diff --git a/assets/images/illus-basics.png b/assets/images/illus-basics.png new file mode 100644 index 0000000..283c5de Binary files /dev/null and b/assets/images/illus-basics.png differ diff --git a/assets/images/illus-loose-data.png b/assets/images/illus-loose-data.png new file mode 100644 index 0000000..6fcf0c6 Binary files /dev/null and b/assets/images/illus-loose-data.png differ diff --git a/assets/images/ldap-diagram.png b/assets/images/ldap-diagram.png new file mode 100644 index 0000000..8d031a8 Binary files /dev/null and b/assets/images/ldap-diagram.png differ diff --git a/assets/images/ldap-sso-diagram.png b/assets/images/ldap-sso-diagram.png new file mode 100644 index 0000000..9942018 Binary files /dev/null and b/assets/images/ldap-sso-diagram.png differ diff --git a/assets/images/scim-diagram-ressource.png b/assets/images/scim-diagram-ressource.png new file mode 100644 index 0000000..54ab063 Binary files /dev/null and b/assets/images/scim-diagram-ressource.png differ diff --git a/assets/images/scim-diagram.png b/assets/images/scim-diagram.png new file mode 100644 index 0000000..4db4e80 Binary files /dev/null and b/assets/images/scim-diagram.png differ diff --git a/assets/images/small/Vector (Stroke).png b/assets/images/small/Vector (Stroke).png new file mode 100644 index 0000000..f5f23e2 Binary files /dev/null and b/assets/images/small/Vector (Stroke).png differ diff --git a/assets/images/small/illus-basics.png b/assets/images/small/illus-basics.png new file mode 100644 index 0000000..f8898cb Binary files /dev/null and b/assets/images/small/illus-basics.png differ diff --git a/assets/images/small/ldap-diagram.png b/assets/images/small/ldap-diagram.png new file mode 100644 index 0000000..386f0ec Binary files /dev/null and b/assets/images/small/ldap-diagram.png differ diff --git a/assets/images/small/ldap-sso-diagram.png b/assets/images/small/ldap-sso-diagram.png new file mode 100644 index 0000000..ee848cc Binary files /dev/null and b/assets/images/small/ldap-sso-diagram.png differ diff --git a/assets/images/small/sso-diagram.png b/assets/images/small/sso-diagram.png new file mode 100644 index 0000000..6b2977b Binary files /dev/null and b/assets/images/small/sso-diagram.png differ diff --git a/assets/images/small/sso-scim-diagram.png b/assets/images/small/sso-scim-diagram.png new file mode 100644 index 0000000..16817a0 Binary files /dev/null and b/assets/images/small/sso-scim-diagram.png differ diff --git a/assets/images/sso-diagram.png b/assets/images/sso-diagram.png new file mode 100644 index 0000000..cdc434e Binary files /dev/null and b/assets/images/sso-diagram.png differ diff --git a/assets/images/sso-scim-diagram.png b/assets/images/sso-scim-diagram.png new file mode 100644 index 0000000..fc5eb70 Binary files /dev/null and b/assets/images/sso-scim-diagram.png differ diff --git a/config.yaml b/config.yaml index 4cb8ebc..1941204 100644 --- a/config.yaml +++ b/config.yaml @@ -3,8 +3,7 @@ languageName: English defaultContentLanguage: en title: 'Scim - Libre.sh' theme: Indiiie -author: - name: 'Indie Hosters' +author: 'Indie Hosters' markup: goldmark: extensions: diff --git a/content/overview/comparison.md b/content/overview/comparison.md index 37dac1f..e0f5a4d 100644 --- a/content/overview/comparison.md +++ b/content/overview/comparison.md @@ -6,42 +6,33 @@ weight : 4 --- ### Others management protocols {{< switch-box title="Ldap" >}} -With this LDAP approach **everything is centralized** (except authorization). +With this LDAP approach everything is centralized (except authorization). - +{{< imgproc "ldap-diagram.png" "LDAP diagram" "mr-t-1-5 mr-b-1-5">}} -**Everything speaks the LDAP protocol langage.** Identities are stored in an LDAP directory, which is provisioned via LDAP protocol. Authentication is done by the application that asks the user’s credentials and validates them against the directory via LDAP protocol. +Everything speaks the LDAP protocol langage. Identities are stored in an LDAP directory, which is provisioned via LDAP protocol. Authentication is done by the application that asks the user’s credentials and validates them against the directory via LDAP protocol. {{< /switch-box >}} {{< switch-box title="Ldap+SSO" >}} -This architecture **tackles the two main drawbacks of the only LDAP approach** : the missing single sign-on and the security vulnerability. **Authentication is delegated to other web protocols** (like OAuth, OIDC or SAML). This way, the user logs in only once to the identity provider. +This architecture tackles the two main drawbacks of the only LDAP approach : the missing single sign-on and the security vulnerability. Authentication is delegated to other web protocols (like OAuth, OIDC or SAML). This way, the user logs in only once to the identity provider. + +{{< imgproc "ldap-sso-diagram.png" "LDAP with SSO diagram" "mr-t-1-5 mr-b-1-5" >}} - {{< /switch-box >}} {{< switch-box title="SSO" >}} -On modern web infrastructure, LDAP started to be abandoned because **loose provisioning can also be done via SSO protocols.