You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by da...@apache.org on 2005/12/12 06:27:58 UTC
svn commit: r356160 [10/11] - in
/geronimo/branches/1.0/modules/scripts/src/resources/docs: ./
Administrative tasks_attachments/ Apache Geronimo V1 -
Documentation_attachments/ Architecture_attachments/ Configuring
LDAP_attachments/ Geronimo Administra...
Added: geronimo/branches/1.0/modules/scripts/src/resources/docs/Login into Geronimo.html
URL: http://svn.apache.org/viewcvs/geronimo/branches/1.0/modules/scripts/src/resources/docs/Login%20into%20Geronimo.html?rev=356160&view=auto
==============================================================================
--- geronimo/branches/1.0/modules/scripts/src/resources/docs/Login into Geronimo.html (added)
+++ geronimo/branches/1.0/modules/scripts/src/resources/docs/Login into Geronimo.html Sun Dec 11 21:27:20 2005
@@ -0,0 +1,154 @@
+<html>
+ <head>
+ <title>Geronimo : Login into Geronimo</title>
+ <link rel="stylesheet" href="styles/site.css" type="text/css" />
+ <META http-equiv="Content-Type" content="text/html; charset=UTF-8">
+ </head>
+
+ <body>
+ <table class="pagecontent" border="0" cellpadding="0" cellspacing="0" width="100%" bgcolor="#ffffff">
+ <tr>
+ <td valign="top" class="pagebody">
+ <div class="pageheader">
+ <span class="pagetitle">
+ Geronimo : Login into Geronimo
+ </span>
+ </div>
+ <div class="pagesubheading">
+ This page last changed on Nov 16, 2005 by <font color="#0050B2">hcunico@gmail.com</font>.
+ </div>
+
+
+<p><a name="LoginintoGeronimo-top"></a></p>
+
+<p><em><b>Article donated by:</b> <a href="mailto:simon@godik.com" title="Send mail to Simon Godik">Simon Godik</a>, <a href="mailto:hcunico@gmail.com" title="Send mail to Hernan Cunico">Hernan Cunico</a></em></p>
+
+<h1><a name="LoginintoGeronimo-LoginServiceAPI"></a>Login Service API</h1>
+<p>Login into Geronimo is mediated by the <b>Login Service</b> implemented by the <tt>org.apache.geronimo.security.server.JaasLoginService</tt> gbean. To login into the server is to establish a <b>security session</b> with the Login Service. Login Service will perform authentication based on the application security requirements. Application security requirements are enforced by the <b>security realm</b>. Client application tells Geronimo server the name of the security realm it wants to use. Refer to the <a href="Geronimo and JAAS.html" title="Geronimo and JAAS">Geronimo and JAAS</a> section for a discussion on the name parameter passed by the client to the security implementation.</p>
+
+<p>It is useful to look briefly at the org.apache.geronimo.security.server.JaasLoginService API:</p>
+
+<ul>
+ <li><b>JaasSessionId connectToRealm(String realm-name)</b><br/>
+This method allows client to select the security realm and to initiate security session. <b>Security-session-id</b> is returned to the client. <br/>
+Client is supposed to hold on to it.</li>
+</ul>
+
+
+<ul>
+ <li><b>JaasLoginModuleConfiguration[] getLoginConfiguration(JaasSessionId session-id)</b> <a name="LoginintoGeronimo-JaasLoginModuleConfiguration"></a><br/>
+Return array of <b>login module configurations</b> for the security realm associated with the <b>session-id</b>.<br/>
+JaasLoginModuleConfiguration includes login module name, control flag, login module options, etc.</li>
+</ul>
+
+
+<ul>
+ <li><b>boolean performLogin(JaasSessionId session-id, int login-configuration-idx, Callback[] callbacks)</b><br/>
+Perform login for the login module in the security realm associated with the session-id.<br/>
+Login module is selected by the login-configuration-idx.<br/>
+Callbacks is the array of Callback objects required by the login module and populated by the client.</li>
+</ul>
+
+
+<ul>
+ <li><b>boolean performCommit(JaasSessionId session-id, int login-configuration-idx)</b><br/>
+<b>Commit</b> login results the login modules in the security realm associated with the session-id. <br/>
+Login module is selected by the login-configuration-idx parameter.</li>
+</ul>
+
+
+<ul>
+ <li><b>Principal loginSucceed(JaasSessionId session-id)</b><br/>
+<b>Signal</b> that overall login succeeded for the <b>security session</b>. This method returns <b>IdentificationPrincipal</b> for the session.</li>
+</ul>
+
+
+<ul>
+ <li><b>Set synchPrincipals(JaasSessionId session-id, Set principals)</b><br/>
+<b>Synchronize</b> principals between <b>client-side subject</b> and <b>session subject</b>. All principals from the client subject are added to the session subject and <br/>
