You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by ta...@apache.org on 2002/06/04 05:47:31 UTC
cvs commit: jakarta-jetspeed/webapp/WEB-INF/conf JetspeedSecurity.properties JetspeedSecurity.template
taylor 2002/06/03 20:47:31
Modified: webapp/WEB-INF/conf Tag: security_14
JetspeedSecurity.properties
JetspeedSecurity.template
Log:
- fixed problem with loss of entries in JetspeedSecurity properties
Revision Changes Path
No revision
No revision
1.1.2.6 +118 -0 jakarta-jetspeed/webapp/WEB-INF/conf/Attic/JetspeedSecurity.properties
Index: JetspeedSecurity.properties
===================================================================
RCS file: /home/cvs/jakarta-jetspeed/webapp/WEB-INF/conf/Attic/JetspeedSecurity.properties,v
retrieving revision 1.1.2.5
retrieving revision 1.1.2.6
diff -u -r1.1.2.5 -r1.1.2.6
--- JetspeedSecurity.properties 4 Jun 2002 03:20:03 -0000 1.1.2.5
+++ JetspeedSecurity.properties 4 Jun 2002 03:47:31 -0000 1.1.2.6
@@ -1,5 +1,5 @@
# -------------------------------------------------------------------
-# $Id: JetspeedSecurity.properties,v 1.1.2.5 2002/06/04 03:20:03 taylor Exp $
+# $Id: JetspeedSecurity.properties,v 1.1.2.6 2002/06/04 03:47:31 taylor Exp $
#
# This is the configuration file for JetspeedSecurity
#
@@ -25,4 +25,122 @@
#########################################
services.UserManagement.classname=org.apache.jetspeed.services.security.turbine.TurbineUserManagement
+
+# -------------------------------------------------------------------
+#
+# UserManagement Services
+#
+# -------------------------------------------------------------------
+
+services.UserManagement.classname=org.apache.jetspeed.services.security.turbine.TurbineUserManagement
+
+#
+# User Class
+#
+services.JetspeedSecurity.user.class=org.apache.jetspeed.om.security.BaseJetspeedUser
+services.JetspeedSecurity.user.persisted.class=org.apache.jetspeed.om.security.turbine.TurbineUser
+
+#
+# This is used by the SecurityService to make the password checking
+# secure. When enabled, passwords are transformed by a one-way
+# function into a sequence of bytes that is base64 encoded.
+# It is impossible to guess the plain-text form of the password
+# from the representation. When user logs in, the entered password
+# is transformed the same way and then compared with stored value.
+#
+# Default: false
+#
+
+services.JetspeedSecurity.secure.passwords=false
+
+#
+# This property lets you choose what digest algorithm will be used
+# for encrypting passwords. Check documentation of your JRE for
+# available algorithms.
+#
+# Default: SHA
+#
+
+services.JetspeedSecurity.secure.passwords.algorithm=SHA
+
+# Role(s) to assign to new user. Multiple Role must be comma separated.
+services.JetspeedSecurity.newuser.roles=user
+
+# Default permission(s) when object have no permissions defined
+# The follow permissions are define in the default Jetspeed installation:
+# view, customize, minimize, maximize, close
+# * = All permissions
+services.JetspeedSecurity.permission.default.anonymous=view
+services.JetspeedSecurity.permission.default.loggedin=*
+
+# During logon, username and password can be case sensitive or case insensitive
+# This option configures the logon username and password to be case sensitive or insensitive
+# if its case insensitive, then "logon.casesensitive.upper" controls whether the username and
+# password or converted to upper or lower case before passing on to the database
+services.JetspeedSecurity.caseinsensitive.username=false
+services.JetspeedSecurity.caseinsensitive.password=false
+services.JetspeedSecurity.caseinsensitive.upper=true
+
+# Auto-Account-Disable Feature
+services.JetspeedSecurity.logon.auto.disable=false
+
+# 3 logon strikes per 300 seconds and your out
+services.JetspeedSecurity.logon.strike.count=3
+services.JetspeedSecurity.logon.strike.interval=300
+# dont allow more than 10 over any time period
+services.JetspeedSecurity.logon.strike.max=10
+
+# -------------------------------------------------------------------
+#
+# To Be Deleted soon...
