blob: 795ca0da56a9c845baa70a0b77d9dc6316eebb03 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML>
<HEAD>
<LINK type="text/css" rel="stylesheet" href="http://tuscany.apache.org/stylesheets/default.css">
<LINK rel="SHORTCUT ICON" href="http://cwiki.apache.org/confluence/display/TUSCANY/$images/favicon.ico">
<TITLE>SCA Java binding.http security policy : Apache Tuscany</TITLE>
<META http-equiv="Content-Type" content="text/html;charset=UTF-8"></HEAD>
<BODY onload="init()">
<TABLE valign="top" border="0" cellspacing="0" cellpadding="0" width="100%" background="http://tuscany.apache.org/images/TuscanyLogoNEW_Text_120px_bg.jpg">
<TR>
<TD valing="top" align="left">
<A href="http://cwiki.apache.org/confluence/pages/viewpage.action?spaceKey=TUSCANY&title=$siteroot"><IMG src="http://tuscany.apache.org/images/TuscanyLogoNEW_Text_120px_bg.jpg" height="91" width="25" border="0"></A>
</TD>
<TD>
<A href="http://tuscany.apache.org/"><IMG src="http://tuscany.apache.org/images/TuscanyLogo.jpg" border="0"></A>
</TD>
<TD width="100%">
</TD>
<!--td align="right">
<img src="http://incubator.apache.org/tuscany/images/apache- incubator- logo.png" border="0">
</td-->
<!-- Adds the edit page link to the top banner-->
<TD valign="bottom">
<DIV style="padding: 2px 10px; margin: 0px;">
<A href="http://cwiki.apache.org/confluence/pages/editpage.action?pageId=99372">
<IMG src="http://tuscany.apache.org/images/notep_16.gif" height="16" width="16" border="0" align="absmiddle" title="Edit Page"></A>
</DIV>
</TD>
</TR>
</TABLE>
<TABLE border="0" cellpadding="2" cellspacing="0" width="100%">
<TR class="topBar">
<TD align="left" valign="middle" class="topBarDiv" nowrap="true" width="100%">
<A href="home.html" title="Apache Tuscany">Apache Tuscany</A> > <A href="home.html" title="Home">Home</A> > <A href="sca-overview.html" title="SCA Overview">SCA Overview</A> > <A href="sca-java.html" title="SCA Java">SCA Java</A> > <A href="java-sca-documentation-menu.html" title="Java SCA Documentation Menu">Java SCA Documentation Menu</A> > <A href="" title="SCA Java binding.http security policy">SCA Java binding.http security policy</A>
</TD>
<TD align="left" valign="middle" class="topBarDiv" nowrap="true">
<A href="http://mail-archives.apache.org/mod_mbox/tuscany-user">User List</A> | <A href="http://mail-archives.apache.org/mod_mbox/tuscany-dev">Dev List</A> | <A href="http://issues.apache.org/jira/browse/Tuscany">Issue Tracker</A>
</TD>
</TR>
</TABLE>
<TABLE border="0" cellpadding="0" width="100%" bgcolor="#FFFFFF">
<TR>
<TD align="left" valign="top">
<DIV id="PageContent">
<DIV class="pagecontent">
<DIV class="wiki-content">
<TABLE class="sectionMacro" border="0" cellpadding="5" cellspacing="0" width="100%"><TBODY><TR>
<TD class="confluenceTd" valign="top" width="15%">
<DIV class="panel" style="border-style: solid; border-color: #C3CDA1; "><DIV class="panelHeader" style="border-bottom-style: solid; border-bottom-color: #C3CDA1; background-color: #C3CDA1; "><B>General</B></DIV><DIV class="panelContent" style="background-color: #ECF4D1; ">
<P><A href="home.html" title="Home">Home</A><BR>
<SPAN class="nobr"><A href="http://www.apache.org/licenses/LICENSE-2.0.html" title="Visit page outside Confluence" rel="nofollow">License <SUP><IMG class="rendericon" src="http://cwiki.apache.org/confluence/images/icons/linkext7.gif" height="7" width="7" align="absmiddle" alt="" border="0"></SUP></A></SPAN><BR>
<A href="sca-java-get-involved.html" title="SCA Java Get Involved">Get Involved</A><BR>
<A href="sca-java-found-a-bug.html" title="SCA Java Found A Bug">Found a Bug?</A></P>
</DIV></DIV>
<DIV class="panel" style="border-style: solid; border-color: #b4b4b5; "><DIV class="panelHeader" style="border-bottom-style: solid; border-bottom-color: #b4b4b5; background-color: #C3CDA1; "><B>SCA Java</B></DIV><DIV class="panelContent" style="background-color: #ECF4D1; ">
<P><A href="sca-java.html" title="SCA Java">SCA Java Home</A><BR>
<A href="tuscany-sca-java-faq.html" title="Tuscany SCA Java - FAQ">FAQ</A><BR>
<A href="sca-java-releases.html" title="SCA Java Releases">Downloads</A><BR>
