From a2bd210dd0b8de11ebd560d5868a28b7c9201db6 Mon Sep 17 00:00:00 2001
From: Ben Alex <ben.alex@springsource.com>
Date: Sun, 2 Dec 2007 03:25:36 +0000
Subject: [PATCH] SEC-611: Add details of other authentication solutions.

---
 src/docbkx/springsecurity.xml | 78 +++++++++++++++++++++++++++--------
 src/site/apt/index.apt        |  3 +-
 src/site/xdoc/powering.xml    |  8 ++--
 3 files changed, 68 insertions(+), 21 deletions(-)

diff --git a/src/docbkx/springsecurity.xml b/src/docbkx/springsecurity.xml
index c1816e356d..c67bc79bed 100644
--- a/src/docbkx/springsecurity.xml
+++ b/src/docbkx/springsecurity.xml
@@ -158,7 +158,7 @@
         standards bodies such as the Internet Engineering Task Force. In
         addition, Spring Security provides its own set of authentication
         features. Specifically, Spring Security currently supports
-        authentication with all of these technologies:</para>
+        authentication integration with all of these technologies:</para>
 
         <itemizedlist spacing="compact">
           <listitem>
@@ -228,15 +228,55 @@
           </listitem>
 
           <listitem>
-            <para>Java Single Sign On (JOSSO) (<ulink
-            url="http://www.josso.org/confluence/x/TwAI ">integration</ulink>
-            is provided by the JOSSO project)</para>
+            <para>Java Open Source Single Sign On (JOSSO) *</para>
           </listitem>
 
           <listitem>
-            <para>Atlassian Crowd (<ulink
-            url="http://confluence.atlassian.com/display/CROWD/3.2.09+Integrating+Crowd+with+Acegi+Security">integration</ulink>
-            is provided by the Atlassian Crowd product)</para>
+            <para>OpenNMS Network Management Platform *</para>
+          </listitem>
+
+          <listitem>
+            <para>AppFuse *</para>
+          </listitem>
+
+          <listitem>
+            <para>AndroMDA *</para>
+          </listitem>
+
+          <listitem>
+            <para>Mule ESB *</para>
+          </listitem>
+
+          <listitem>
+            <para>Direct Web Request (DWR) *</para>
+          </listitem>
+
+          <listitem>
+            <para>Grails *</para>
+          </listitem>
+
+          <listitem>
+            <para>Tapestry *</para>
+          </listitem>
+
+          <listitem>
+            <para>JTrac *</para>
+          </listitem>
+
+          <listitem>
+            <para>Jasypt *</para>
+          </listitem>
+
+          <listitem>
+            <para>Roller *</para>
+          </listitem>
+
+          <listitem>
+            <para>Elastic Plath *</para>
+          </listitem>
+
+          <listitem>
+            <para>Atlassian Crowd *</para>
           </listitem>
 
           <listitem>
@@ -244,17 +284,21 @@
           </listitem>
         </itemizedlist>
 
+        <para>(* Denotes provided by a third party; check our <ulink
+        url="http://acegisecurity.org/powering.html">integration pag</ulink>e
+        for links to the latest details)</para>
+
         <para>Many independent software vendors (ISVs) adopt Spring Security
-        because of this rich choice of authentication models. Doing so allows
-        them to quickly integrate their solutions with whatever their end
-        clients need, without undertaking a lot of engineering or requiring
-        the client to change their environment. If none of the above
-        authentication mechanisms suit your needs, Spring Security is an open
-        platform and it is quite simple to write your own authentication
-        mechanism. Many corporate users of Spring Security need to integrate
-        with "legacy" systems that don't follow any particular security
-        standards, and Spring Security is happy to "play nicely" with such
-        systems.</para>
+        because of this significant choice of flexible authentication models.
+        Doing so allows them to quickly integrate their solutions with
+        whatever their end clients need, without undertaking a lot of
+        engineering or requiring the client to change their environment. If
+        none of the above authentication mechanisms suit your needs, Spring
+        Security is an open platform and it is quite simple to write your own
+        authentication mechanism. Many corporate users of Spring Security need
+        to integrate with "legacy" systems that don't follow any particular
+        security standards, and Spring Security is happy to "play nicely" with
+        such systems.</para>
 
         <para>Sometimes the mere process of authentication isn't enough.
         Sometimes you need to also differentiate security based on the way a
diff --git a/src/site/apt/index.apt b/src/site/apt/index.apt
index a695ab7096..a8366fad1b 100644
--- a/src/site/apt/index.apt
+++ b/src/site/apt/index.apt
@@ -35,7 +35,8 @@ Key Features
         every web application to have its own authentication database. Nor are
         you restricted to single sign on across a single web container. Advanced
         single sign on features like proxy support and forced refresh of logins
-        are supported by both CAS and Spring Security.
+        are supported by both CAS and Spring Security. Several other SSO solutions
+	are also provided by third party projects, including JOSSO and CAS.
 