+#
+# -------------------------------------------------------------------
+#
+# This is the class that implements the User interface.
+# You want to override this setting only if you want your User
+# implementation to provide application specific addtional
+# functionality.
+#
+# Default: org.apache.turbine.om.security.TurbineUser
+#
+
+# services.SecurityService.user.class=org.apache.turbine.om.security.TurbineUser
+# services.SecurityService.user.class=org.apache.jetspeed.om.security.BaseTurbineUser
+
+#
+# This setting is DBSecurityService specific - this class is consulted for the names
+# of the columns in the users' tables for the purpose of creating join queries.
+# If you use your own User implementation in conjunction with DBSecurityService,
+# it's peer class must implement org.apache.turbine.om.security.peer.UserPeer interface,
+# and you need to specify the name of the peer class here.
+#
+# Defalut: org.apache.turbine.om.security.peer.TurbineUserPeer
+#
+# services.SecurityService.userPeer.class=org.apache.turbine.om.security.peer.TurbineUserPeer
+# services.SecurityService.userPeer.class=org.apache.jetspeed.om.security.peer.TurbineUserPeerAdapter
+
+#
+# This is the class that implements UserManager interface.
+# Override this setting if you want your User information stored
+# on a different medium (LADP directory is a good example).
+# Default implementation uses Peers and a relational database .
+#
+# services.SecurityService.user.manager=org.apache.turbine.services.security.db.DBUserManager
+
+# -------------------------------------------------------------------
+#
+# P E E R S
+#
+# -------------------------------------------------------------------
+# Supplies Turbine with information about the database schema, which
+# can simplify any required Peer classes.
+#
+# Default: org.apache.turbine.util.db.map.TurbineMapBuilder
+# -------------------------------------------------------------------
+
+# database.maps.builder=org.apache.turbine.util.db.map.TurbineMapBuilder
+# database.maps.builder=org.apache.jetspeed.om.security.db.map.JetspeedMapBuilderAdapter
+# database.maps.builder=org.apache.jetspeed.om.security.map.TurbineUserMapBuilderAdapter
+
+
1.1.2.3 +119 -1 jakarta-jetspeed/webapp/WEB-INF/conf/Attic/JetspeedSecurity.template
Index: JetspeedSecurity.template
===================================================================
RCS file: /home/cvs/jakarta-jetspeed/webapp/WEB-INF/conf/Attic/JetspeedSecurity.template,v
retrieving revision 1.1.2.2
retrieving revision 1.1.2.3
diff -u -r1.1.2.2 -r1.1.2.3
--- JetspeedSecurity.template 4 Jun 2002 02:43:36 -0000 1.1.2.2
+++ JetspeedSecurity.template 4 Jun 2002 03:47:31 -0000 1.1.2.3
@@ -1,5 +1,5 @@
# -------------------------------------------------------------------
-# $Id: JetspeedSecurity.template,v 1.1.2.2 2002/06/04 02:43:36 taylor Exp $
+# $Id: JetspeedSecurity.template,v 1.1.2.3 2002/06/04 03:47:31 taylor Exp $
#
# This is the configuration file for JetspeedSecurity
#
@@ -25,4 +25,122 @@
#########################################
services.UserManagement.classname=org.apache.jetspeed.services.security.turbine.TurbineUserManagement
+
+# -------------------------------------------------------------------
+#
+# UserManagement Services
+#
+# -------------------------------------------------------------------
+
+services.UserManagement.classname=org.apache.jetspeed.services.security.turbine.TurbineUserManagement
+
+#
+# User Class
+#
+services.JetspeedSecurity.user.class=org.apache.jetspeed.om.security.BaseJetspeedUser
+services.JetspeedSecurity.user.persisted.class=org.apache.jetspeed.om.security.turbine.TurbineUser
+
+#
+# This is used by the SecurityService to make the password checking
+# secure. When enabled, passwords are transformed by a one-way
+# function into a sequence of bytes that is base64 encoded.
