598"
y1="288" y2="283"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="598" x2="593"
y1="278" y2="278"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="588" x2="583"
y1="278" y2="278"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="578" x2="573"
y1="278" y2="278"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="568" x2="563"
y1="278" y2="278"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="558" x2="553"
y1="278" y2="278"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="548" x2="543"
y1="278" y2="278"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="538" x2="533"
y1="278" y2="278"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="528" x2="523"
y1="278" y2="278"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="518" x2="513"
y1="278" y2="278"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="508" x2="503"
y1="278" y2="278"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="498" x2="493"
y1="278" y2="278"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="488" x2="483"
y1="278" y2="278"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="478" x2="473"
y1="278" y2="278"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="468" x2="463"
y1="278" y2="278"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="458" x2="454"
y1="278" y2="278"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="454" x2="454"
y1="278" y2="273"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="454" x2="454"
y1="268" y2="263"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="454" x2="454"
y1="258" y2="253"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="454" x2="454"
y1="248" y2="243"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="454" x2="454"
y1="238" y2="236"/>
+<polygon fill="#ffffff" points="454,236 461,248 447,248" stroke="#ffffff"
stroke-width="1"/>
+<polygon fill="none" points="454,236 461,248 447,248" stroke="#000000"
stroke-width="1"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="302" x2="302"
y1="318" y2="313"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="302" x2="302"
y1="308" y2="303"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="302" x2="302"
y1="298" y2="293"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="302" x2="302"
y1="288" y2="283"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="302" x2="307"
y1="278" y2="278"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="312" x2="317"
y1="278" y2="278"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="322" x2="327"
y1="278" y2="278"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="332" x2="337"
y1="278" y2="278"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="342" x2="347"
y1="278" y2="278"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="352" x2="357"
y1="278" y2="278"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="362" x2="367"
y1="278" y2="278"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="372" x2="377"
y1="278" y2="278"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="382" x2="387"
y1="278" y2="278"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="392" x2="397"
y1="278" y2="278"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="402" x2="407"
y1="278" y2="278"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="412" x2="417"
y1="278" y2="278"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="422" x2="427"
y1="278" y2="278"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="432" x2="437"
y1="278" y2="278"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="442" x2="447"
y1="278" y2="278"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="452" x2="454"
y1="278" y2="278"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="454" x2="454"
y1="278" y2="273"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="454" x2="454"
y1="268" y2="263"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="454" x2="454"
y1="258" y2="253"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="454" x2="454"
y1="248" y2="243"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="454" x2="454"
y1="238" y2="236"/>
+<polygon fill="#ffffff" points="454,236 461,248 447,248" stroke="#ffffff"
stroke-width="1"/>
+<polygon fill="none" points="454,236 461,248 447,248" stroke="#000000"
stroke-width="1"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="446" x2="446"
y1="150" y2="145"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="446" x2="446"
y1="140" y2="135"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="446" x2="446"
y1="130" y2="125"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="446" x2="446"
y1="120" y2="115"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="446" x2="446"
y1="110" y2="105"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="446" x2="446"
y1="100" y2="95"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="446" x2="446"
y1="90" y2="85"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="446" x2="446"
