[jboss-cvs] JBossAS SVN: r76113 - projects/security/security-negotiation/trunk/docs/userguide/en/modules.

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Tue Jul 22 18:54:05 EDT 2008 

Author: darran.lofthouse at jboss.com
Date: 2008-07-22 18:54:04 -0400 (Tue, 22 Jul 2008)
New Revision: 76113

Modified:
   projects/security/security-negotiation/trunk/docs/userguide/en/modules/introduction.xml
Log:
Format

Modified: projects/security/security-negotiation/trunk/docs/userguide/en/modules/introduction.xml
===================================================================
--- projects/security/security-negotiation/trunk/docs/userguide/en/modules/introduction.xml	2008-07-22 21:52:04 UTC (rev 76112)
+++ projects/security/security-negotiation/trunk/docs/userguide/en/modules/introduction.xml	2008-07-22 22:54:04 UTC (rev 76113)
@@ -4,33 +4,49 @@
 <chapter id="introduction">
   <title>Introduction to JBoss Negotiation</title>
 
-  <para>The JBoss Negotiation project provides a set of components to bring
-  '<emphasis role="bold">S</emphasis>imple and <emphasis
-  role="bold">P</emphasis>rotected GSSAPI <emphasis
-  role="bold">Nego</emphasis>tiation Mechanism' or SPNEGO to JBoss.</para>
+  <para>
+    The JBoss Negotiation project provides a set of components to bring
+    '
+    <emphasis role="bold">S</emphasis>
+    imple and
+    <emphasis role="bold">P</emphasis>
+    rotected GSSAPI
+    <emphasis role="bold">Nego</emphasis>
+    tiation Mechanism' or SPNEGO to JBoss.
+  </para>
 
-  <para>SPNEGO authentication allows a user already authenticated to a
-  <emphasis role="bold">K</emphasis>erberos <emphasis
-  role="bold">D</emphasis>omain <emphasis role="bold">C</emphasis>ontroller /
-  KDC to silently authenticate to remote services without being prompted for
-  further usernames and passwords. In addition to this the users credentials
-  can be delegate to the remote system allowing the remote system to contact
-  further systems as the user.</para>
+  <para>
+    SPNEGO authentication allows a user already authenticated to a
+    <emphasis role="bold">K</emphasis>
+    erberos
+    <emphasis role="bold">D</emphasis>
+    omain
+    <emphasis role="bold">C</emphasis>
+    ontroller / KDC to silently authenticate to remote services without
+    being prompted for further usernames and passwords. In addition to
+    this the users credentials can be delegate to the remote system
+    allowing the remote system to contact further systems as the user.
+  </para>
 
-  <para>Many web browsers provide support for SPNEGO authentication, this
-  document focuses on <trademark>Microsoft Internet Explorer</trademark> and
-  Mozilla Firefox. There are also a number of kerberos domain controllers
-  available, this documentation focusses on <trademark>Microsoft Active
-  Directory</trademark> and the MIT KDC implementation. Contributions for
-  documentation on other web browsers and KDCs would be welcome.</para>
+  <para>
+    Many web browsers provide support for SPNEGO authentication, this
+    document focuses on
+    <trademark>Microsoft Internet Explorer</trademark>
+    and Mozilla Firefox. There are also a number of kerberos domain
+    controllers available, this documentation focusses on
+    <trademark>Microsoft Active Directory</trademark>
+    and the MIT KDC implementation. Contributions for documentation on
+    other web browsers and KDCs would be welcome.
+  </para>
 
   <para></para>
 
   <sect1>
     <title>Components</title>
 
-    <para>The JBoss Negotiation project provides the following components:
-    -</para>
+    <para>
+      The JBoss Negotiation project provides the following components: -
+    </para>
 
     <para></para>
 
@@ -38,18 +54,23 @@
       <listitem>
         <para>SPNEGO Authenticator and Login Module</para>
 
-        <para>The authentication process is handled by a Tomcat Authenticator
-        that and a JAAS login module, this combination achieves the
-        integration with JBoss security.</para>
+        <para>
+          The authentication process is handled by a Tomcat
+          Authenticator that and a JAAS login module, this combination
+          achieves the integration with JBoss security.
+        </para>
       </listitem>
 
