Navigation:
Documentation
Archive
Page Tree:
This wiki space contains archival documentation of Project Bamboo, April 2008 - March 2013.
Bamboo's centrally-hosted services include an IAM (Identity and Access Management) suite, Collection Interoperability Hub, and proxy services to remotely-hosted tools for scholarship. This set of services runs on FUSE ESB, an enterprise distribution of Apache's open-source ServiceMix (acquired in 2012 by RedHat). A number of additional, open-source technologies are required to support these services, including Apache Web Server (httpd), and Grouper.
Information on the centrally-hosted services' architectural overview; a service developer "workbench" environment in which to extend or develop services; sys admin documentation for deployment of additional technologies in support of services; and the services' API are organized in this section of the Bamboo documentation, as follows:
Technology Component(s) | Documentation Link(s) | Notes |
---|---|---|
Developer toolkit | Developer Workbench Environment for BSP Service Developers | Java, Maven, Eclipse and IDE plugins, required filesystem directories, required environment variables |
FUSE ESB | Developer Workbench Environment for BSP Service Developers | Core element of Bamboo Services Platform (BSP, the deployment container for centrally-hosted services whose APIs are linked from Service APIs - Centrally-Hosted Bamboo Services) |
PostgreSQL database | Developer Workbench Environment for BSP Service Developers | Relational database providing persistence for BSP-deployed services |
Core BSP-deployed services | Developer Workbench Environment for BSP Service Developers | Core services, including those that support IAM |
Apache Web Server (httpd) | Configure Apache Web Server for Client Auth | httpd supports client auth (authenticating trusted client applications), as well as proxy-forwarding over AJP of BSP services |
Grouper | Grouper Install - Configure - Populate | Grouper provides persistence for the "Application Catalog" (known/trusted client applications in the Bamboo Trust Federation); as well as for user-created and -managed groups |
Application Catalog data | Maintaining Application Catalog Data for Trusted Clients | For an application to be trusted (a key element of gaining permission to invoke services protected by policies that restrict access), Application Catalog data must be maintained. |
Trust Federation metadata | Maintaining SAML Metadata that establishes a Trust Federation | Identity providers and service providers trusted within the Bamboo Trust Federation must be identified with SAML metadata. |
Social/SAML Gateway | Social/SAML Gateway to enable social media identity provision | A Social/SAML gateway must be a part of the Authentication 'machinery' if social media Identity Providers (e.g., Google) are to be used for user logins. |
Clients |
| When policies in effect restrict access to anonymous users or anonymous applications, only "Trusted Applications" can succeed in invoking the affected services. Only "Trusted Applications" can assert the identity of a user to BSP-deployed services (anonymous client apps imply anonymous users).
|