Changes between Version 6 and Version 7 of RepAaa
- Timestamp:
- Oct 12, 2010, 5:26:27 PM (14 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
RepAaa
v6 v7 49 49 * rule "name", which can be anything 50 50 * @field ("content"), these are rule metadata used for logging. 51 * when<CR>a: AuthorisationRequest(condition) : the condition to be evaluated, which in these cases is the REP URL being access controlled and the role of the requester51 * when<CR>a: !AuthorisationRequest(condition) : the condition to be evaluated, which in these cases is the REP URL being access controlled and the role of the requester 52 52 * then: whether access should be granted or not. 53 53 54 The roles which are evaluated in these rules are the roles contained in the tokens issued by the [wiki:Aaa |STS].54 The roles which are evaluated in these rules are the roles contained in the tokens issued by the [wiki:Aaa STS]. 55 55 === Registering the policy === 56 56 There may be multiple AAA services running in the domain, and the resource provider must choose which to use (in a real life deployment they may differ in terms of SLAs, or service cost etc). 57 The AAA service implementation is provided as a WAR file deployed in a servelet container (see [wiki:Aaa |here]), and the policy files should be placed in the "/WEB-INF/classes/authorisation-policies" folder of the WAR file, and the AAA service restarted.58 Adding, modifying or removing policies is done by changing the content of the "WEB-INF/classes/authorisation-policies"folder.57 The AAA service implementation is provided as a WAR file deployed in a servelet container (see [wiki:Aaa here]), and the policy files should be placed in the "/WEB-INF/classes/authorisation-policies" folder of the WAR file, and the AAA service restarted. 58 Adding, modifying or removing policies is done by changing the content of the aaa.war/WEB-INF/classes/authorisation-policies folder. 59 59 === Configuring the Access Controlled REP === 60 60 The access controlled REP is provided as a WAR file, to be deployed in a servelet container such as Apache Tomcat. The REP must be configured in the messages.properties file located in /WEB-INF/classes directory of the WAR file.