+serializable principals from the session subject are added to the client subject.</li>
+</ul>
+
+
+
+<table cellpadding='5' width='85%' cellspacing='8px' class='infoMacro' border="0" align='center'><colgroup><col width='24'><col></colgroup><tr><td valign='top'><img src="icons/emoticons/information.gif" width="16" height="16" align="absmiddle" alt="" border="0"></td><td>Any client that has a reference to the JaasLoginService gbean can use it's API to log into Geronimo.</td></tr></table>
+
+<h1><a name="LoginintoGeronimo-LoginintoGeronimotheportableway%3AJaasLoginCoordinator"></a>Login into Geronimo the portable way: JaasLoginCoordinator <a name="LoginintoGeronimo-JaasLoginCoordinator"></a></h1>
+<p>Client side in the Geronimo login process is represented by the <tt>org.apache.geronimo.security.jaas.client.JaasLoginCoordinator</tt> login module. <b>JaasLoginCoordinator</b> drives login process using the <b>Geronimo Login Service API</b> and computes authentication result based on the JAAS login module combination semantics.</p>
+
+<p>As a <b>Login Module</b>, JaasLoginCoordinator can be configured in the remote client or in the Geronimo server for use by the locally deployed component (such as a servlet).</p>
+
+<p>JaasLoginCoordinator is invoked by the JAAS framework (as any other login module would be) in a sequence of <b><tt>initialize</tt></b>, <b><tt>login</tt></b>, and <b><tt>commit</tt></b> calls. </p>
+
+<p>Next you can at each step more in detail.</p>
+
+<h4><a name="LoginintoGeronimo-JaasLoginCoordinator.initialize%28%29"></a>JaasLoginCoordinator.initialize()</h4>
+<p>On initialization step, JaasLoginCoordinator connects to the Login Service etc. Because JaasLoginCoordinator represents authentication client, it keeps it's own Subject instance.</p>
+
+<h4><a name="LoginintoGeronimo-JaasLoginCoordinator.login%28%29"></a>JaasLoginCoordinator.login()</h4>
+<p><b>Step 1:</b> Initiate security session with the Login Service by calling connectToRealm(realmName); Realm name is passed as an input parameter from the application.<br/>
+A new <b>security session</b> is started by the Login Service and saved in the <b>active-logins</b> map. Security session identifier is returned to the <b>JaasLoginCoordinator</b>.</p>
+
+<p>Two notes should be made here:</p>
+<ul>
+ <li>One is that <b>the security session holds an instance of it's own Subject</b> (distinct from the Subject held in the JaasLoginCoordinator). This Subject will be populated with principals from the login modules configured into security realm.</li>
+ <li>The other is that each <tt>JaasLoginModuleConfiguration</tt> within security session contains <tt>wrapPrincipals</tt> boolean flag. If set to true, the login module (<b>Login Domain</b>) will be wrapped with the special <b>login module proxy</b>. The type of this proxy is <tt>org.apache.geronimo.security.jaas.WrappingLoginModuleProxy</tt> and it has special behavior within it's commit() method. It produces additional <b>Principals</b> that hold association of a <b>principal to the login domain</b> and a <b>principal to the security realm</b>.</li>
+</ul>
+
+
+<p>In particular <tt>org.apache.geronimo.security.DomainPrincipal</tt> will be added for every Principal instance instantiated by the original login module (login domain) and RealmPrincipal will be added for each DomainPrincipal when login module is committed.</p>
+
+<p><b>Step 2:</b> Based on the <b>security-session-id</b> retrieve an array of JAAS login module configurations wired into the security realm by calling: <br/>
+<tt>JaasLoginModuleConfiguration[] getLoginConfiguration(JaasSessionId session-id)</tt>. For further details refer to <a href="#LoginintoGeronimo-JaasLoginModuleConfiguration" title="JaasLoginModuleConfiguration on Login into Geronimo">JaasLoginModuleConfiguration</a> in the Login Service API section.</p>
+
+<p><b>Step 3:</b> Having to account for the remote and local scenarios, the <tt>JaasLoginCoordinator</tt> wraps each login-module in the <tt>JaasLoginModuleConfiguration[]</tt> array it got from the <tt>JaasLoginService</tt> with the <tt>LoginModuleProxies</tt>. <tt>LoginModuleProxies</tt> are login modules themselves (obviously). <tt>LoginModuleProxy</tt> is sub-classed with the <tt>ServerLoginProxy</tt> and <tt>ClientLoginProxy</tt>. <tt>ClientLoginProxy</tt> is further sub-classed by the <tt>WrappingClientLoginProxy</tt>.</p>
+