y1="80" y2="79"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="453" x2="446"
y1="91" y2="79"/>
+<line fill="#000000" stroke="#000000" stroke-width="1" x1="439" x2="446"
y1="91" y2="79"/>
+<text font-family="Lucida Grande" font-size="13" x="377" y="111">
+<<call>></text>
+</svg>
Propchange: ace/site/trunk/content/dev-doc/design/auth_api.svg
------------------------------------------------------------------------------
svn:eol-style = native
Added: ace/site/trunk/content/dev-doc/design/auth_connectionfactory.svg
URL:
http://svn.apache.org/viewvc/ace/site/trunk/content/dev-doc/design/auth_connectionfactory.svg?rev=1330176&view=auto
==============================================================================
--- ace/site/trunk/content/dev-doc/design/auth_connectionfactory.svg (added)
+++ ace/site/trunk/content/dev-doc/design/auth_connectionfactory.svg Wed Apr 25
09:50:28 2012
@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN"
"http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd";>
+<svg height="98" version="1.1" width="262" xmlns="http://www.w3.org/2000/svg";>
+<rect fill="#ffffff" height="70" stroke="#ffffff" stroke-width="1" width="234"
x="14" y="14"/>
+<rect fill="none" height="70" stroke="#000000" stroke-width="1" width="234"
x="14" y="14"/>
+<text font-family="Lucida Grande" font-size="13" x="72" y="48">
+ConnectionFactory</text>
+<text font-family="Lucida Grande" font-size="13" x="83" y="29">
+<<interface>></text>
+<rect fill="#000000" height="1" stroke="#000000" stroke-width="1" width="234"
x="14" y="58"/>
+<text font-family="Lucida Grande" font-size="13" x="18" y="73">
+createConnection() : URLConnection</text>
+</svg>
Propchange: ace/site/trunk/content/dev-doc/design/auth_connectionfactory.svg
------------------------------------------------------------------------------
svn:eol-style = native
Added: ace/site/trunk/content/dev-doc/design/auth_main_components.svg
URL:
http://svn.apache.org/viewvc/ace/site/trunk/content/dev-doc/design/auth_main_components.svg?rev=1330176&view=auto
==============================================================================
--- ace/site/trunk/content/dev-doc/design/auth_main_components.svg (added)
+++ ace/site/trunk/content/dev-doc/design/auth_main_components.svg Wed Apr 25
09:50:28 2012
@@ -0,0 +1,219 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN"
"http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd";>
+<svg height="516" version="1.1" width="896" xmlns="http://www.w3.org/2000/svg";>
+<rect fill="#ffffff" height="180" stroke="#ffffff" stroke-width="1"
width="200" x="662" y="122"/>
+<rect fill="none" height="180" stroke="#000000" stroke-width="1" width="200"
x="662" y="122"/>
+<polygon fill="#ffffff" points="662,122 682,102 882,102 862,122"
stroke="#ffffff" stroke-width="1"/>
+<polygon fill="none" points="662,122 682,102 882,102 862,122" stroke="#000000"
stroke-width="1"/>
+<polygon fill="#ffffff" points="882,102 882,282 862,302 862,122"
stroke="#ffffff" stroke-width="1"/>
+<polygon fill="none" points="882,102 882,282 862,302 862,122" stroke="#000000"
stroke-width="1"/>
+<text font-family="Lucida Grande" font-size="13" x="670" y="137">
+Management Agent</text>
+<rect fill="#ffffff" height="300" stroke="#ffffff" stroke-width="1"
width="516" x="14" y="122"/>
+<rect fill="none" height="300" stroke="#000000" stroke-width="1" width="516"
x="14" y="122"/>
+<polygon fill="#ffffff" points="14,122 34,102 550,102 530,122"
stroke="#ffffff" stroke-width="1"/>
+<polygon fill="none" points="14,122 34,102 550,102 530,122" stroke="#000000"
stroke-width="1"/>
+<polygon fill="#ffffff" points="550,102 550,402 530,422 530,122"
stroke="#ffffff" stroke-width="1"/>
+<polygon fill="none" points="550,102 550,402 530,422 530,122" stroke="#000000"
stroke-width="1"/>
+<text font-family="Lucida Grande" font-size="13" x="22" y="137">
+Management Server</text>
+<rect fill="#00ff" height="80" stroke="#00ff" stroke-width="1" width="120"
x="352" y="174"/>
+<rect fill="#ffffff" height="80" stroke="#ffffff" stroke-width="1" width="120"
x="352" y="174"/>
+<rect fill="none" height="80" stroke="#000000" stroke-width="1" width="120"
x="352" y="174"/>
+<text font-family="Lucida Grande" font-size="13" x="398" y="189">
+Client</text>
+<rect fill="#ffffff" height="10" stroke="#ffffff" stroke-width="1" width="20"
x="342" y="195"/>
+<rect fill="none" height="10" stroke="#000000" stroke-width="1" width="20"
x="342" y="195"/>
+<rect fill="#ffffff" height="10" stroke="#ffffff" stroke-width="1" width="20"
x="342" y="222"/>
+<rect fill="none" height="10" stroke="#000000" stroke-width="1" width="20"
x="342" y="222"/>
+<rect fill="#00ff" height="80" stroke="#00ff" stroke-width="1" width="120"
x="704" y="174"/>
+<rect fill="#ffffff" height="80" stroke="#ffffff" stroke-width="1" width="120"
x="704" y="174"/>
+<rect fill="none" height="80" stroke="#000000" stroke-width="1" width="120"
