Projets
Pages enfant
  • The ESUP authentication layer

Comparaison des versions

Ancienne version 7

changes.mady.by.user Raymond Bourges

Sauvegardée le

comparé à

Nouvelle version 8

changes.mady.by.user Raymond Bourges

Sauvegardée le

Légende

  • Ces lignes ont été ajoutées. Ce mot a été ajouté.
  • Ces lignes ont été supprimées. Ce mot a été supprimé.
  • La mise en forme a été modifiée.

...

The selection of a filter is performed by the router, depending on the agent (i.e. the type of the client: browser, application...), its localization (IP address), the target (virtual) server name and the configuration set by the administrators of the server.

!filters.png!h1.

Configuration

The router

This is probably the hardest think to configure. The configuration is defined in the web.xml file of the application. The different parameters values of the web.xml are defined in the build.properties.

...

Let's have a look on each criterion in more details.

Balise Wiki
allowClientIP\[FilterName\] : if empty then         there is no restriction else only requests with one of the given         client IP adresses will be forwarded to the filter \[FilterName\].

Bloc de code
<!-- TRUSTED -->
 <init-param>
   <param-name>org.esupportail.filter.authenticationRouter.allowClientIPTRUSTED</param-name>
   <param-value>129.20.129.12 129.20.129.13</param-value>
  </init-param>

Balise Wiki
useSecureRequest\[FilterName\] : if         true then only HTTPS requests will be forwarded         to the filter \[FilterName\].
\\

Bloc de code
<init-param>
   <param-name>org.esupportail.filter.authenticationRouter.useSecureRequestTRUSTED</param-name>
   <param-value>false</param-value>
  </init-param>

Balise Wiki
agent\[FilterName\] : if empty then there is no         restriction else only request with one of the given client agents will         be forwarded to the filter \[FilterName\]. The agent identifies the type         of the client - mozilla, DAVFS... - \*Regular


expressions are accepted*.
\\

Bloc de code
<init-param>
   <param-name>org.esupportail.filter.authenticationRouter.agentTRUSTED</param-name>
   <param-value>*mozilla*</param-value>
  </init-param>

Balise Wiki
httpRequestParameter\[FilterName
: if empty then there is no restriction else only request with the given parameters will be forwarded to the given filter (here TRUSTED). *Regular expressions are
accepted*. 
\] : if empty         then there is no restriction else only request with the given         parameters will be forwarded to the given filter (here TRUSTED).         \*Regular expressions are
accepted*.
\\
\\

Bloc de code
<init-param>
   <param-name>org.esupportail.filter.authenticationRouter.httpRequestParameterTRUSTED</param-name>
   <param-value>auth=trusted authentication=trusted mode*=*secure*</param-value>
  </init-param>
init-param>

Balise Wiki
destinationHost\[FilterName_] : if empty then         there is no restriction else only request with the given destination         hosts will be forwarded to the given filter (here TRUSTED). \*Regular expressions are


accepted*.
\\

Bloc de code
<init-param>
   <param-name>org.esupportail.filter.authenticationRouter.destinationHostTRUSTED</param-name>
   <param-value>webdav-restricted.univ-rennes1.fr webdav-restricted2.univ-rennes1.fr *.univ-valenciennes.fr</param-value>
  </init-param>

...