You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by dw...@apache.org on 2009/01/14 19:19:36 UTC
svn commit: r734466 [2/4] - in /geronimo/server/trunk/plugins:
activemq/activemq-portlets/src/main/resources/
activemq/activemq-portlets/src/main/webapp/WEB-INF/view/jmswizard/
console/console-base-portlets/src/main/resources/
console/console-base-port...
Modified: geronimo/server/trunk/plugins/console/plugin-portlets/src/main/resources/pluginportlets.properties
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/console/plugin-portlets/src/main/resources/pluginportlets.properties?rev=734466&r1=734465&r2=734466&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/console/plugin-portlets/src/main/resources/pluginportlets.properties (original)
+++ geronimo/server/trunk/plugins/console/plugin-portlets/src/main/resources/pluginportlets.properties Wed Jan 14 10:19:35 2009
@@ -177,100 +177,140 @@
consolebase.common.user = User
consolebase.common.userName = Username
-realmwizard._sql.JDBCDriverClassExp = The fully-qualified JDBC driver class name. This driver must be located in the JAR specified in the next field.
-realmwizard._sql.JDBCPasswordExp = The password used to connect to the database
-realmwizard._sql.JDBCUrlExp = The JDBC URL that specifies the details of the database to connect to. This has a different form for each JDBC driver.
-realmwizard._sql.JDBCUsernameExp = The username used to connect to the database
-realmwizard._sql.databasePoolExp = A database pool that the login module will use to connect to the database. If this is specified, none of the rest of the settings after this are necessary.
-realmwizard._sql.digestAlgorithmExp = Message Digest algorithm (e.g. MD5, SHA1, etc.) used on the passwords. Leave this field empty if no digest algorithm is used.
-realmwizard._sql.digestEncodingExp = Encoding to use for digests (e.g. hex, base64). This is used only if a Message Digest algorithm is specified.If no encoding is specified, hex will be used.
-realmwizard._sql.driverJARExp = The JAR holding the selected JDBC driver. Should be installed under GERONIMO/repository/ to appear in this list.
-realmwizard._sql.eitherPoolOrJDBC = A SQL security realm must either have a database pool or JDBC connectivity settings to connect to the database. Please select EITHER the database pool, OR the rest of the JDBC settings.
-realmwizard._sql.groupSelectSQLExp = A SQL statement to load group information for a user. It should return 2 columns, the first holding a username and the second holding a group name. The statement may use the PreparedStatement syntax of ? for a parameter, in which case the username will be set for every parameter. A typical setting would be <tt>SELECT username, group_name FROM user_groups WHERE username=?</tt> or for a more normalized schema, <tt>SELECT u.username, g.name FROM app_users u, groups g, user_groups ug WHERE ug.user_id=users.id AND ug.group_id=g.id AND u.username=?</tt>
-realmwizard._sql.selectDatabasePool = A SQL security realm must either have a database pool or JDBC connectivity settings to connect to the database. Please select EITHER the database pool, OR the rest of the JDBC settings.
-realmwizard._sql.userSelectSQLExp = A SQL statement to load user/password information. It should return 2 columns, the first holding a username and the second holding a password. The statement may use the PreparedStatement syntax of ? for a parameter, in which case the username will be set for every parameter. A typical setting would be <tt>SELECT username, password FROM app_users WHERE username=?</tt>
-realmwizard.advanced.AuditEnabledExp = If enabled, every login attempt will be recorded to the specified file. The path should be relative to the Geronimo home directory (a typical value would be <tt>var/log/login-attempts.log</tt>).
-realmwizard.advanced.credentialName = Credential Name
-realmwizard.advanced.credentialNameExp = If enabled, the realm will store each username and password in a private credential in the Subject under a specified credential name.
-realmwizard.advanced.failuresWithin = failures within
-realmwizard.advanced.failuresWithinSeconds = seconds
-realmwizard.advanced.keepAccountLockedFor = and keep the account locked for
-realmwizard.advanced.keepAccountLockedForSeconds = seconds
-realmwizard.advanced.lockUserAfter = Lock a user after
-realmwizard.advanced.lockoutEnabledExp = If enabled, a certain number of failed logins in a particular time frame will cause a user's account to be locked for a certain period of time. This is a defense against brute force account cracking attacks.
