Author: jonathan Date: Mon Jul 21 02:21:06 2008 New Revision: 19768 URL: http://wso2.org/svn/browse/wso2?view=rev&revision=19768
Log: typos and markup improvements. Modified: trunk/mashup/java/xdocs/securingmashups.html Modified: trunk/mashup/java/xdocs/securingmashups.html URL: http://wso2.org/svn/browse/wso2/trunk/mashup/java/xdocs/securingmashups.html?rev=19768&r1=19767&r2=19768&view=diff ============================================================================== --- trunk/mashup/java/xdocs/securingmashups.html (original) +++ trunk/mashup/java/xdocs/securingmashups.html Mon Jul 21 02:21:06 2008 @@ -1,5 +1,6 @@ <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> -<html xmlns="http://www.w3.org/1999/xhtml";><head><!-- +<html xmlns="http://www.w3.org/1999/xhtml";> +<head><!-- ~ Copyright 2005-2008 WSO2, Inc. (http://wso2.com) ~ ~ Licensed under the Apache License, Version 2.0 (the "License"); @@ -15,38 +16,64 @@ ~ limitations under the License. --> -<meta http-equiv="content-type" content=""><title>Securing Mashups</title> + <meta http-equiv="content-type" content=""> + <title>Securing Mashups</title> -<link href="css/mashup-docs.css" rel="stylesheet" type="text/css" media="all"></head> + <link href="css/mashup-docs.css" rel="stylesheet" type="text/css" media="all"> +</head> <body lang="EN-US"> <div id="main-content"> -<h1>Securing Mashups</h1> -<p>The Mashup Server allows users to secure their mashups using -WS-Security. All the complexities of WS-Security are hidden under the -covers so that users can apply security scenarios of their mashups with -ease. Once a security scenario is applied the corresponding WSDL of that -mashup will display the WS-Security policy been engaged on that mashup. -Hence consumers of this mashup will be able to consume your secured -mashup by processing the information available in the WSDL.</p><p>Securing -mashups deployed on the Mashup Server can be done by visiting the -corresponding mashup page. If the user has already signed in he will -see a link called "Configure Security Scenarios" in the configuration -section on the mashup page (See image below). If the user has not set -up his private key he will be redirected to the certificate manager page. Please refer the <a href="keystoremanagement.html">Keystore Management</a> section for setting up private keys.</p><img src="images/configure_security.png" style="width: 994px; height: 813px;" alt="Configure Security"><p></p> -<h2 id="managing">Applying Security Scenarios</h2> -<p>The Security Scenarios page list the security scenario that has been -applied to a mashup. The Mashup Server ships with 15 most commonly used -security scenarios and these scenarios can be applied onto a mashup by -the click of a button. The default scenario engaged is unsecured. </p><p><img src="images/security_scenarios.png" style="width: 1003px; height: 774px;" alt="Security Scenarios"></p><p></p>Some -of the security scenarios listed above will require the user to specify -the users and roles that the service will be opened to. These are the -security scenarios that involve Username Token Authentication. When -such a scenario is been applied you will be prompt with a list of -available users and roles as follows, <br><br><img src="images/assign_users_and_roles.png" style="width: 1003px; height: 777px;" alt="Assign Users and Roles"><br><br>Providing -access to the "mashup_user" role would mean that any registered user in -the Mashup Server will be able to access this service. <br><br>NOTE: -The generated stub provides facilities to access mashups secured using -"UsernameToken with Timestamp over HTTPS" while the <a href="wsrequesthostobject.html">WSRequest host object</a> provides facilities to access any secured mashup. + <h1>Securing Mashups</h1> + + <p>The Mashup Server allows users to secure their mashups using + WS-Security. All the complexities of WS-Security are hidden under the + covers so that users can apply security scenarios of their mashups with + ease. Once a security scenario is applied the corresponding WSDL of that + mashup will display the WS-Security policy that has been engaged on that mashup. + Hence consumers of this mashup will be able to consume your secured + mashup by processing the information available in the WSDL.</p> + + <p>Securing + mashups deployed on the Mashup Server can be done by visiting the + corresponding mashup page. If the user has already signed in he will + see a link called "Configure Security Scenarios" in the configuration + section on the mashup page (see image below). If the user has not set + up his private key he will be redirected to the certificate manager page. + Please refer the <a + href="keystoremanagement.html">Keystore Management</a> section for setting up private keys.</p> + + <p><img + src="images/configure_security.png" style="width: 994px; height: 813px;" alt="Configure Security"></p> + + <p></p> + + <h2 id="managing">Applying Security Scenarios</h2> + + <p>The Security Scenarios page lists the security scenarios that can be + applied to a mashup. The Mashup Server ships with 15 most commonly used + security scenarios which can be applied onto a mashup by + selecting the desired scenario and clicking "submit". By default the + mashup is unsecured, which is listed as scenario 16.</p> + + <p><img src="images/security_scenarios.png" style="width: 1003px; height: 774px;" alt="Security Scenarios"></p> + + <p>Some of the security scenarios listed above will require the user to specify + the users and roles that are authorized to access the service. These are the + security scenarios that involve Username Token Authentication. When + such a scenario is applied you will be prompt with a list of + available users and roles.<p> + + <p><img src="images/assign_users_and_roles.png" style="width: 1003px; height: 777px;" + alt="Assign Users and Roles"></p> + + <p>Providing + access to the "mashup_user" role would mean that any registered user in + the Mashup Server will be able to access this service. </p> + + <p>NOTE: The generated stub provides facilities to access mashups secured using + "UsernameToken with Timestamp over HTTPS" while the <a href="wsrequesthostobject.html">WSRequest host object</a> + provides facilities to access any secured mashup.</p> </div> -<p>� 2007-2008 WSO2 Inc.</p> -</body></html> \ No newline at end of file +<p>© 2007-2008 WSO2 Inc.</p> +</body> +</html> \ No newline at end of file
_______________________________________________ Mashup-dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/mashup-dev
