Project

General

Profile

Revision 881

Added by berkley almost 19 years ago

updated documentation. removed a lot of typos and updated all of the new stuff for the new release

View differences:

acontrol.html
29 29
  </table>
30 30
  <p><b>Authentication</b></p>
31 31
    <p>Metacat has a public interface for porting authentication 
32
      schemes to Metacat.  Currently LDAP scheme is implemented. 
32
      schemes to Metacat.  Currently an LDAP scheme is implemented. 
33 33
      LDAP stands for Lightweight Directory Access Protocol. 
34
      It is optimized database for fast retrival of stored data:
34
      It is an optimized database for fast retrival of stored data:
35 35
      It is used by Metacat to store its users and their information. 
36 36
      The users can be organized in one or more groups.
37 37
    </p>
38 38
    <P> <img src="auth.gif"> 
39 39
    <P> <b>Access control in Metacat. </b></p>
40 40
    <ul>
41
      <li> Metacat users stored in the LDAP directory database are authenticated to use Metacat services and resources.</li>
41
      <li> Metacat users stored in the LDAP directory database are authenticated
42
      to use Metacat services and resources.</li>
42 43
      <li> A persistant session is assigned to an authenticated user.</li>
43
      <li> Metacat also allows document level access control via Access Control Lists (ACLs).</li>
44
      <li> Metacat also allows document level access control via Access Control 
45
      Lists (ACLs).</li>
44 46
    </ul>
45 47
  <!--<img src="acontrol.gif">-->
46 48
  <b>ACLs</b>
47
  <p>Metacat allows a user to set permissions for users or groups on individual documents by using
48
  a special XML file called an Access file.  The <a href="./packages.html">Package</a> file
49
  <p>Metacat allows a user to set permissions for users or groups on individual 
50
  documents by using
51
  a special XML file called an Access file.  
52
  The <a href="./packages.html">Package</a> file
49 53
  specifies which documents the Access file refers to. 
50
  These are the same documents the permissions are assigned for.
51 54
  A sample Access file looks like the following:</p>
52 55
  <pre>
53 56
    &lt;?xml version="1.0"?&gt;
......
102 105
     itself as stored in Metacat.
103 106
  </p>
104 107
  <p>Next are the permissions themselves.  An allow tag gives permissions to 
105
  the specified user(s) (&lt;principal&gt;) and a deny tag take the permissions
108
  the specified user(s) (&lt;principal&gt;) and a deny tag takes the permissions
106 109
  away from the user(s).  A principal should be a registered user or group.
107 110
  A timed duration can be set on the permission after
108 111
  which the user(s) will no longer have the specified permission.  A ticket count
......
113 116
    
114 117
  <br>
115 118
  <a href="./xmlindex.html">Back</a> | <a href="./metacattour.html">Home</a> | 
116
  <a href="./metacatout.html">Next</a>
119
  <a href="./ldap.html">Next</a>
117 120
</BODY>
118 121
</HTML>
119 122

  

Also available in: Unified diff