Merge pull request #25 from aasingh/master
chapter 1 heading level corrected
This commit is contained in:
commit
aa7ace4842
4 changed files with 30 additions and 21 deletions
|
@ -5,3 +5,5 @@ decide is which of the two you are going to use. If you want you can also choose
|
|||
|
||||
To secure clients and services you are also going to need an adapter or library for the protocol you've selected. {{book.project.name}} comes with its own
|
||||
adapters for selected platforms, but it is also possible to use generic OpenID Connect Resource Provider and SAML Service Provider libraries.
|
||||
|
||||
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
== Supported Platforms
|
||||
=== Supported Platforms
|
||||
|
||||
=== OpenID Connect
|
||||
==== OpenID Connect
|
||||
|
||||
==== Java
|
||||
===== Java
|
||||
* <<fake/../../oidc/java/jboss-adapter.adoc#_jboss_adapter,JBoss EAP>>
|
||||
{% if book.community %}
|
||||
* <<fake/../../oidc/java/jboss-adapter.adoc#_jboss_adapter,WildFly>>
|
||||
|
@ -18,48 +18,48 @@
|
|||
* <<fake/../../oidc/java/spring-boot-adapter.adoc#_spring_boot_adapter,Spring Boot>> (community)
|
||||
{% endif %}
|
||||
|
||||
==== JavaScript (client-side)
|
||||
===== JavaScript (client-side)
|
||||
* <<fake/../../oidc/javascript-adapter.adoc#_javascript_adapter,JavaScript>>
|
||||
|
||||
=== Apache Cordova
|
||||
===== Apache Cordova
|
||||
* <<fake/../../oidc/javascript-adapter.adoc#_javascript_adapter,JavaScript>>
|
||||
|
||||
{% if book.community %}
|
||||
==== Node.js
|
||||
===== Node.js
|
||||
* https://github.com/keycloak/keycloak-nodejs-connect[{{book.project.name}} Connect] (community)
|
||||
* https://github.com/keycloak/keycloak-nodejs-connect[{{book.project.name}} Auth Utils] (community)
|
||||
{% endif %}
|
||||
|
||||
{% if book.community %}
|
||||
=== C#
|
||||
==== C#
|
||||
* https://github.com/dylanplecki/KeycloakOwinAuthentication[OWIN] (community)
|
||||
{% endif %}
|
||||
|
||||
{% if book.community %}
|
||||
=== Python
|
||||
==== Python
|
||||
* https://pypi.python.org/pypi/python-openid/[python-openid] (generic)
|
||||
{% endif %}
|
||||
|
||||
{% if book.community %}
|
||||
=== Android
|
||||
==== Android
|
||||
* https://github.com/openid/AppAuth-Android[AppAuth] (generic)
|
||||
* https://github.com/aerogear/aerogear-android-authz[AeroGear] (generic)
|
||||
{% endif %}
|
||||
|
||||
{% if book.community %}
|
||||
=== iOS
|
||||
==== iOS
|
||||
* https://github.com/openid/AppAuth-iOS[AppAuth] (generic)
|
||||
* https://github.com/aerogear/aerogear-ios-oauth2[AeroGear] (generic)
|
||||
{% endif %}
|
||||
|
||||
{% if book.community %}
|
||||
==== Apache HTTP Server
|
||||
===== Apache HTTP Server
|
||||
* https://github.com/pingidentity/mod_auth_openidc[mod_auth_openidc]
|
||||
{% endif %}
|
||||
|
||||
=== SAML
|
||||
==== SAML
|
||||
|
||||
==== Java
|
||||
===== Java
|
||||
|
||||
* <<fake/../../saml/java/jboss-adapter.adoc#_jboss_adapter,JBoss EAP>>
|
||||
{% if book.community %}
|
||||
|
@ -71,3 +71,5 @@
|
|||
==== Apache HTTP Server
|
||||
|
||||
* https://github.com/UNINETT/mod_auth_mellon[mod_auth_mellon]
|
||||
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
[[_supported_protocols]]
|
||||
== Supported Protocols
|
||||
=== Supported Protocols
|
||||
|
||||
=== OpenID Connect
|
||||
==== OpenID Connect
|
||||
|
||||
link:http://openid.net/connect/[Open ID Connect] (OIDC) is an authentication protocol that is an extension of link:https://tools.ietf.org/html/rfc6749[OAuth 2.0].
|
||||
While OAuth 2.0 is only a framework for building authorization protocols and is mainly incomplete, OIDC is a full-fledged authentication and authorization
|
||||
|
@ -21,7 +21,7 @@ is digitally signed by the realm. The client can make REST invocations on remot
|
|||
extracts the _access token_, verifies the signature of the token, then decides based on access information within the token whether or not to process
|
||||
the request.
|
||||
|
||||
=== SAML 2.0
|
||||
==== SAML 2.0
|
||||
|
||||
link:http://saml.xml.org/saml-specifications[SAML 2.0] is a similar specification to OIDC but a lot older and more mature. It has its roots in SOAP and the plethora
|
||||
of WS-* specifications so it tends to be a bit more verbose than OIDC. SAML 2.0 is primarily an authentication protocol
|
||||
|
@ -38,7 +38,7 @@ is allowed to access on the application.
|
|||
The second type of use cases is that of a client that wants to gain access to remote services. In this case, the client asks {{book.project.name}}
|
||||
to obtain a SAML assertion it can use to invoke on other remote services on behalf of the user.
|
||||
|
||||
=== OpenID Connect vs. SAML
|
||||
==== OpenID Connect vs. SAML
|
||||
|
||||
Choosing between OpenID Connect and SAML is not just a matter of using a newer protocol (OIDC) instead of the older more mature protocol (SAML).
|
||||
|
||||
|
@ -52,3 +52,5 @@ they are easier to consume by JavaScript. You will also find several nice featur
|
|||
make implementing security in your web applications easier. For example, check out the iframe trick that the specification uses to easily determine if a user is still logged in or not.
|
||||
|
||||
SAML has its uses though. As you see the OIDC specifications evolve you see they implement more and more features that SAML has had for years. What we often see is that people pick SAML over OIDC because of the perception that it is more mature and also because they already have existing applications that are secured with it.
|
||||
|
||||
|
||||
|
|
|
@ -1,5 +1,8 @@
|
|||
== What are Client Adapters?
|
||||
=== What are Client Adapters?
|
||||
|
||||
{{book.project.name}} client adapters are libraries that makes it very easy to secure applications and services with {{book.project.name}}. We call them
|
||||
adapters rather than libraries as they provide a tight integration to the underlying platform and framework. This makes our adapters easy to use and they
|
||||
require less boilerplate code than what is typically required by a library.
|
||||
|
||||
|
||||
|
||||
|
|
Loading…
Reference in a new issue