-realmwizard.advanced.namedCredential = Named Credential
-realmwizard.advanced.storePasswordEnabledExp = If enabled, the realm will store each user's password in a private credential in the Subject. This will allow access to the password later after the login process has completed. This is not normally required.
-realmwizard.advanced.title = <b>Create Security Realm</b> -- Step 3: Advanced Configuration
-realmwizard.common.JDBCDriverClass = JDBC Driver Class
-realmwizard.common.JDBCPassword = JDBC Password
-realmwizard.common.JDBCUrl = JDBC URL
-realmwizard.common.JDBCUsername = JDBC Username
-realmwizard.common.addSecurityRealm = Add new security realm
-realmwizard.common.addToEAR = Add to EAR
-realmwizard.common.comfirmPwd = Confirm password
-realmwizard.common.configurationOptions = Configuration Options
-realmwizard.common.controlFlag = Control Flag
-realmwizard.common.databasePool = Database Pool
-realmwizard.common.deploy = Deploy
-realmwizard.common.deployCommand = Deploy Command
-realmwizard.common.deployRealm = Deploy Realm
-realmwizard.common.deploymentPlan = Deployment Plan
-realmwizard.common.digestAlgorithm = Digest Algorithm
-realmwizard.common.digestEncoding = Digest Encoding
-realmwizard.common.driverJAR = Driver JAR
-realmwizard.common.editRealm = Edit Realm
-realmwizard.common.editSettings = Edit Settings
-realmwizard.common.enableAuditing = Enable Auditing
-realmwizard.common.enableLockout = Enable Lockout
-realmwizard.common.groupSelectSQL = Group SELECT SQL
-realmwizard.common.logFile = Log File
-realmwizard.common.loginDomainName = Login Domain Name
-realmwizard.common.loginModule = Login Module
-realmwizard.common.loginModuleClass = Login Module Class
-realmwizard.common.nameOfSecurityRealm = Name of Security Realm
-realmwizard.common.principals = Principals
-realmwizard.common.realmName = Realm Name
-realmwizard.common.realmType = Realm Type
-realmwizard.common.serverSide = Server-Side
-realmwizard.common.serverWide = Server-wide
-realmwizard.common.showPlan = Show Plan
-realmwizard.common.skipTestAndDeploy = Skip Test and Deploy
-realmwizard.common.skipTestAndShowPlan = Skip Test and Show Plan
-realmwizard.common.storePassword = Store Password
-realmwizard.common.supportAdvancedMapping = Support Advanced Mapping
-realmwizard.common.testAgain = Test Again
-realmwizard.common.testLogin = Test a Login
-realmwizard.common.userSelectSQL = User SELECT SQL
-realmwizard.configure.title = <b>Create Security Realm</b> -- Step 2: Configure Login Module
-realmwizard.edit.configurationOptionsExp = Any configuration options necessary for the login module, in the standard Java properties format (one per line, <tt>name=value</tt>)
-realmwizard.edit.controlFlagExp = The control flag for the login module, which controls what happens to the overall login processing if this login module succeeds or fails. For more information see
-realmwizard.edit.ifLeaveBlank = If you don't need to use as many login modules as there are entries below,just leave the extra ones blank.
-realmwizard.edit.loginDomainExp = The login domain for this login module, which must be unique among all modules in the security realm. This can be used to distinguish principals from two otherwise identical login modules (for example, from two LDAP login modules pointing to two different LDAP servers)
-realmwizard.edit.loginModuleClassExp = The fully-qualified class name for the login module.
-realmwizard.edit.loginModuleJAR = Login Module JAR
-realmwizard.edit.loginModuleJARExp = The jar containing Login Module and Principal classes.
-realmwizard.edit.realmNameExp = A name that is different than the name for any other security realms in the server (no spaces in the name please). Other components will use this name to refer to the security realm.