x="704" y="174"/>
+<text font-family="Lucida Grande" font-size="13" x="749" y="189">
+Target</text>
+<rect fill="#ffffff" height="10" stroke="#ffffff" stroke-width="1" width="20"
x="694" y="195"/>
+<rect fill="none" height="10" stroke="#000000" stroke-width="1" width="20"
x="694" y="195"/>
+<rect fill="#ffffff" height="10" stroke="#ffffff" stroke-width="1" width="20"
x="694" y="222"/>
+<rect fill="none" height="10" stroke="#000000" stroke-width="1" width="20"
x="694" y="222"/>
+<rect fill="#00ff" height="80" stroke="#00ff" stroke-width="1" width="120"
x="352" y="310"/>
+<rect fill="#ffffff" height="80" stroke="#ffffff" stroke-width="1" width="120"
x="352" y="310"/>
+<rect fill="none" height="80" stroke="#000000" stroke-width="1" width="120"
x="352" y="310"/>
+<text font-family="Lucida Grande" font-size="13" x="372" y="325">
+REST Interface</text>
+<rect fill="#ffffff" height="10" stroke="#ffffff" stroke-width="1" width="20"
x="342" y="331"/>
+<rect fill="none" height="10" stroke="#000000" stroke-width="1" width="20"
x="342" y="331"/>
+<rect fill="#ffffff" height="10" stroke="#ffffff" stroke-width="1" width="20"
x="342" y="358"/>
+<rect fill="none" height="10" stroke="#000000" stroke-width="1" width="20"
x="342" y="358"/>
+<rect fill="#00ff" height="80" stroke="#00ff" stroke-width="1" width="120"
x="56" y="174"/>
+<rect fill="#ffffff" height="80" stroke="#ffffff" stroke-width="1" width="120"
x="56" y="174"/>
+<rect fill="none" height="80" stroke="#000000" stroke-width="1" width="120"
x="56" y="174"/>
+<text font-family="Lucida Grande" font-size="13" x="102" y="189">
+Server</text>
+<rect fill="#ffffff" height="10" stroke="#ffffff" stroke-width="1" width="20"
x="46" y="195"/>
+<rect fill="none" height="10" stroke="#000000" stroke-width="1" width="20"
x="46" y="195"/>
+<rect fill="#ffffff" height="10" stroke="#ffffff" stroke-width="1" width="20"
x="46" y="222"/>
+<rect fill="none" height="10" stroke="#000000" stroke-width="1" width="20"
x="46" y="222"/>
+<polygon fill="#ffffff" points="422,14 643,14 653,24 653,77 422,77 422,14"
stroke="#ffffff" stroke-width="1"/>
+<polyline fill="none" points="422,14 643,14 653,24 653,77 422,77 422,14"
stroke="#000000" stroke-width="1"/>
+<polygon fill="#b2b2b2" points="643,14 653,24 643,24 643,14" stroke="#b2b2b2"
stroke-width="1"/>
+<polyline fill="none" points="643,14 653,24 643,24 643,14" stroke="#000000"
stroke-width="1"/>
+<text font-family="Lucida Grande" font-size="13" x="425" y="30">
+Provides REST-ish interfaces for </text>
+<text font-family="Lucida Grande" font-size="13" x="425" y="46">
+deployment packages, audit logs, </text>
+<text font-family="Lucida Grande" font-size="13" x="425" y="62">
+OBR access and so on.</text>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="462" x2="462"
y1="77" y2="82"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="462" x2="462"
y1="87" y2="92"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="462" x2="462"
y1="97" y2="102"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="462" x2="462"
y1="107" y2="112"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="462" x2="462"
y1="117" y2="122"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="462" x2="462"
y1="127" y2="132"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="462" x2="462"
y1="137" y2="142"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="462" x2="462"
y1="147" y2="152"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="462" x2="462"
y1="157" y2="162"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="462" x2="462"
y1="167" y2="172"/>
+<polygon fill="#ffffff" points="78,14 295,14 305,24 305,77 78,77 78,14"
stroke="#ffffff" stroke-width="1"/>
+<polyline fill="none" points="78,14 295,14 305,24 305,77 78,77 78,14"
stroke="#000000" stroke-width="1"/>
+<polygon fill="#b2b2b2" points="295,14 305,24 295,24 295,14" stroke="#b2b2b2"
stroke-width="1"/>
+<polyline fill="none" points="295,14 305,24 295,24 295,14" stroke="#000000"
stroke-width="1"/>
+<text font-family="Lucida Grande" font-size="13" x="81" y="30">
+Provides the real services for</text>
+<text font-family="Lucida Grande" font-size="13" x="81" y="46">
+deployment packages, audit logs,</text>
+<text font-family="Lucida Grande" font-size="13" x="81" y="62">
+OBR access and so on.</text>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="158" x2="158"
y1="72" y2="77"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="158" x2="158"
y1="82" y2="87"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="158" x2="158"
y1="92" y2="97"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="158" x2="158"
y1="102" y2="107"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="158" x2="158"
y1="112" y2="117"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="158" x2="158"
y1="122" y2="127"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="158" x2="158"