     * <<Reuses your Spring expertise:>> We use Spring application
         contexts for all configuration, which should help Spring developers get
diff --git a/src/site/xdoc/powering.xml b/src/site/xdoc/powering.xml
index 68b870f11d..6ca47e8fa7 100644
--- a/src/site/xdoc/powering.xml
+++ b/src/site/xdoc/powering.xml
@@ -11,6 +11,7 @@
     <li><b><a href="http://www.ja-sig.org/products/cas/">JA-SIG CAS</a></b>: Single Sign On system.<br></br><br></br></li>
     <li><b><a href="http://www3.ca.com/Solutions/Product.asp?ID=5262">SiteMinder</a></b>: Single Sign On system.<br></br><br></br></li>
   </ul></subsection><subsection name="Open Source Projects"><ul>
+    <li><b><a href="http://www.josso.org/">JOSSO</a></b>: Open source Single Sign On system. <a href="http://www.josso.org/confluence/x/TwAI">Integration details</a>.<br></br><br></br></li>
     <li><b><a href="http://www.opennms.org/">OpenNMS</a></b>: An open source network management platform <a href="http://www.opennms.org/index.php/Acegi_Security_and_LDAP">Integration details</a>.<br></br><br></br></li>
     <li><b><a href="http://appfuse.org/">AppFuse</a></b>: Helps jump-start application development. <a href="http://raibledesigns.com/wiki/Wiki.jsp?page=AppFuseSecurity">Integration details</a>.<br></br><br></br></li>
     <li><b><a href="http://www.andromda.org">AndroMDA</a></b>: Code generation framework that uses model driven architecture (MDA). <a href="http://team.andromda.org/docs/andromda-spring-cartridge/howto8.html">Integration details</a>.<br></br><br></br></li>
@@ -29,11 +30,12 @@
     <li><b><a href="http://jtrac.info/">JTrac</a></b>: A Java-based issue management system. <a href="http://jtrac.info/doc/html/faq.html">Integration details</a>.<br></br><br></br></li>
     <li><b><a href="http://plazma.sourceforge.net/">Plazma</a></b>: Swing-based ERP and CRM system for SMEs.<br></br><br></br></li>
     <li><b><a href="http://www.jasypt.org/">Jasypt</a></b>: Java encryption project. <a href="http://www.jasypt.org/faq.html#i-am-already-using-spring-security-for-encrypting-passwords">Integration details</a>.<br></br><br></br></li>
-  </ul></subsection><subsection name="Commercial Deployments"><ul>
+  </ul></subsection><subsection name="Commercial Products and Deployments"><ul>
+    <li><b><a href="http://www.atlassian.com/software/crowd/">Atlassian Crowd</a></b>: Single Sign On system. <a href="http://confluence.atlassian.com/display/CROWD/3.2.09+Integrating+Crowd+with+Acegi+Security">Integration details</a>.<br></br><br></br></li>
     <li>A global financial institution uses Spring Security's SiteMinder integration in a physical security management application.<br></br><br></br></li>
+	<li><a href="http://www.elasticpath.com/ecommerce/architecture/soa.jsp">Elastic Path</a> uses Spring Security for security.<br></br><br></br></li>
     <li>A central bank that uses Spring Security for many of its internal applications with the CAS integration.<br></br><br></br></li>
     <li>Several Australian Government departments use Spring Security for securing SOAP-based web services and web applications.<br></br><br></br></li>
     <li>Enterprise Systems and Services at Rutgers University uses Spring Security in conjunction with JA-SIG Central Authentication Service to provide authentication and authorization capabilities to its applications including those used by staff and students as well as those utilized by web services.<br></br><br></br></li>
-	<li><a href="http://www.elasticpath.com/ecommerce/architecture/soa.jsp">Elastic Path</a> uses Spring Security for security.<br></br><br></br></li>
 	<li>Plus many more... ;-)<br></br><br></br></li>
-  </ul></subsection></section></body></document>
\ No newline at end of file
+  </ul></subsection></section></body></document>