Repository: juddi Updated Branches: refs/heads/master 809a25e4a -> 8324ff1a8
JUDDI-856 adding docs Project: http://git-wip-us.apache.org/repos/asf/juddi/repo Commit: http://git-wip-us.apache.org/repos/asf/juddi/commit/8324ff1a Tree: http://git-wip-us.apache.org/repos/asf/juddi/tree/8324ff1a Diff: http://git-wip-us.apache.org/repos/asf/juddi/diff/8324ff1a Branch: refs/heads/master Commit: 8324ff1a80854f04c46f2192bc17563632329a5a Parents: 809a25e Author: alexoree <[email protected]> Authored: Fri Feb 28 23:09:55 2014 -0500 Committer: alexoree <[email protected]> Committed: Fri Feb 28 23:09:55 2014 -0500 ---------------------------------------------------------------------- .../Guide/en-US/GuideAdministration.asciidoc | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/juddi/blob/8324ff1a/docs/asciidoc/Guide/en-US/GuideAdministration.asciidoc ---------------------------------------------------------------------- diff --git a/docs/asciidoc/Guide/en-US/GuideAdministration.asciidoc b/docs/asciidoc/Guide/en-US/GuideAdministration.asciidoc index 1a43fea..a6eaf9c 100644 --- a/docs/asciidoc/Guide/en-US/GuideAdministration.asciidoc +++ b/docs/asciidoc/Guide/en-US/GuideAdministration.asciidoc @@ -184,7 +184,7 @@ juddi/auth/authenticator/ldapexp=CN=%s, OU=Users,DC=Domain, etc ===== JBoss Authentication -Finally is it possible to hook up to third party credential stores. If for example jUDDI is deployed to the JBoss Application server it is possible to hook up to it's authentication machinery. The JBossAuthenticator class is provided in the docs/examples/auth directory. This class enables jUDDI deployments on JBoss use a server security domain to authenticate users. +Is it possible to hook up to third party credential stores. If for example jUDDI is deployed to the JBoss Application server it is possible to hook up to it's authentication machinery. The JBossAuthenticator class is provided in the docs/examples/auth directory. This class enables jUDDI deployments on JBoss use a server security domain to authenticate users. TIP: The JBoss authentication is not distributed with jUDDI. It can be found here: http://svn.apache.org/viewvc/juddi/extras/jbossauthenticator/src/org/apache/juddi/auth/JBossAuthenticator.java?view=markup @@ -195,6 +195,22 @@ juddi/auth/securityDomain=java:/jaas/other ---- The juddi/auth/authenticator/class property plugs the JbossAuthenticator class into the jUDDI the Authenticator framework. The juddi/sercuityDomain, configures the JBossAuthenticator class where it can lookup the application server's security domain, which it will use to perform the authentication. Note that JBoss creates one security domain for each application policy element on the `$JBOSS_HOME/server/default/conf/login-config.xml` file, which gets bound to the server JNDI tree with name java:/jaas/<application-policy-name></application-policy-name>. If a lookup refers to a non existent application policy it defaults to a policy named other. +===== Contained Based Authentication + +Certain security configurations may use HTTP based authentication. In this scenario, jUDDI simply trust's that the container will authenticate the user via some mechanism and uses that username for interactions with jUDDI. To configure this setup, use the following configuration settings in juddiv3.xml: +---- +juddi/auth/authenticator/class=org.apache.juddi.auth.HTTPContainerAuthenticator +---- + + +===== Authentication by Proxy + +Certain security configurations that enforce authentication before requests come to the web application, such as via Apache HTTPD or a reverse SSL proxy. In these cases, the proxy provide authenticates the user, then passes along the user's identity via a HTTP header. To configure this setup, use the following configuration settings in juddiv3.xml: +---- +juddi/auth/authenticator/class=org.apache.juddi.auth.HTTPHeaderAuthenticator +juddi/auth/authenticator/header=(Some HTTP Header) +---- + [[ConfiguringDatabaseConnections]] === Configuration Database Connections --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