-realmwizard.edit.serverSideExp = Server-side login modules are executed within the application server (this is normally correct). Client-side login modules are executed in the client's environment, for example, in order to use single sign-on features of the client OS.
-realmwizard.edit.summary = <p>This page edits a new or existing security realm.</p><p>A security realm may have one or more login modules. Many simple realms have only one login module. Additional login modules may be used to access more underlying security information stores, or to add functionality such as auditing to a realm without affecting the authentication process for the realm.</p>
-realmwizard.edit.supportAdvancedMappingExp = Normally Geronimo can't distinguish between two different principals that have the same name and same principal class but were produced by two different login modules. If this option is enabled, Geronimo will "wrap" principals to track which login module and realm each principal came from. This lets you use the "realm-principal" and "login-domain-principal" elements in your security mapping in Geronimo deployment plans.
-realmwizard.list.noSecurityRealms = There are no security realms defined
-realmwizard.list.seeExamples = For each realm listed, you can click the <b>usage</b> link to see examples of how to use the realm from your application.\r\n
-realmwizard.list.title = This page lists all the available security realms. Server-wide security realms can be edited, while security realms deployed as part of a single application cannot (change the deployment plan in the application instead).
-realmwizard.selectType.nameOfSecurityRealmExp = A name that is different than the name for any other security realms in the server (no spaces in the name please). Other components will use this name to refer to the security realm.
-realmwizard.selectType.realmTypeExp = The type of login module used as the master for this security realm. Select "Other" for manual configuration options including custom login modules and realms that use multiple login modules to populate user principals.
-realmwizard.selectType.title = <b>Create Security Realm</b> -- Step 1: Select Name and Type
-realmwizard.showPlan.addToEARExp = Instead of deploying as a top-level security realm, you can deploy this realm as part of an EAR. To add a security realm to an EAR using this plan, create a <tt>META-INF/geronimo-application.xml</tt> file in your EAR that has the <tt>dependency</tt> elements (if any) and <tt>gbean</tt> elements from the plan above. It should look something like this:
-realmwizard.showPlan.deployCommandExp = To deploy a security realm from the command line using this plan, copy and paste it to a file (say, <tt>security-realm.xml</tt>) and save it. Then run a command like:
-realmwizard.showPlan.title = <b>Create Security Realm</b> -- Show Deployment Plan
-realmwizard.testLogin.passwordExp = The password to use to log in to the realm.
-realmwizard.testLogin.summary = From here you can enter a username and password for the main login module in the realm, and see if the login is successful and which Principals are generated for the user. This is meant to be an indication of whether the settings for the main login module are correct. It does not invoke advanced features such as auditing or lockout.
-realmwizard.testLogin.title = <b>Create Security Realm</b> -- Step 4: Test Login
-realmwizard.testLogin.usernameExp = The username to use to log in to the realm.
-realmwizard.testResults.testResults = Test Results
-realmwizard.testResults.title = <b>Create Security Realm</b> -- Step 5: Login Results
-realmwizard.usage.applicationCode = Application Code
-realmwizard.usage.applicationCodeExp = <p>No special application code is required to work with security roles.</p><p>If an application calls <tt>HttpServletRequest.getUserPrincipal()</tt>, Geronimo will return a principal where the principal class implements <tt>GeronimoCallerPrincipal</tt> -- normally a username (since <tt>GeronimoUserPrincipal</tt> implements <tt>GeronimoCallerPrincipal</tt>). If you're using a custom login module and getting the wrong results for <tt>getUserPrincipal</tt>, try making your user principal class implement <tt>GeronimoCallerPrincipal</tt>.</p> <p>If an application calls <tt>HttpServletRequest.isUserInRole(role)</tt>, Geronimo will return true or false depending on whether any of the principals assigned to that user by the realm's login modules were listed in the role mapping above.</p>
