PERMIS Project Web Site

PERMIS Contents


Essentials Integration Projects Documents Developers Get Involved

Protecting Web Applications: webapp-pep

Pre-release version 0.2.0

This package contains an authorisation filter for a servlet container. This authorisation filter should be configured to make a call out to an authorisation server. The authorisation server provided by the standalone package is known to work well.

The package requires the ZXID native library to be present. You can download the latest version of the ZXID software here. Compiliation of the library is relatively straightforward. Note: Version 0.64 of the ZXID software definitely works. Version 0.69 and 0.70 seem to have issues.

You will also need an authentication (SSO) filter in order to use the authorisation filter. Again the ZXID package provides such a filter. Setting up these filters is described in the ZXID document DeployingZxidServlets.txt

  • Downloads
  • Documentation

  • Change Log
    • V 0.2.0 - Added the ResetBreakTheGlassServlet so that one can also reset the BTG state when not relying on automatic resetting.
    • V 0.1.2 - Resources folder with example policy, deployment descriptor and BTG interaction page added.
    • V 0.1.1 - Initial Public Release

    Last updated 20 July 2011