y1="132" y2="137"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="158" x2="158"
y1="142" y2="147"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="158" x2="158"
y1="152" y2="157"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="158" x2="158"
y1="162" y2="167"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="158" x2="158"
y1="172" y2="174"/>
+<polygon fill="#ffffff" points="414,446 595,446 605,456 605,501 414,501
414,446" stroke="#ffffff" stroke-width="1"/>
+<polyline fill="none" points="414,446 595,446 605,456 605,501 414,501 414,446"
stroke="#000000" stroke-width="1"/>
+<polygon fill="#b2b2b2" points="595,446 605,456 595,456 595,446"
stroke="#b2b2b2" stroke-width="1"/>
+<polyline fill="none" points="595,446 605,456 595,456 595,446"
stroke="#000000" stroke-width="1"/>
+<text font-family="Lucida Grande" font-size="13" x="417" y="462">
+Provides a REST API for the </text>
+<text font-family="Lucida Grande" font-size="13" x="417" y="478">
+entire client-API.</text>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="437" x2="437"
y1="446" y2="441"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="437" x2="437"
y1="436" y2="431"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="437" x2="437"
y1="426" y2="421"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="437" x2="437"
y1="416" y2="411"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="437" x2="437"
y1="406" y2="401"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="437" x2="437"
y1="396" y2="391"/>
+<rect fill="#00ff" height="80" stroke="#00ff" stroke-width="1" width="120"
x="56" y="310"/>
+<rect fill="#ffffff" height="80" stroke="#ffffff" stroke-width="1" width="120"
x="56" y="310"/>
+<rect fill="none" height="80" stroke="#000000" stroke-width="1" width="120"
x="56" y="310"/>
+<text font-family="Lucida Grande" font-size="13" x="99" y="325">
+Web UI</text>
+<rect fill="#ffffff" height="10" stroke="#ffffff" stroke-width="1" width="20"
x="46" y="331"/>
+<rect fill="none" height="10" stroke="#000000" stroke-width="1" width="20"
x="46" y="331"/>
+<rect fill="#ffffff" height="10" stroke="#ffffff" stroke-width="1" width="20"
x="46" y="358"/>
+<rect fill="none" height="10" stroke="#000000" stroke-width="1" width="20"
x="46" y="358"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="352" x2="347"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="342" x2="337"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="332" x2="327"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="322" x2="317"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="312" x2="307"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="302" x2="297"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="292" x2="287"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="282" x2="277"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="272" x2="267"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="262" x2="257"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="252" x2="247"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="242" x2="237"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="232" x2="227"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="222" x2="217"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="212" x2="207"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="202" x2="197"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="192" x2="187"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="182" x2="177"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="187" x2="175"
y1="207" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="187" x2="175"
y1="221" y2="214"/>
+<text font-family="Lucida Grande" font-size="13" x="217" y="201">
+direct / HTTP â </text>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="704" x2="699"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="694" x2="689"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="684" x2="679"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="674" x2="669"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="664" x2="659"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="654" x2="649"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="644" x2="639"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="634" x2="629"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="624" x2="619"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="614" x2="609"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="604" x2="599"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="594" x2="589"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="584" x2="579"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="574" x2="569"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="564" x2="559"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="554" x2="549"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="544" x2="539"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="534" x2="529"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="524" x2="519"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="514" x2="509"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="504" x2="499"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="494" x2="489"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="484" x2="479"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="474" x2="471"
