...
Overview
Excerpt |
---|
The Fedora 4 Authentication (AuthN) and Authorization (AuthZ) framework is designed to be flexible and extensible, to allow any organization to configure access to suit its needs. |
The following sections explain the Fedora 4 AuthN/Z framework, and provide instructions for configuring some out-of-the-box access controls.
...
- Authentication answers the question "who is the person, and how do I verify that they are who they say they are?" Fedora 4 relies on the web servlet container to answer this question.
- Authorization answers the question, "does this person have permission to do what they want to do?". Fedora 4 provides two different ways to answer this question:
- Bypass authorization: Anyone who has authenticated through the web application container (Tomcat, Jetty, WebSphere, etc.) has permission to do everything – in effect all, authenticated users are superusers.
- WebAC authorization: Authenticated users' access to resources is mediated by WebAC Access Control Lists stored in the repository.
Servlet Container Authentication Configuration
Include Page | ||||
---|---|---|---|---|
|
Bypass Authorization
Include Page | ||||
---|---|---|---|---|
|
...