-realmwizard.usage.geronimoWebXmlLater = <p>This example indicated that {0} will be used to handle all logins to the web application. Then it maps the <tt>admin</tt> role to a combination of one user (<tt>root</tt>) and one group (<tt>administrators</tt>), using a combination of the principal classes and principal names. (Note that if {0} uses a custom login module, the principal classes may be different, but the ones listed above are used for users and groups by all the standard Geronimo login modules.)</p> <p>It's also possible to configure separate login modules to use separate login domain names, and then use the login domain names in the role mapping (so a user "root" from login domain "Foo" is different from a user "root" from login domain "Bar"), but this is only important if you have multiple login modules assigning principals to the users.</p> <p> Finally, if the <tt>security</tt> section is declared in an EAR <tt>application.xml</tt> deployment descrip
tor, there's no need to repeat it in any of the modules inside the EAR -- they'll all share the same role mapping information.</p>
-realmwizard.usage.geronimoWebXmlPreface = <p>To configure the security realm and the members of each role, the web application needs to have a <tt>geronimo-web.xml</tt> deployment plan. That may be packaged in the WAR in the <tt>WEB-INF</tt> directory, or it may be provided separately on the command line to the deploy tool.</p> <p>The <tt>geronimo-web.xml</tt> plan should have a <tt>security-realm-name</tt> element indicating which realm will be used to authenticate logins to the web application. It also needs to have a <tt>security</tt> element listing the users or groups who should be members of each <tt>security-role</tt> listed in <tt>web.xml</tt>.</p>
-realmwizard.usage.title = This page talks about how to use the security realm {0} from a J2EE application. The example here is a web application, but other application modules would work similarly.
-realmwizard.usage.webXmlShouldHave = <p>The <tt>web.xml</tt> should have</p><ul> <li>One or more <tt>security-constraint</tt> blocks designating the protected pages or URLs</li> <li>A <tt>login-config</tt> section configuring the login style for the application</li> <li>One or more <tt>security-role</tt> blocks listing the security roles used by the application</li></ul>
+realmwizard._sql.JDBCDriverClassExp = The fully-qualified JDBC driver class name. This driver must be located in the JAR specified in the next field.
+realmwizard._sql.JDBCPasswordExp = The password used to connect to the database
+realmwizard._sql.JDBCUrlExp = The JDBC URL that specifies the details of the database to connect to. This has a different form for each JDBC driver.
+realmwizard._sql.JDBCUsernameExp = The username used to connect to the database
+realmwizard._sql.databasePoolExp = A database pool that the login module will use to connect to the database. If this is specified, none of the rest of the settings after this are necessary.
+realmwizard._sql.digestAlgorithmExp = Message Digest algorithm (e.g. MD5, SHA1, etc.) used on the passwords. Leave this field empty if no digest algorithm is used.
+realmwizard._sql.digestEncodingExp = Encoding to use for digests (e.g. hex, base64). This is used only if a Message Digest algorithm is specified.If no encoding is specified, hex will be used.
+realmwizard._sql.driverJARExp = The JAR holding the selected JDBC driver. Should be installed under GERONIMO/repository/ to appear in this list.
+realmwizard._sql.eitherPoolOrJDBC = A SQL security realm must either have a database pool or JDBC connectivity settings to connect to the database. Please select EITHER the database pool, OR the rest of the JDBC settings.
+realmwizard._sql.groupSelectSQLExp = A SQL statement to load group information for a user. It should return 2 columns, the first holding a username and the second holding a group name. The statement may use the PreparedStatement syntax of ? for a parameter, in which case the username will be set for every parameter. A typical setting would be <tt>SELECT username, group_name FROM user_groups WHERE username=?</tt> or for a more normalized schema, <tt>SELECT u.username, g.name FROM app_users u, groups g, user_groups ug WHERE ug.user_id=users.id AND ug.group_id=g.id AND u.username=?</tt>
+realmwizard._sql.selectDatabasePool = A SQL security realm must either have a database pool or JDBC connectivity settings to connect to the database. Please select EITHER the database pool, OR the rest of the JDBC settings.
+realmwizard._sql.userSelectSQLExp = A SQL statement to load user/password information. It should return 2 columns, the first holding a username and the second holding a password. The statement may use the PreparedStatement syntax of ? for a parameter, in which case the username will be set for every parameter. A typical setting would be <tt>SELECT username, password FROM app_users WHERE username=?</tt>
+realmwizard.advanced.AuditEnabledExp = If enabled, every login attempt will be recorded to the specified file. The path should be relative to the Geronimo home directory (a typical value would be <tt>var/log/login-attempts.log</tt>).