y1="214" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="483" x2="471"
y1="207" y2="214"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="483" x2="471"
y1="221" y2="214"/>
+<text font-family="Lucida Grande" font-size="13" x="583" y="200">
+HTTP â¡</text>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="406" x2="406"
y1="310" y2="305"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="406" x2="406"
y1="300" y2="295"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="406" x2="406"
y1="290" y2="285"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="406" x2="406"
y1="280" y2="275"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="406" x2="406"
y1="270" y2="265"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="406" x2="406"
y1="260" y2="255"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="413" x2="406"
y1="265" y2="253"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="399" x2="406"
y1="265" y2="253"/>
+<text font-family="Lucida Grande" font-size="13" x="417" y="287">
+direct / HTTP â¢</text>
+<ellipse cx="404" cy="282" fill="#000000" rx="0.5" ry="0.5" stroke="#000000"
stroke-width="1"/>
+<ellipse cx="405" cy="283" fill="#ffffff" rx="-0.5" ry="-0.5" stroke="#ffffff"
stroke-width="1"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="175" x2="179"
y1="310" y2="309"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="184" x2="189"
y1="307" y2="306"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="194" x2="198"
y1="304" y2="303"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="203" x2="208"
y1="301" y2="300"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="213" x2="218"
y1="298" y2="297"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="222" x2="227"
y1="295" y2="294"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="232" x2="237"
y1="292" y2="290"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="241" x2="246"
y1="289" y2="287"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="251" x2="256"
y1="286" y2="284"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="261" x2="265"
y1="283" y2="281"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="270" x2="275"
y1="280" y2="278"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="280" x2="285"
y1="277" y2="275"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="289" x2="294"
y1="274" y2="272"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="299" x2="304"
y1="270" y2="269"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="308" x2="313"
y1="267" y2="266"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="318" x2="323"
y1="264" y2="263"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="328" x2="332"
y1="261" y2="260"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="337" x2="342"
y1="258" y2="257"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="347" x2="352"
y1="255" y2="253"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="342" x2="352"
y1="263" y2="253"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="338" x2="352"
y1="250" y2="253"/>
+<text font-family="Lucida Grande" font-size="13" x="239" y="304">
+direct / HTTP â£</text>
+<polygon fill="#ffffff" points="70,446 235,446 245,456 245,501 70,501 70,446"
stroke="#ffffff" stroke-width="1"/>
+<polyline fill="none" points="70,446 235,446 245,456 245,501 70,501 70,446"
stroke="#000000" stroke-width="1"/>
+<polygon fill="#b2b2b2" points="235,446 245,456 235,456 235,446"
stroke="#b2b2b2" stroke-width="1"/>
+<polyline fill="none" points="235,446 245,456 235,456 235,446"
stroke="#000000" stroke-width="1"/>
+<text font-family="Lucida Grande" font-size="13" x="73" y="462">
+Provides a web interface</text>
+<text font-family="Lucida Grande" font-size="13" x="73" y="478">
+for the entire client-API.</text>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="158" x2="158"
y1="446" y2="441"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="158" x2="158"
y1="436" y2="431"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="158" x2="158"
y1="426" y2="421"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="158" x2="158"
y1="416" y2="411"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="158" x2="158"
y1="406" y2="401"/>
+<line fill="#333399" stroke="#333399" stroke-width="1" x1="158" x2="158"
y1="396" y2="391"/>
+</svg>
Propchange: ace/site/trunk/content/dev-doc/design/auth_main_components.svg
------------------------------------------------------------------------------
svn:eol-style = native
