home organisation service and expertise AuthFW
Home
Organisation
Services
AuthFW
Gearjunkies
Links
Search
Downloads
Elements

AuthFW is built with a minimum of 4 different elements, each with its own specific function within the infrastructure. They are:

  • Webservice adapter
  • RegistrationService
  • AuthenticationService
  • Backend

Because of the modular design of the framework as a whole, more elements will be designed to provide centralized framework services to WebServices and its clients.

WebService adapters

The infrastructure that manages the users' identities integrates into new or existing applications using the WebService adapters. These adapters take care of secure communication with the other elements of the framework, provide login and logout functions, user profile attribute exchange during new user registrations, but they also have a built in session mechanism and authorization functionality.

The WebService adapters are designed to integrate easily with existing applications. Only minor adjustments are required to integrate AuthFW nicely into applications like phpBB or your own applications. Different WebService adapters are developped by Cozmanova and provided as is, including sourcecode and documentation. The sourcecode is free to use and adjust for your own use. Please visit the downloads section to obtain the latest versions of the WebService adapters.

RegistrationService

Another specific function of the framework is a place where users can maintain their account or sign up for a new account, the virtual helpdesk. The RegistrationService can provide domain specific information like contact information, or a list of available WebServices that a user has access to. Forgotten passwords or newly issued tokens can be initialized at the RegistrationService.

The RegistrationService is also the place that the WebService adapter connects to when user profile information is exchanged during NewUser registrations at WebServices in the domain.

AuthenticationService

The place where users are logged in and out is the AuthenticationService. This application is designed with the flexibility of offering different authentication mechanisms. Since the AuthenticationService is the only application where users are logging in and out of the domain, its design can be used to make a user recognize the domain service by creating a style that matches the RegistrationService as well as the domain style.

The protocol that the WebService connectors and the AuthenticationService use, takes care of redundant AuthenticationServices. This means that if, for whatever reason, one AuthenticationService is not available, there can always be another AuthenticationService available for dealing with user's login and logout requests.

Backend

The user signs up for exactly one account, which is stored in a centralized database that is known as the Backend. The Backend provides an API to the AuthenticationService and the RegistrationService only, and as a separate application it can be securely deployed behind firewalls that regulate access to this sensitive information.

Communication between the AuthenticationService (and RegistrationService) and the Backend is performed through XMLRPC messaging, with a proprietary protocol using RSA to secure all sensitive data. The protocol also provides a mechanism to support multiple, replicated Backend servers within the domain. This guarantees a maximum uptime and availability of the user's accounts.

More information

More information will become available soon.

This Category is currently empty

[ Back ]

login:

domain:

 

©2005 Cozmanova