+realmwizard.advanced.credentialName = Credential Name
+realmwizard.advanced.credentialNameExp = If enabled, the realm will store each username and password in a private credential in the Subject under a specified credential name.
+realmwizard.advanced.failuresWithin = failures within
+realmwizard.advanced.failuresWithinSeconds = seconds
+realmwizard.advanced.keepAccountLockedFor = and keep the account locked for
+realmwizard.advanced.keepAccountLockedForSeconds = seconds
+realmwizard.advanced.lockUserAfter = Lock a user after
+realmwizard.advanced.lockoutEnabledExp = If enabled, a certain number of failed logins in a particular time frame will cause a user's account to be locked for a certain period of time. This is a defense against brute force account cracking attacks.
+realmwizard.advanced.namedCredential = Named Credential
+realmwizard.advanced.storePasswordEnabledExp = If enabled, the realm will store each user's password in a private credential in the Subject. This will allow access to the password later after the login process has completed. This is not normally required.
+realmwizard.advanced.title = <b>Create Security Realm</b> -- Step 3: Advanced Configuration
+realmwizard.common.JDBCDriverClass = JDBC Driver Class
+realmwizard.common.JDBCPassword = JDBC Password
+realmwizard.common.JDBCUrl = JDBC URL
+realmwizard.common.JDBCUsername = JDBC Username
+realmwizard.common.addSecurityRealm = Add new security realm
+realmwizard.common.addToEAR = Add to EAR
+realmwizard.common.comfirmPwd = Confirm password
+realmwizard.common.configurationOptions = Configuration Options
+realmwizard.common.controlFlag = Control Flag
+realmwizard.common.databasePool = Database Pool
+realmwizard.common.deploy = Deploy
+realmwizard.common.deployCommand = Deploy Command
+realmwizard.common.deployRealm = Deploy Realm
+realmwizard.common.deploymentPlan = Deployment Plan
+realmwizard.common.digestAlgorithm = Digest Algorithm
+realmwizard.common.digestEncoding = Digest Encoding
+realmwizard.common.driverJAR = Driver JAR
+realmwizard.common.editRealm = Edit Realm
+realmwizard.common.editSettings = Edit Settings
+realmwizard.common.enableAuditing = Enable Auditing
+realmwizard.common.enableLockout = Enable Lockout
+realmwizard.common.groupSelectSQL = Group SELECT SQL
+realmwizard.common.logFile = Log File
+realmwizard.common.loginDomainName = Login Domain Name
+realmwizard.common.loginModule = Login Module
+realmwizard.common.loginModuleClass = Login Module Class
+realmwizard.common.nameOfSecurityRealm = Name of Security Realm
+realmwizard.common.principals = Principals
+realmwizard.common.realmName = Realm Name
+realmwizard.common.realmType = Realm Type
+realmwizard.common.serverSide = Server-Side
+realmwizard.common.serverWide = Server-wide
+realmwizard.common.showPlan = Show Plan
+realmwizard.common.skipTestAndDeploy = Skip Test and Deploy
+realmwizard.common.skipTestAndShowPlan = Skip Test and Show Plan
+realmwizard.common.storePassword = Store Password
+realmwizard.common.supportAdvancedMapping = Support Advanced Mapping
+realmwizard.common.testAgain = Test Again
+realmwizard.common.testLogin = Test a Login
+realmwizard.common.userSelectSQL = User SELECT SQL
+realmwizard.configure.certprops.groupsURI.description = The location of a properties file (relative to the Geronimo home dir) holding group information. The format of each line should be <tt>group=user,user,...</tt>.
