Methods to Connect
- If you are a Servlet in a Container, use CADI Framework with AAF Plugin. It’s very easy, and includes BasicAuth for Services.
- Java Technologies
- Technologies using Servlet Filters
- DME2 (and other Servlet Containers) can use Servlet Filters
- Any WebApp can plug in CADI as a Servlet Filter
- Jetty can attach a Servlet Filter with Code, or as WebApp
- Tomcat 7 has a “Valve” plugin, which is similar and supported
- Use the AAFLur Code directly (shown)
- All Java Technologies utilize Configuration to set what Security elements are required
- example: Global Login can be turned on/off, AAF Client needs information to connect to AAF Service
- There are several specialty cases, which AAF can work with, including embedding all properties in a Web.xml, but the essentials needed are:
- CADI Jars
- cadi.properties file (configured the same for all technologies)
- Encrypt passwords with included CADI technology, so that there are no Clear Text Passwords in Config Files (ASPR)
- See CADI Deployment on how to perform this with several different technologies.
- AAF Restfully (see RESTFul APIS)
IMPORTANT: If Direct RESTFul API is used, then it is the Client’s responsibility to Cache and avoid making an AAF Service Calls too often Example: A Tool like Cassandra will ask for Authentication hundreds of times a second for the same identity during a transaction. Calling the AAF Service for each would be slow for the client, and wasteful of Network and AAF Service Capacities. Rogue Clients can and will be denied access to AAF.