Changes between Version 15 and Version 16 of Aaa


Ignore:
Timestamp:
Oct 13, 2010, 9:04:57 AM (14 years ago)
Author:
tim.bauge
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • Aaa

    v15 v16  
    2323The WAR file contains 3 files which need configuring to run correctly on the target deployment platform. Each field requiring a deployment specific value has been identified with the string "REPLACE:". Other fields have been set to typical defaults which should satisfy most deployments. These can however be modified for advanced tuning of the STS. For more information contact TRT.
    2424The WAR file is an archive containing object code, presentation templates and configuration files. The downloaded WAR file should therefore be opened (e.g. using [http://www.7-zip.org/ 7-zip]) to edit the following configuration files:
    25 * sts.war/META-INF/maven/com.thalesresearch.sensei/sensei-sts-service/pom.xml
    26 Configuration fields:
    27 ||= '''Field''' =||= '''Expected content''' =||
    28 ||hosted.sts.url||URL of STS. This will be the Tomcat server URL route suffixed with /STS||
    29 ||keystore.filepath||File path of keystore, as an absolute path||
    30 ||keystore.password||Keystore password, defined during the keystore deployement||
    31 ||key.alias||Key alias, defined during the keystore deployement||
    32 ||key.password||Key password, defined during the keystore deployement||
    33 ||partner.aaaservice.filepath^*||File path of AAA Service metadata. This metadata file is available from the AAA service provider (file name hostedAaaMetadata.xml found in aaa.war/WEB-INF/classes/trustedEntities/)||
    34 ||partner.sts1.filepath^*||File path of a trusted STS metadata if needed (one with which a federation agreement is in place). This metadata file is available from the remote STS provider (file name hostedStsMetadata.xml found in sts.war/WEB-INF/classes/trustedEntities/)||
    35 ||partner.sts2.filepath^*||File path of another trusted STS metadata if needed (one with which a federation agreement is in place). This metadata file is available from the remote STS provider (file name hostedStsMetadata.xml found in sts.war/WEB-INF/classes/trustedEntities/)||
    36 ^*
    37 For simplicity of configuration, the STS is by default set to have one AAA service which it trusts, and up to two federated STS (i.e. a federation of three in all). If more AAA services of STSs are required to be used in the deployment, further configuration changes are required which are beyond the scope of this cookbook. Please contact TRT (UK) directly for further instructions.
    3825* sts.war/WEB-INF/classes/trustedEntities/hostedStsMetadata.xml
    3926Configuration fields:
     
    4936||key.pass||Key password, defined during the keystore deployement||
    5037||key.alias||Key alias, defined during the keystore deployement||
    51 ||partner.aaaservice.file||File path of AAA Service metadata, as described in pom.xml above||
    52 ||partner.sts1.file||File path of a trusted STS metadata, as described in pom.xml above||
    53 ||partner.sts2.file||File path of another trusted STS metadata, as described in pom.xml above||
    54 
    55 ==== User administration ====
     38||partner.aaaservice.file^*||File path of AAA Service metadata, as described in pom.xml above||
     39||partner.sts1.file^*||File path of a trusted STS metadata, as described in pom.xml above||
     40||partner.sts2.file^*||File path of another trusted STS metadata, as described in pom.xml above||
     41^*
     42For simplicity of configuration, the STS is by default set to have one AAA service which it trusts, and up to two federated STS (i.e. a federation of three in all). If more AAA services of STSs are required to be used in the deployment, further configuration changes are required which are beyond the scope of this cookbook. Please contact TRT (UK) directly for further instructions.
     43=== User administration ===
    5644The STS holds user accounts. These are configured in sts.war/WEB-INF/classes/users.properties, and require entries of the following type:
    5745{{{
     
    8371The WAR file contains 3 files which need configuring to run correctly on the target deployment platform. Each field requiring a deployment specific value has been identified with the string "REPLACE:". Other fields have been set to typical defaults which should satisfy most deployments. These can however be modified for advanced tuning of the AAA service. For more information contact TRT (UK).
    8472The WAR file is an archive containing object code, presentation templates and configuration files. The downloaded WAR file should therefore be opened (e.g. using [http://www.7-zip.org/ 7-zip]) to edit the following configuration files:
    85 * aaa.war/META-INF/maven/com.thalesresearch.sensei/sensei-sts-service/pom.xml
    86 Configuration fields:
    87 ||= '''Field''' =||= '''Expected content''' =||
    88 ||aaaservice.uri||URL of AAA. This will be the Tomcat server URL route suffixed with /AAA||
    89 ||sts.uri||URL of the trusted STS||
    90 ||sts.requestUri||URL of the trusted STS's request interface. By default, sts.uri/'''???'''||
    91 ||sts.metadata.file||File path to the trusted STS metadata. This metadata file is available from the STS provider (file name hostedStsMetadata.xml found in sts.war/WEB-INF/classes/trustedEntities/)||
    92 ||keystore.file||File path of keystore, as an absolute path||
    93 ||keystore.password||Keystore password, defined during the keystore deployement||
    94 ||key.alias||Key alias, defined during the keystore deployement||
    95 ||key.password||Key password, defined during the keystore deployement||
    9673* aaa.war/WEB-INF/classes/trustedEntities/AaaMetadata.xml
    9774Configuration fields: