You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by ta...@apache.org on 2002/02/28 00:24:46 UTC
cvs commit: jakarta-jetspeed/xdocs config_guide.xml
taylor 02/02/27 15:24:46
Modified: xdocs config_guide.xml
Log:
docs for logon configuration and account disabling
Revision Changes Path
1.7 +74 -0 jakarta-jetspeed/xdocs/config_guide.xml
Index: config_guide.xml
===================================================================
RCS file: /home/cvs/jakarta-jetspeed/xdocs/config_guide.xml,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- config_guide.xml 14 Feb 2002 13:19:44 -0000 1.6
+++ config_guide.xml 27 Feb 2002 23:24:46 -0000 1.7
@@ -44,6 +44,8 @@
<li><a href="#Set portlet caching and other refresh rates">Set portlet caching and other refresh rates</a></li>
<li><a href="#Set Jetspeed logging">Set Jetspeed logging</a></li>
<li><a href="#Enable e-mail confirmation">Enable e-mail confirmation</a></li>
+ <li><a href="#Logon Configuration">Logon Configuration</a></li>
+ <li><a href="#Account Disabling">Account Disabling</a></li>
<li><a href="#Backup and Test">Backup and Test</a></li>
</ul>
</section>
@@ -519,6 +521,78 @@
<p>
</p>
</section>
+<section name="Logon Configuration">
+ <subsection name="Case Insensitive Logon">
+ <p>
+ Jetspeed can be configured to automatically force all usernames and passwords to upper or lower case.
+ By setting the "caseinsensitive" property for the username or password to "true", then
+ the "caseinsensitive.upper" property can be applied. When it is true, the username or password
+ is converted to uppercase. When false, username or password are converted to lowercase.
+ The default setting is false, where the username and password will be case-sensitive and
+ the "caseinsensitive.upper" property is ignored.</p>
+<source>
+services.JetspeedSecurity.caseinsensitive.username=false
+services.JetspeedSecurity.caseinsensitive.password=false
+services.JetspeedSecurity.caseinsensitive.upper=true
+</source>
+</subsection>
+<subsection name="Logon Rules">
+<p>When a new user is created, the PSML resources for the new user are copied from another user's account.
+This account is configurable with the property:</p>
+<source>
+services.Profiler.newuser.template=turbine
+</source>
+<p>Setting it to nothing configures role-based psml as the default method for new users.</p>
+(see below)
+<source>
+services.Profiler.newuser.template=
+</source>
+</subsection>
+<subsection name = "Role Based PSML">
+<p>Some configuration will want to share PSML resources among users.
+In this case, users will not have their own PSML resources.
+Enable Role Based PSML with this property set to true:</p>
+<source>
+services.Profiler.rolefallback=true
+</source>
+<p>Remember to set the "services.Profiler.newuser.template" property to nothing.</p>
+</subsection>
+<subsection name = "Assigning Roles, Media Type">
+<p>When a new user is created, you can configure which roles are automatically signed to that new user.
+You may also configure which media types that new user will support.
+Use commas to separate multiple entries.</p>
+<source>
+services.JetspeedSecurity.newuser.roles=user
+services.Profiler.newuser.media_types=html,wml
+</source>
+</subsection>
+</section>
+<section name = "Account Disabling">
+<p>Accounts can be auto-disabled with a failed-logon tracking feature.
+To turn on this feature, set this property:</p>
+<source>
+services.JetspeedSecurity.logon.auto.disable=true
+</source>
+<p>Account Disabling is controlled by the parameters: count, interval, and max.
+These parameters are applied over the lifetime of the server.
+When the server is shutdown, all counts are reset.
+However, the 'disabled' status is persisted in the database.
+With the parameters below, the user is given 3 failed attempts over 300 seconds (5 minutes).
+After 5 minutes, the strike count is reset.
+After 3 failed attempts within 5 minutes, the account is disabled and the
+Over the entire run of the server, and the "logon.disabled.form" is displayed whenever the user attempts to logon again.
+The 'max' parameter counts all failed logon attempts over the entire lifetime of the server.
+After 10 failed attempts over the lifetime of the server, the account is disabled.
+Accounts can be enabled from the Jetspeed Admin User Maintenance screen.</p>
+<source>
+# 3 logon strikes per 300 seconds and your out
+services.JetspeedSecurity.logon.strike.count=3
+services.JetspeedSecurity.logon.strike.interval=300
+# dont allow more than 10 over any time period
+services.JetspeedSecurity.logon.strike.max=10
+logon.disabled.form=AccountDisabled.vm
+</source>
+ </section>
<section name="Backup and Test">
<p><center>This section is incomplete</center></p>
<p>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>