<A href="java-sca-documentation-menu.html" title="Java SCA Documentation Menu">Documentation</A><BR>
<A href="java-sca-tools.html" title="Java SCA Tools">Tools </A><BR>
<SPAN class="nobr"><A href="https://svn.apache.org/repos/asf/tuscany/java/sca/" title="Visit page outside Confluence" rel="nofollow">Source Code<SUP><IMG class="rendericon" src="http://cwiki.apache.org/confluence/images/icons/linkext7.gif" height="7" width="7" align="absmiddle" alt="" border="0"></SUP></A></SPAN></P>
</DIV></DIV>
<DIV class="panel" style="border-style: solid; border-color: #b4b4b5; "><DIV class="panelHeader" style="border-bottom-style: solid; border-bottom-color: #b4b4b5; background-color: #C3CDA1; "><B>Documentation</B></DIV><DIV class="panelContent" style="background-color: #ECF4D1; ">
<P><A href="sca-java-user-guide.html" title="SCA Java User Guide">User Guide</A><BR>
<A href="sca-java-architecture-guide.html" title="SCA Java Architecture Guide">Architecture Guide</A><BR>
<A href="sca-java-development-guide.html" title="SCA Java Development Guide">Developer Guide</A><BR>
<A href="sca-java-extension-development-guide.html" title="SCA Java Extension Development Guide">Extension Developer Guide</A></P>
</DIV></DIV>
<DIV class="panel" style="border-style: solid; border-color: #b4b4b5; "><DIV class="panelHeader" style="border-bottom-style: solid; border-bottom-color: #b4b4b5; background-color: #C3CDA1; "><B>Resources</B></DIV><DIV class="panelContent" style="background-color: #ECF4D1; ">
<P><A href="tuscany-sca-java-faq.html" title="Tuscany SCA Java - FAQ">FAQ</A><BR>
<SPAN class="nobr"><A href="https://svn.apache.org/repos/asf/incubator/tuscany/java/sca" title="Visit page outside Confluence" rel="nofollow">Source Code<SUP><IMG class="rendericon" src="http://cwiki.apache.org/confluence/images/icons/linkext7.gif" height="7" width="7" align="absmiddle" alt="" border="0"></SUP></A></SPAN></P>
</DIV></DIV>
</TD>
<TD class="confluenceTd" valign="top" width="85%">
<H3><A name="SCAJavabinding.httpsecuritypolicy-SecurityPolicysupportinHTTPandWeb2.0Bindings"></A>Security Policy support in HTTP and Web 2.0 Bindings</H3>
<TABLE cellpadding="5" width="85%" cellspacing="8px" class="infoMacro" border="0" align="center"><COLGROUP><COL width="24"><COL></COLGROUP><TR><TD valign="top"><IMG src="http://cwiki.apache.org/confluence/images/icons/emoticons/information.gif" width="16" height="16" align="absmiddle" alt="" border="0"></TD><TD> work in progress </TD></TR></TABLE>
<H3><A name="SCAJavabinding.httpsecuritypolicy-Scenarios"></A>Scenarios</H3>
<P><IMG src="sca-java-bindinghttp-security-policy.data/scenario.jpg" align="absmiddle" border="0"></P>
<UL>
<LI>A Web 2.0 application requires that a user get authenticated before it can access the application.</LI>
<LI>A Web 2.0 application requires that all communication between client/server be done using SSL.</LI>
<LI>A given service, exposed using a web 2.0 binding requires user authentication.</LI>
<LI>A given operation, exposed using a web 2.0 binding requires user authentication.</LI>
</UL>
<H3><A name="SCAJavabinding.httpsecuritypolicy-PolicyInterceptor"></A>Policy Interceptor</H3>
<P>The design approach that is being considered is to inject policy security interceptors, that would properly validate and enforce the security intents.<BR>
The authentication will be done using JAAS modules for authentication, and initially we would support authenticating to a list of username/password supplied by the application or using an LDAP.</P>
<P><DIV align="center"><IMG src="sca-java-bindinghttp-security-policy.data/high_level_design.jpg" border="0"></DIV></P>
</TD></TR></TBODY></TABLE>
</DIV>
</DIV>
</DIV>
</TD>
</TR>
</TABLE>
<SCRIPT src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</SCRIPT>
<SCRIPT type="text/javascript">
_uacct = "UA-1174707-5";
urchinTracker();
</SCRIPT>
<A href="http://www.statcounter.com/" target="_blank"><IMG src="http://c26.statcounter.com/counter.php?sc_project=2619156&java=0&security=94bd7e7d&invisible=0" alt="website stats" border="0"></A>
<DIV class="footer">
Copyright © 2003-2007, The Apache Software Foundation
</DIV>
</BODY>
</HTML>
|