aboutsummaryrefslogtreecommitdiffstats
path: root/odl-aaa-moon/aaa-authn-api/src/main/docs/sssd_auth_sequence.wsd
diff options
context:
space:
mode:
authorDUVAL Thomas <thomas.duval@orange.com>2016-06-16 13:08:14 +0000
committerGerrit Code Review <gerrit@172.30.200.206>2016-06-16 13:08:14 +0000
commit2cadaf72d814b8f8c243855c65ba43d3b9a701cc (patch)
treefc90d4daefa5781b37216f3a48cb297a280b552b /odl-aaa-moon/aaa-authn-api/src/main/docs/sssd_auth_sequence.wsd
parenta1d073ea92351d1d21eabbced4e556e0a823366f (diff)
parent506a1fc1252268fa31ba89882ea55b7665579965 (diff)
Merge "Delete old files"
Diffstat (limited to 'odl-aaa-moon/aaa-authn-api/src/main/docs/sssd_auth_sequence.wsd')
-rw-r--r--odl-aaa-moon/aaa-authn-api/src/main/docs/sssd_auth_sequence.wsd23
1 files changed, 0 insertions, 23 deletions
diff --git a/odl-aaa-moon/aaa-authn-api/src/main/docs/sssd_auth_sequence.wsd b/odl-aaa-moon/aaa-authn-api/src/main/docs/sssd_auth_sequence.wsd
deleted file mode 100644
index f97ed1ee..00000000
--- a/odl-aaa-moon/aaa-authn-api/src/main/docs/sssd_auth_sequence.wsd
+++ /dev/null
@@ -1,23 +0,0 @@
-title Federated Authentication with SSSD
-
-# This walks through the federated authentication sequence where a claim from a
-# third-party IdP system is posted to the ODL token endpoint in exchange for an
-# access token. The claim information is assumed to be in format specific to the
-# third-party IdP system and assumed to be captured via either Apache environment
-# variables (Servlet attributes) or HTTP headers.
-
-Client -> Apache WebServer: authenticate
-note right of Client
-credentials
-end note
-Apache WebServer -> SSSD: authenticate
-SSSD -> LDAP/AD : authenticate
-SSSD -> Apache WebServer: claim
-Apache WebServer -> ServletContainer: CGI variables
-ServletContainer -> SSSD Plugin: Servlet attributes/headers
-SSSD Plugin -> SSSD Plugin : transformClaim
-SSSD Plugin -> TokenEndPoint : claim
-TokenEndPoint -> TokenEndPoint : createToken
-TokenEndPoint -> Client : refresh token, list of authorized domains
-Client -> TokenEndPoint : refresh token, domain
-TokenEndPoint -> Client : access token