+# It is impossible to guess the plain-text form of the password
+# from the representation. When user logs in, the entered password
+# is transformed the same way and then compared with stored value.
+#
+# Default: false
+#
+
+services.JetspeedSecurity.secure.passwords=false
+
+#
+# This property lets you choose what digest algorithm will be used
+# for encrypting passwords. Check documentation of your JRE for
+# available algorithms.
+#
+# Default: SHA
+#
+
+services.JetspeedSecurity.secure.passwords.algorithm=SHA
+
+# Role(s) to assign to new user. Multiple Role must be comma separated.
+services.JetspeedSecurity.newuser.roles=user
+
+# Default permission(s) when object have no permissions defined
+# The follow permissions are define in the default Jetspeed installation:
+# view, customize, minimize, maximize, close
+# * = All permissions
+services.JetspeedSecurity.permission.default.anonymous=view
+services.JetspeedSecurity.permission.default.loggedin=*
+
+# During logon, username and password can be case sensitive or case insensitive
+# This option configures the logon username and password to be case sensitive or insensitive
+# if its case insensitive, then "logon.casesensitive.upper" controls whether the username and
+# password or converted to upper or lower case before passing on to the database
+services.JetspeedSecurity.caseinsensitive.username=false
+services.JetspeedSecurity.caseinsensitive.password=false
+services.JetspeedSecurity.caseinsensitive.upper=true
+
+# Auto-Account-Disable Feature
+services.JetspeedSecurity.logon.auto.disable=false
+
+# 3 logon strikes per 300 seconds and your out
+services.JetspeedSecurity.logon.strike.count=3
+services.JetspeedSecurity.logon.strike.interval=300
+# dont allow more than 10 over any time period
+services.JetspeedSecurity.logon.strike.max=10
+
+# -------------------------------------------------------------------
+#
+# To Be Deleted soon...
+#
+# -------------------------------------------------------------------
+#
+# This is the class that implements the User interface.
+# You want to override this setting only if you want your User
+# implementation to provide application specific addtional
+# functionality.
+#
+# Default: org.apache.turbine.om.security.TurbineUser
+#
+
+# services.SecurityService.user.class=org.apache.turbine.om.security.TurbineUser
+# services.SecurityService.user.class=org.apache.jetspeed.om.security.BaseTurbineUser
+
+#
+# This setting is DBSecurityService specific - this class is consulted for the names
+# of the columns in the users' tables for the purpose of creating join queries.
+# If you use your own User implementation in conjunction with DBSecurityService,
+# it's peer class must implement org.apache.turbine.om.security.peer.UserPeer interface,
+# and you need to specify the name of the peer class here.
+#
+# Defalut: org.apache.turbine.om.security.peer.TurbineUserPeer
+#
+# services.SecurityService.userPeer.class=org.apache.turbine.om.security.peer.TurbineUserPeer
+# services.SecurityService.userPeer.class=org.apache.jetspeed.om.security.peer.TurbineUserPeerAdapter
+
+#
+# This is the class that implements UserManager interface.
+# Override this setting if you want your User information stored
+# on a different medium (LADP directory is a good example).
+# Default implementation uses Peers and a relational database .
+#
+# services.SecurityService.user.manager=org.apache.turbine.services.security.db.DBUserManager
+
+# -------------------------------------------------------------------
+#
+# P E E R S
+#
+# -------------------------------------------------------------------
+# Supplies Turbine with information about the database schema, which
+# can simplify any required Peer classes.
+#
+# Default: org.apache.turbine.util.db.map.TurbineMapBuilder
+# -------------------------------------------------------------------
+
+# database.maps.builder=org.apache.turbine.util.db.map.TurbineMapBuilder
+# database.maps.builder=org.apache.jetspeed.om.security.db.map.JetspeedMapBuilderAdapter
+# database.maps.builder=org.apache.jetspeed.om.security.map.TurbineUserMapBuilderAdapter
+
+
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>