Common Identity Documentation
From Bandit-project.org
Contents |
Securing the Common Identity
Common Identity developers, consumers, and depoyers all need to understand their responsibility to prevent security vulnerabilities.
Consuming the Common Identity
See the Common Identity javadoc for API documentation.
See the Common Identity Sample Code for programmatic usage examples.
Configuring the Common Identity
Almost everything in the Common Identity is driven from configuration.
Realm Configuration
The Bandit Common Identity uses an XML file to specify Realm Configuration. Realm is the term used in bandit to specify an identity repository or portions thereof from which the user of the Common Identity wishes to consume identity information. This configuration may be in a file for testing purposes but ideally would be passed as a DOM document.
The realm configuration file contains connector specific information, schema definitions, and policy definitions. Bandit currently supports only XACML 2.0 style policy expressions. The governing XML schema and detailed realm configuration examples are available on the Realm Configuration page.
Policy Expresions
Using XACML like expressions, and Bandit specific extensions the Common Identity may be flexibly configured.