+realmwizard.configure.certprops.groupsURI.name = Groups File URI
+realmwizard.configure.certprops.usersURI.description = The location of a properties file (relative to the Geronimo home dir) holding certificate to user mapping information. The format of each line should be <tt>username=certificatename</tt> where certificate name is <tt>X509Certificate.getSubjectX500Principal().getName()</tt>
+realmwizard.configure.certprops.usersURI.name = Users File URI
+realmwizard.configure.ldap.authentication.description = The security level to use, which can be <tt>none</tt>, <tt>simple</tt>, or <tt>strong</tt> (the usual value is <tt>simple</tt>. If this property is unspecified, the behavior is determined by the service provider.
+realmwizard.configure.ldap.authentication.name = Authentication
+realmwizard.configure.ldap.connectionPassword.description = The password used to connect to the LDAP server.
+realmwizard.configure.ldap.connectionPassword.name = Connect Password
+realmwizard.configure.ldap.connectionProtocol.description = The connection protocol used to communicate with the LDAP server. Normally left blank, though it can be set to <tt>ssl</tt> if the server supports it.
+realmwizard.configure.ldap.connectionProtocol.name = Connect Protocol
+realmwizard.configure.ldap.connectionURL.description = A URL that describes how to connect to the LDAP server. Normally this would be <tt>ldap://ldap-server-hostname:389</tt> (or for the Apache directory server included with Geronimo, <tt>ldap://localhost:1389</tt>).
+realmwizard.configure.ldap.connectionURL.name = Connection URL
+realmwizard.configure.ldap.connectionUsername.description = The user name used to connect to the LDAP server. Should be an administrator or Directory manager that has access to examine other users' passwords.
+realmwizard.configure.ldap.connectionUsername.name = Connect Username
+realmwizard.configure.ldap.initialContextFactory.description = The fully-qualified class name of the initial context factory. If you don't know what to use here, you should use <tt>com.sun.jndi.ldap.LdapCtxFactory</tt>.
+realmwizard.configure.ldap.initialContextFactory.name = Initial Context Factory
+realmwizard.configure.ldap.roleBase.description = The base LDAP context (location) to search for roles. The search may look in this location only, or there and all subcontexts, depending on the settings for "Role Search Subtree" below.
+realmwizard.configure.ldap.roleBase.name = Role Base
+realmwizard.configure.ldap.roleName.description = The LDAP attribute type that corresponds to the the role name. Often set to <tt>cn</tt>.
+realmwizard.configure.ldap.roleName.name = Role Name
+realmwizard.configure.ldap.roleSearchMatching.description = The LDAP attribute search string used on a role to find the users who are members of the role. This is used when the role has many attributes with the same name, but with different values (one per user). Normally the parameter <tt>{0}</tt> is used to identify the username. A typical value would be <tt>(member={0})</tt> or <tt>(memberUID={0})</tt>.
+realmwizard.configure.ldap.roleSearchMatching.name = Role User Search String
+realmwizard.configure.ldap.roleSearchSubtree.description = If set to <tt>true</tt>, then subtrees under the "Role Base" will be searched for roles too. If set to <tt>false</tt>, then only the "Role Base" location itself will be searched.
+realmwizard.configure.ldap.roleSearchSubtree.name = Role Search Subtree
+realmwizard.configure.ldap.userBase.description = The base LDAP context (location) to search for users. The search may look in this location only, or there and all subcontexts, depending on the settings for "User Search Subtree" below.
+realmwizard.configure.ldap.userBase.name = User Base
+realmwizard.configure.ldap.userRoleName.description = If the role entry does not have an attribute for users, but instead the user entry has an attribute for roles, this should be used instead of the "Role User Search String". It names the attribute on a user that lists a role that user is in. A typical value would be <tt>(memberOf={0})</tt>.
+realmwizard.configure.ldap.userRoleName.name = User Role Search String
+realmwizard.configure.ldap.userSearchMatching.description = The LDAP attribute search string used to find the user. RFC 2254 filters are allowed, and normally the parameter <tt>{0}</tt> is used to identify the username. A typical value would be <tt>(uid={0})</tt> or <tt>(cn={0})</tt>.
+realmwizard.configure.ldap.userSearchMatching.name = User Search Matching
+realmwizard.configure.ldap.userSearchSubtree.description = If set to <tt>true</tt>, then subtrees under the "User Base" will be searched for users too. If set to <tt>false</tt>, then only the "User Base" location itself will be searched.
