Protecting Web Applications: webapp-pep
Pre-release version 0.2.0
This package contains an authorisation filter for a servlet container. This authorisation filter should be configured to make a call out to an authorisation server. The authorisation server provided by the standalone package is known to work well.
The package requires the ZXID native library to be present. You can download the latest version of the ZXID software here. Compiliation of the library is relatively straightforward. Note: Version 0.64 of the ZXID software definitely works. Version 0.69 and 0.70 seem to have issues.
You will also need an authentication (SSO) filter in order to use the authorisation filter. Again the ZXID package provides such a filter. Setting up these filters is described in the ZXID document DeployingZxidServlets.txt
Last updated 20 July 2011