--- /dev/null
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> \r
+<HTML>\r
+<HEAD>\r
+ <link rel="stylesheet" type="text/css" href="../style/doc.css">\r
+ <TITLE>Authentication in Jigsaw.</TITLE>\r
+</HEAD>\r
+<BODY TEXT="#000000" BGCOLOR="#FFFFFF" LINK="#0000EE" VLINK="#551A8B"\r
+ ALINK="#FF0000">\r
+ <body bgcolor="#FFFFFF">\r
+ <div class="icons-w3c">\r
+ <a href="../../../">\r
+ <img src="/Icons/w3c_home" \r
+ border="0" \r
+ alt="W3C logo"\r
+ height="48" \r
+ width="72">\r
+ </a>\r
+ </div>\r
+ <div class="icons-jigsaw">\r
+ <a href="../../">\r
+ <img src="/Icons/jigsaw" \r
+ border="0"\r
+ alt="Jigsaw"\r
+ height="49"\r
+ width="212">\r
+ </a>\r
+ </div>\r
+\r
+ <div class="title">\r
+ <H1 class="title">\r
+ Authentication in Jigsaw.\r
+ </H1>\r
+ <hr NOSHADE width="70%" align="left">\r
+ <a href="../../Overview.html">Jigsaw Home</a> /\r
+ <a href="../Overview.html">Documentation Overview</a>\r
+ </div>\r
+ <div class="body">\r
+<p>\r
+This section will provide you with a basic explanation of authentication\r
+in <B>Jigsaw</B>.\r
+\r
+<P>Filters are attached to specific frames in order to filter accesses\r
+to their resource. These filters are called once at lookup time, and once\r
+at reply time. On the way in (lookup time), they allow you to manipulate\r
+the request before the target resource handles it, and on the way out,\r
+they allow you to manipulate the target's reply before it is emitted back\r
+to the browser.\r
+\r
+<P>Although Jigsaw provides a number of <A HREF="../Reference/frames.html#Filter frames">filters</A>,\r
+we will focus here on the authentication filter, that authenticate requests\r
+before they are handled by their appropriate target resources. The <A HREF="../Reference/org.w3c.jigsaw.auth.GenericAuthFilter.html">GenericAuthFilter</A>\r
+is currently the only available authentication filter.\r
+\r
+<P>The GenericAuthFilter needs an authentication realm. An authentication\r
+realm is a database that will contain the description of a set of <A HREF="../Reference/org.w3c.jigsaw.auth.AuthUser.html">users</A>,\r
+along with their passwords and/or IP adresses.\r
+\r
+<P>Each user defines a set of attributes, email, comments, ipadress, password.\r
+The email address is currently unused (but it might be used in the future\r
+for email notification). The comments field is used only for informational\r
+purposes. The ipaddress field allows you to state from which machine the\r
+user is allowed to connect. This field is not mandatory: if left blank,\r
+only the password will be used for authentication (be warned that the password\r
+authentication scheme used by HTTP is very weak, you should always specify\r
+both a password and some IP addresses). If you decide to fill in the ipaddress\r
+field, you can enter multiple addresses for the same user (one per line). \r
+You can use * in the ip address field, meaning that any user connecting\r
+from the given set of IP addresses is to be authentified as the realm user.\r
+\r
+<P>Now you should read the <A HREF="authentication.html">tutorial</A> to\r
+setup authentication.\r
+ </div> <!-- body -->\r
+ <div class="footer">\r
+<p>\r
+<HR noshade>\r
+ <a href="mailto:jigsaw@w3.org">Jigsaw Team</a><br>\r
+ <span class="mini">\r
+ $Id: AuthInJigsaw.html,v 1.1 2010/06/15 12:23:04 smhuang Exp $\r
+ </span>\r
+ <p class="policyfooter">\r
+ <font size=-1>\r
+ <a href="/Consortium/Legal/ipr-notice.html#Copyright">Copyright</a>\r
+ © 1999 <a href="http://www.w3.org">W3C</a> \r
+ (<a href="http://www.lcs.mit.edu">MIT</a>, \r
+ <a href="http://www.inria.fr/">INRIA</a>, \r
+ <a href="http://www.keio.ac.jp/">Keio</a> ), \r
+ All Rights Reserved. W3C \r
+ <a href="/Consortium/Legal/ipr-notice.html#Legal Disclaimer">\r
+ liability,\r
+ </a>\r
+ <a href="/Consortium/Legal/ipr-notice.html#W3C Trademarks">\r
+ trademark\r
+ </a>, \r
+ <a href="/Consortium/Legal/copyright-documents.html">\r
+ document use \r
+ </a>\r
+ and\r
+ <a href="/Consortium/Legal/copyright-software.html">\r
+ software licensing\r
+ </a> rules apply. Your interactions with this site are in\r
+ accordance with our \r
+ <a href="/Consortium/Legal/privacy-statement.html#Public">\r
+ public\r
+ </a> and \r
+ <a href="/Consortium/Legal/privacy-statement.html#Members">\r
+ Member\r
+ </a>\r
+ privacy statements.</font>\r
+ </div>\r
+</BODY>\r
+</HTML>\r