diff --git a/Architecture.md b/Architecture.md index 77b6ab4..dea5a5d 100644 --- a/Architecture.md +++ b/Architecture.md @@ -8,18 +8,28 @@ We are using JPA with Eclipselink and external MySQL databases for token, client ## Modules -The project uses a multi-level Maven and git repository sutrcture. The main project is split into the following modules: +The project uses a multi-level Maven and git repository structure. The main project is split into the following modules: * openid-connect-common: common classes, service and repository interfaces, and JPA-annotated model code. The JWT library is currently included here, but will eventually be moved out as a separate, external library. * openid-connect-server: IdP/server implementation, includes implementations of services and repositories for use by server. * openid-connect-client: RP/client implementation, built around spring security filters. * spring-security-oauth: Git submodule that points to the Spring Security OAuth Git repository. Will be removed once a reliable milestone is reached upstream (see note above). +## Authorization + +//using SECOAUTH auth endpoint,with custom UserApprovalHandler, etc + +## Tokens + +//using SECOAUTH token endpoint, with custom token services and token enhancer, etc + ## User Management UserDetailsService - used by Spring Security's AuthenticationProvider to represent the current user (loads a user from a given user id) AuthenticationUserDetailsService - Used by Spring Security to load a user from an authentication token UserInfoRepository - repository of user information that is fed into the UserInfoEndpoint's service +//Which of these have we implemented and which are straight SECOAUTH? + ## Token Management AuthorizationServerTokenServices - provide tokens for the authorization server @@ -28,6 +38,8 @@ The project uses a multi-level Maven and git repository sutrcture. The main proj ## Maven War Overlay +//TODO: Steve needs to write this + One of the best ways to build a custom deployment of this system is to use the Maven War Overlay mechanism. In essence, you make a new Maven project with a "war" disposition and make it depend on the openid-connect-server module with the Maven Overlay plugin configured. Any files in your new project will be built and injected into the war from the other project. This action will also overwrite any existing files. For instance, to overwrite the data source configuration in the main server war file, create a file named src/main/webapp/WEB-INF/data-context.xml that contains the dataSource bean. This file will completely replace the one that's in the originally built war.