This project has retired. For details please refer to its
Attic page.
Introduction
- Security in Clerezza is done at two level : platform Bundles and Graph read/write access.
- Security and permission are managed with JAAS
- Authentication can be done with one of this method :
- cookie
- http basic auth
- webID
- Clerezza Security code reside in plateform.security.* bundles
How it's work
Authentication
- AuthenticatingFilter : is the http endpoint
- call all registered AuthenticationMethod and WeightedAuthenticationMethod implementations
- call the authenticationService : that will use all registered authenticationChecker to validate the provided username and password.
- call each authenticationChecker : the first one that authenticate the user is ok.
- Implement WeightedAuthenticationMethod, allow you to add others authentication protocol to Clerezza (ex : oAuth, openId,...)
- Implement authenticationChecker, allow you to connect your specific authentication tool (LDAP, database,...)
Authorization
Resources