14 | | === Defining an access policy === |
| 13 | |
| 14 | == Deployment of a AAA enabled REP == |
| 15 | A deployable AAA enabled REP is provided for testing purposes. This REP is designed to exercise the AAA functions, but does not implement plug and play capability for resources. The REP comes with an integrated synthetic sensor producing random values, as a proof of concept rather than an operational component. AAA functionality should be added to operational REPs, based on the specification provided [here]. This is a developer concern, and is therefore not described further here. |
| 16 | === Getting the software components === |
| 17 | * Apache Tomcat servlet container or equivalent |
| 18 | Instructions for setting up Apache Tomcat can be found [http://tomcat.apache.org/tomcat-6.0-doc/setup.html here]. |
| 19 | * STS WAR file |
| 20 | The STS WAR file can be downloaded from here: [wiki:trt-war AAA downloads page]. |
| 21 | The WAR files should be first configured for the deployment setup (see below) and then deployed in the servlet container. For Tomcat, instructions are provided [http://tomcat.apache.org/tomcat-6.0-doc/deployer-howto.html here] (see in particular the "Deployment on Tomcat startup" section). |
| 22 | === Configuration === |
| 23 | The WAR file contains one file which need configuring to run correctly on the target deployment platform. Each field requiring a deployment specific value has been identified with the string "REPLACE:". Other fields have been set to typical defaults which should satisfy most deployments. These can however be modified for advanced tuning of the AAA service. For more information contact TRT (UK). |
| 24 | The WAR file is an archive containing object code, presentation templates and configuration files. The downloaded WAR file should therefore be opened (e.g. using [http://www.7-zip.org/ 7-zip]) to edit the following configuration file: |
| 25 | * rep.war/WEB-INF/classes/messages.properties |
| 26 | ||= '''Field''' =||= '''Expected content''' =|| |
| 27 | ||rep.id||The identifier of the REP, which should be the URL of this REP|| |
| 28 | ||aaaservice.uri||The URL of the AAA Service which will provide access control decisions|| |
| 29 | ||resDir.uri||The URL of the SENSEI resource directory|| |
| 30 | |
| 31 | == Setting access policies == |
| 32 | === Writing policies === |
59 | | === Configuring the Access Controlled REP === |
60 | | The access controlled REP is provided as a WAR file, to be deployed in a servelet container such as Apache Tomcat. The REP must be configured in the messages.properties file located in /WEB-INF/classes directory of the WAR file. |
61 | | ||= Property =||= Description =|| |
62 | | ||rep.id||The identifier of the REP, which should be the URI|| |
63 | | ||aaaservice.uri||The URI of the AAA Service|| |
64 | | ||aaaservice.request.uri||The URI of the Request interface of the AAA Service|| |
65 | | ||resDir.uri||The URI of the resource directory|| |