** +On modern web infrastructure, LDAP started to be abandoned because loose provisioning can also be done via SSO protocols. + +{{< imgproc "sso-diagram.png" "SSO only diagram" "mr-t-1-5 mr-b-1-5" >}} - {{< /switch-box >}} {{< switch-box title="SSO+SCIM" >}} -**SCIM solve the remaining problems** via a simple standard web api. This infrastructure is **event driven, a provisioning action on the IdP is quickly passed on all applications.** +SCIM solve the remaining problems via a simple standard web api. This infrastructure is event driven, a provisioning action on the IdP is quickly passed on all applications. + +{{< imgproc "sso-scim-diagram.png" "SSO with SCIM diagram" "mr-t-1-5 mr-b-1-5" >}} - {{< /switch-box >}} | | LDAP | LDAP & SSO | SSO | SSO & SCIM | diff --git a/content/overview/identity-management.md b/content/overview/identity-management.md index 5d22c10..d307b96 100644 --- a/content/overview/identity-management.md +++ b/content/overview/identity-management.md @@ -4,12 +4,7 @@ description : A **quick overview** of some different issues that exist when **di color : yellow weight : 1 --- - - - +{{< imgproc "illus-basics.png" "Illustation of the basics of identity magagment" >}} {{< grid >}} {{< card icon="user" >}} @@ -35,7 +30,7 @@ How to manage & transfer user’s identity ? Among all these identity management concepts, SCIM is a matter of provisioning ; it concerns how information linked to an identity is transferred between different apps. - +{{< imgproc "illus-loose-data.png" "illustration of losing data" "float-right w-60">}} ### SCIM environement Because SCIM tackle the question of provisioning, one of best the identity management environments where SCIM is relevant is an environment composed of many apps or services that are **not well integrated natively** and are used by many users. diff --git a/content/overview/scenario.md b/content/overview/scenario.md index 930c6fd..43ccff8 100644 --- a/content/overview/scenario.md +++ b/content/overview/scenario.md @@ -5,7 +5,7 @@ color : blue-2 weight : 3 --- - +{{< imgproc "scim-diagram.png" "Scim diagram" "float-right">}} ### SCIM Client and Server While SCIM is a protocol for provisioning and managing identity, there **isn’t really a concept of Identity Provider (IdP)** within its architecture. Instead, SCIM architecture consists (only) of **a Client which makes HTTP calls, and a Server, which receives them**. diff --git a/content/overview/scim.md b/content/overview/scim.md index 3fb422d..263ad35 100644 --- a/content/overview/scim.md +++ b/content/overview/scim.md @@ -4,7 +4,8 @@ description : SCIM, for System for Cross-domain Identity Management are specific color : blue-1 weight : 2 --- - + +{{< imgproc "scim-diagram-ressource.png" "Scim diagram" "float-right">}} ### Quick overview The **SCIM protocol** is an application-level protocol for **provisioning** and **managing identity** data specified through SCIM schemas. diff --git a/themes/Indiiie/layouts/shortcodes/imgproc.html b/themes/Indiiie/layouts/shortcodes/imgproc.html new file mode 100644 index 0000000..ab3c2b7 --- /dev/null +++ b/themes/Indiiie/layouts/shortcodes/imgproc.html @@ -0,0 +1,23 @@ +{{ $alt := .Get 1 | default "" }} +{{ $class := .Get 2 | default "" }} +{{ $imgpath := "images/" }} + +{{- with $mainPath := .Get 0 }} + + {{- with $i := resources.Get (printf "%s%s" $imgpath $mainPath) }} + {{ $resizedImage := $i.Process "resize 1920x" }} + + {{- else }} + {{- errorf "The %q shortcode was unable to find %q. See %s" $.Name . $.Position }} + {{- end }} +{{- else }} + {{- errorf "The %q shortcode requires a positional parameter (0) indicating the image path, relative to the current page. See %s" $.Name $.Position }} +{{- end }} \ No newline at end of file diff --git a/themes/Indiiie/layouts/shortcodes/switch-box.html b/themes/Indiiie/layouts/shortcodes/switch-box.html index 0b8f3a6..1e09366 100644 --- a/themes/Indiiie/layouts/shortcodes/switch-box.html +++ b/themes/Indiiie/layouts/shortcodes/switch-box.html @@ -1,3 +1,3 @@