       <listitem>
         <para>Negotiation Toolkit</para>
 
-        <para>This is a couple of utilities and a web application that can be
-        used to test various aspects of your negotiation configuration to
-        enable you to verify that the required steps are working correctly and
-        to debug where failures may be occuring.</para>
+        <para>
+          This is a couple of utilities and a web application that can
+          be used to test various aspects of your negotiation
+          configuration to enable you to verify that the required steps
+          are working correctly and to debug where failures may be
+          occuring.
+        </para>
       </listitem>
     </itemizedlist>
   </sect1>
@@ -57,46 +78,62 @@
   <sect1>
     <title>General Authentication Process</title>
 
-    <para>When working with the JBoss login modules and the existing
-    authentication mechanisms work by asking the user to authenticate
-    themseves by the client sending thier credentials to the server and then
-    the login module verifying the credentials against either a local store of
-    credentials or against a store on a remote repository such as a database
-    server or a LDAP server.</para>
+    <para>
+      When working with the JBoss login modules and the existing
+      authentication mechanisms work by asking the user to authenticate
+      themseves by the client sending thier credentials to the server
+      and then the login module verifying the credentials against either
+      a local store of credentials or against a store on a remote
+      repository such as a database server or a LDAP server.
+    </para>
 
-    <para>The SPNEGO authentication mechansim is slightly different.</para>
+    <para>
+      The SPNEGO authentication mechansim is slightly different.
+    </para>
 
     <para></para>
 
     <itemizedlist>
       <listitem>
-        <para><emphasis role="bold">Server Authentication</emphasis> - First
-        the application server itself authenticates against the KDC and
-        obtains it's own ticket.</para>
+        <para>
+          <emphasis role="bold">Server Authentication</emphasis>
+          - First the application server itself authenticates against
+          the KDC and obtains it's own ticket.
+        </para>
       </listitem>
 
       <listitem>
-        <para><emphasis role="bold">Client Authentication</emphasis> - After
-        the server prompt the client to authenticate the client responds with
-        a SPNEGO token, the server then makes use of it's own ticket to decode
-        the clients ticked and respond to the client.</para>
+        <para>
+          <emphasis role="bold">Client Authentication</emphasis>
+          - After the server prompt the client to authenticate the
+          client responds with a SPNEGO token, the server then makes use
+          of it's own ticket to decode the clients ticked and respond to
+          the client.
+        </para>
 
-        <para>This process can take a couple of round trips for the client to
-        authenticate against the server.</para>
+        <para>
+          This process can take a couple of round trips for the client
+          to authenticate against the server.
+        </para>
       </listitem>
 
       <listitem>
-        <para><emphasis role="bold">Mututal Authentication</emphasis> - If
-        this is required it is even possible for the client to request that
-        the server authenticates itself against the client.</para>
+        <para>
+          <emphasis role="bold">Mututal Authentication</emphasis>
+          - If this is required it is even possible for the client to
+          request that the server authenticates itself against the
+          client.
+        </para>
       </listitem>
 
       <listitem>
-        <para><emphasis role="bold">Credential Delegation</emphasis> - A
-        client can also be configured so that the credentials used for
-        authentication can be delegated to the server, this means that the
-        application server can then go on and call other systems on behalf of
-        the calling client.</para>
+        <para>
+          <emphasis role="bold">Credential Delegation</emphasis>
+          - A client can also be configured so that the credentials used
+          for authentication can be delegated to the server, this means
+          that the application server can then go on and call other
+          systems on behalf of the calling client.
+        </para>
       </listitem>
     </itemizedlist>
 
@@ -106,11 +143,17 @@
   <sect1>
     <title>Pre-requisits</title>
 
-    <para>The installation of this module requires the externalised
-    authenticator capability of JBoss which was added from JBoss 4.0.5.GA,
-    these instructions have been prepared against JBoss 4.2.2.GA.</para>
+    <para>
+      The installation of this module requires the externalised
+      authenticator capability of JBoss which was added from JBoss
+      4.0.5.GA, these instructions have been prepared against JBoss
+      4.2.2.GA.
+    </para>
 
-    <para><link
-    linkend="???">http://wiki.jboss.org/wiki/ExternalizeTomcatAuthenticators</link></para>
+    <para>
+      <link linkend="???">
+        http://wiki.jboss.org/wiki/ExternalizeTomcatAuthenticators
+      </link>
+    </para>
   </sect1>
 </chapter>
\ No newline at end of file

More information about the jboss-cvs-commits mailing list