+realmwizard.configure.ldap.userSearchSubtree.name = User Search Subtree
+realmwizard.configure.props.digest.description = Message Digest algorithm (e.g. MD5, SHA1, etc.) used on the passwords. Leave this field empty if no digest algorithm is used.
+realmwizard.configure.props.digest.name = Digest Algorithm
+realmwizard.configure.props.encoding.description = Encoding to use for digests (e.g. hex, base64). This is used only if a Message Digest algorithm is specified. If no encoding is specified, hex will be used.
+realmwizard.configure.props.encoding.name = Digest Encoding
+realmwizard.configure.props.groupsURI.description = The location of a properties file (relative to the Geronimo home dir) holding group information. The format of each line should be <tt>group=user,user,...</tt>.
+realmwizard.configure.props.groupsURI.name = Groups File URI
+realmwizard.configure.props.usersURI.description = The location of a properties file (relative to the Geronimo home dir) holding user/password information. The format of each line should be <tt>username=password</tt>.
+realmwizard.configure.props.usersURI.name = Users File URI
+realmwizard.configure.title = <b>Create Security Realm</b> -- Step 2: Configure Login Module
+realmwizard.edit.configurationOptionsExp = Any configuration options necessary for the login module, in the standard Java properties format (one per line, <tt>name=value</tt>)
+realmwizard.edit.controlFlagExp = The control flag for the login module, which controls what happens to the overall login processing if this login module succeeds or fails. For more information see
+realmwizard.edit.ifLeaveBlank = If you don't need to use as many login modules as there are entries below,just leave the extra ones blank.
+realmwizard.edit.loginDomainExp = The login domain for this login module, which must be unique among all modules in the security realm. This can be used to distinguish principals from two otherwise identical login modules (for example, from two LDAP login modules pointing to two different LDAP servers)
+realmwizard.edit.loginModuleClassExp = The fully-qualified class name for the login module.
+realmwizard.edit.loginModuleJAR = Login Module JAR
+realmwizard.edit.loginModuleJARExp = The jar containing Login Module and Principal classes.
+realmwizard.edit.realmNameExp = A name that is different than the name for any other security realms in the server (no spaces in the name please). Other components will use this name to refer to the security realm.
+realmwizard.edit.serverSideExp = Server-side login modules are executed within the application server (this is normally correct). Client-side login modules are executed in the client's environment, for example, in order to use single sign-on features of the client OS.
+realmwizard.edit.summary = <p>This page edits a new or existing security realm.</p><p>A security realm may have one or more login modules. Many simple realms have only one login module. Additional login modules may be used to access more underlying security information stores, or to add functionality such as auditing to a realm without affecting the authentication process for the realm.</p>
+realmwizard.edit.supportAdvancedMappingExp = Normally Geronimo can't distinguish between two different principals that have the same name and same principal class but were produced by two different login modules. If this option is enabled, Geronimo will "wrap" principals to track which login module and realm each principal came from. This lets you use the "realm-principal" and "login-domain-principal" elements in your security mapping in Geronimo deployment plans.
+realmwizard.list.noSecurityRealms = There are no security realms defined
+realmwizard.list.seeExamples = For each realm listed, you can click the <b>usage</b> link to see examples of how to use the realm from your application.\r\n
+realmwizard.list.title = This page lists all the available security realms. Server-wide security realms can be edited, while security realms deployed as part of a single application cannot (change the deployment plan in the application instead).
+realmwizard.selectType.nameOfSecurityRealmExp = A name that is different than the name for any other security realms in the server (no spaces in the name please). Other components will use this name to refer to the security realm.
+realmwizard.selectType.realmTypeExp = The type of login module used as the master for this security realm. Select "Other" for manual configuration options including custom login modules and realms that use multiple login modules to populate user principals.
