Globus Toolkit 3.9.2 Development Release Notes: WS Authentication & Authorization
This component contains libraries supporting authentication and authorization for GT WS components. This includes functionality such as X.509 based authentication and message protection, GSI SecureConversation based authentication and message protection and an authorization framework including various authorization mechanisms.
Note: The following WS Authentication & Authorization features are not included in this release; they are planned for the full-featured release in October:
- Community Authorization Service (CAS)
- Generic per-method authorization framework (including support for XACML)
- A new delegation service that decouples delegation from GSI-SecureConversation
What's New
Features
The security library features in this release are:
- Message level security.
- Resource-based and service-based security.
Each resource/service can have its own security properties like credentials, gridmap file, etc.
- Declarative security
The security behavior of a service can be specified in a security deployment descriptor. Note that this is not always the case for client, including service acting as client, security properties.
- Programmatic security
Security APIs are provided to service developers for fine grained security control.
- JAAS integration.
Permits services to be independent from underlying authentication technologies.
Documentaion
Detailed documentation can be found here.