odl/aaa clone

Change-Id: I2b72c16aa3245e02d985a2c6189aacee7caad36e Signed-off-by: WuKong <rebirthmonkey@gmail.com>
author: WuKong <rebirthmonkey@gmail.com> 2016-05-24 17:13:17 +0200
committer: WuKong <rebirthmonkey@gmail.com> 2016-05-24 17:13:17 +0200
commit: e63b03f3d7e4851e008e4bb4d184982c2c0bd229 (patch)
tree: 8364e8a9c56e214ac0fe248409d21f324b1e0f18 /odl-aaa-moon/aaa-authn-api/src/main/docs/credential_auth_sequence.wsd
parent: 3c1264562ec7949d008e2335b9eecc400436a70d (diff)
1 files changed, 18 insertions, 0 deletions
diff --git a/odl-aaa-moon/aaa-authn-api/src/main/docs/credential_auth_sequence.wsd b/odl-aaa-moon/aaa-authn-api/src/main/docs/credential_auth_sequence.wsd
new file mode 100644
index 00000000..383d4031
--- /dev/null
+++ b/odl-aaa-moon/aaa-authn-api/src/main/docs/credential_auth_sequence.wsd
@@ -0,0 +1,18 @@
+title Credential Authentication Sequence
+
+# This walks through the credential authentication use case where a credential 
+# (typically username/password) is used to authenticate directly with the ODL 
+# controller. 
+
+Client -> ServletContainer: request access token
+note right of Client
+(credentials, scope=domain)
+end note
+ServletContainer -> TokenEndpoint: credentials, domain
+TokenEndpoint -> CredentialAuth: authenticate(Credentials, domain)
+CredentialAuth -> TokenEndpoint: Claim
+note left of CredentialAuth
+(user/domain/roles)
+end note
+TokenEndpoint -> TokenEndpoint: createToken
+TokenEndpoint -> Client: access token
+\ No newline at end of file
author	WuKong <rebirthmonkey@gmail.com>	2016-05-24 17:13:17 +0200
committer	WuKong <rebirthmonkey@gmail.com>	2016-05-24 17:13:17 +0200
commit	e63b03f3d7e4851e008e4bb4d184982c2c0bd229 (patch)
tree	8364e8a9c56e214ac0fe248409d21f324b1e0f18 /odl-aaa-moon/aaa-authn-api/src/main/docs/credential_auth_sequence.wsd
parent	3c1264562ec7949d008e2335b9eecc400436a70d (diff)