+realmwizard.selectType.title = <b>Create Security Realm</b> -- Step 1: Select Name and Type
+realmwizard.showPlan.addToEARExp = Instead of deploying as a top-level security realm, you can deploy this realm as part of an EAR. To add a security realm to an EAR using this plan, create a <tt>META-INF/geronimo-application.xml</tt> file in your EAR that has the <tt>dependency</tt> elements (if any) and <tt>gbean</tt> elements from the plan above. It should look something like this:
+realmwizard.showPlan.deployCommandExp = To deploy a security realm from the command line using this plan, copy and paste it to a file (say, <tt>security-realm.xml</tt>) and save it. Then run a command like:
+realmwizard.showPlan.title = <b>Create Security Realm</b> -- Show Deployment Plan
+realmwizard.testLogin.passwordExp = The password to use to log in to the realm.
+realmwizard.testLogin.summary = From here you can enter a username and password for the main login module in the realm, and see if the login is successful and which Principals are generated for the user. This is meant to be an indication of whether the settings for the main login module are correct. It does not invoke advanced features such as auditing or lockout.
+realmwizard.testLogin.title = <b>Create Security Realm</b> -- Step 4: Test Login
+realmwizard.testLogin.usernameExp = The username to use to log in to the realm.
+realmwizard.testResults.testResults = Test Results
+realmwizard.testResults.title = <b>Create Security Realm</b> -- Step 5: Login Results
+realmwizard.usage.applicationCode = Application Code
+realmwizard.usage.applicationCodeExp = <p>No special application code is required to work with security roles.</p><p>If an application calls <tt>HttpServletRequest.getUserPrincipal()</tt>, Geronimo will return a principal where the principal class implements <tt>GeronimoCallerPrincipal</tt> -- normally a username (since <tt>GeronimoUserPrincipal</tt> implements <tt>GeronimoCallerPrincipal</tt>). If you're using a custom login module and getting the wrong results for <tt>getUserPrincipal</tt>, try making your user principal class implement <tt>GeronimoCallerPrincipal</tt>.</p> <p>If an application calls <tt>HttpServletRequest.isUserInRole(role)</tt>, Geronimo will return true or false depending on whether any of the principals assigned to that user by the realm's login modules were listed in the role mapping above.</p>
+realmwizard.usage.geronimoWebXmlLater = <p>This example indicated that {0} will be used to handle all logins to the web application. Then it maps the <tt>admin</tt> role to a combination of one user (<tt>root</tt>) and one group (<tt>administrators</tt>), using a combination of the principal classes and principal names. (Note that if {0} uses a custom login module, the principal classes may be different, but the ones listed above are used for users and groups by all the standard Geronimo login modules.)</p> <p>It's also possible to configure separate login modules to use separate login domain names, and then use the login domain names in the role mapping (so a user "root" from login domain "Foo" is different from a user "root" from login domain "Bar"), but this is only important if you have multiple login modules assigning principals to the users.</p> <p> Finally, if the <tt>security</tt> section is declared in an EAR <tt>application.xml</tt> deploy
ment descriptor, there's no need to repeat it in any of the modules inside the EAR -- they'll all share the same role mapping information.</p>
+realmwizard.usage.geronimoWebXmlPreface = <p>To configure the security realm and the members of each role, the web application needs to have a <tt>geronimo-web.xml</tt> deployment plan. That may be packaged in the WAR in the <tt>WEB-INF</tt> directory, or it may be provided separately on the command line to the deploy tool.</p> <p>The <tt>geronimo-web.xml</tt> plan should have a <tt>security-realm-name</tt> element indicating which realm will be used to authenticate logins to the web application. It also needs to have a <tt>security</tt> element listing the users or groups who should be members of each <tt>security-role</tt> listed in <tt>web.xml</tt>.</p>
+realmwizard.usage.title = This page talks about how to use the security realm {0} from a J2EE application. The example here is a web application, but other application modules would work similarly.
+realmwizard.usage.webXmlShouldHave = <p>The <tt>web.xml</tt> should have</p><ul> <li>One or more <tt>security-constraint</tt> blocks designating the protected pages or URLs</li> <li>A <tt>login-config</tt> section configuring the login style for the application</li> <li>One or more <tt>security-role</tt> blocks listing the security roles used by the application</li></ul>