+<p>We are now going to concentrate on the <tt>ServerLoginProxy</tt>. In keeping with the JAAS API, login modules wrapped by the login module proxies are invoked with the <b><tt>initialize</tt></b>, <tt><b>login</tt></b>, and <b><tt>commit</tt></b> sequence.</p>
+
+<p>There are several details you have to keep in mind about this. </p>
+<ul>
+ <li>The Subject instance passed to the <tt>initialize()</tt> method for every login module proxy is <tt>JaasLoginCoordinator</tt> owned Subject instance (representing Subject on the <b>client side</b>).</li>
+ <li>Callback handler is passed by the client that initiated login procedure (for example a servlet).</li>
+ <li>Shared state for login modules is synchronized between <tt>JaasLoginCoordinator</tt> (the client side) and <tt>JaasLoginService</tt> (the server side) at the end of initialization loop.</li>
+</ul>
+
+
+<p><b>Step 4:</b> Let the login procedure begin! Here is the place where the <b>JAAS login module semantic</b> is actually enforced by comparing the result of the <tt>login()</tt> method call for each login module proxy and login module configuration control flag. For further details on this procedure refer to the <a href="Geronimo and JAAS.html" title="Geronimo and JAAS">Geronimo and JAAS</a> section.</p>
+
+<p>Note that this computation is done by the <b><tt>JaasLoginCoordinator</tt></b> which is <b>authentication client</b> and not by the <tt>JaasLoginService</tt> itself.</p>
+
+<p>Now we are going to look into what happens within the <tt>ServerLoginProxy.login()</tt> method. There is an array of <tt>ServerLoginProxies[]</tt> that correspond to the array of <tt>JaasLoginModuleConfigurations[]</tt> retrieved from the <tt>JaasLoginService</tt>. Each <tt>ServerLoginProxy</tt> is constructor-injected with the login-module control-flag, client-side Subject, <tt>JaasLoginModuleConfiguration</tt> array index, a reference to the JaasLoginService and <b>security-session-id</b>.</p>
+
+<p><tt>ServerLoginProxy.login()</tt> method first retrieves an array of <tt>Callbacks[]</tt> from the <tt>JaasLoginService</tt> that are configured for the corresponding login module in the <b>security realm</b>: <br/>
+<tt>Callback[] LoginService.getServerLoginCallbacks(security-session-id, login-module-index)</tt>.<br/>
+We leave it out to figure out how it is done. The important thing at this time is that you can pass this callback array to the <b>callback-handler</b> (injected during <b><tt>initialize()</tt></b> method call and supplied by the authentication client (see above)). <tt>callback-handler.handle(Callbacks[])</tt> populates server callbacks array with client data.</p>
+
+<p>Now <tt>ServerLoginProxy.login()</tt> method asks the <tt>JaasLoginService</tt> to perform the actual login by passing it the security-session-id, login-module-configuration index, and an array of populated callbacks. As a result, <b>security-session</b> is retrieved from the <b>active-logins</b> map, and corresponding login module (configured in the <b>security realm</b> under login module index) is invoked to perform the login.</p>
+
+<p>A point to note here is that security realm login modules are initialized at the time when server-side callbacks are retrieved by the <tt>ServerLoginProxy</tt> in preparation for login. (Not an obvious place to look). All information to the security realm login module comes from the security session (it is on the server-side of course).</p>
+
+<p>It looks like we are logged in, or at least close...</p>
+
+<h4><a name="LoginintoGeronimo-JaasLoginCoordinator.commit%28%29"></a>JaasLoginCoordinator.commit()</h4>
+<p>If overall authentication succeeds (according to the security realm policy), <tt>JaasLoginService.commit()</tt> is called. <tt>Login-module-proxy.commit()</tt> is called for every proxy in the login module proxy array. It is here that all principals in the security realm login modules are collected (and possibly wrapped into the <tt>DomainPrincipal</tt> and <tt>RealmPrincipal</tt>) and then added to the <b>Subject</b> in the <b>security session</b> (server-side). At the end of the commit-loop, <tt>Principals</tt> between <tt>JaasLoginCoordinator Subject</tt> (<b>client-side</b>) and <b>security session Subject</b> (<b>server-side</b>) are synchronized. <tt>Principals</tt> from the <tt>JaasLoginCoordinator Subjects</tt> are <b>added</b> to the <b>security session Subject</b> (in case of the server-side <tt>JaasLoginCoordinator</tt> this is an empty set) and serializable <tt>Principals</tt> from the security session Subject are added to the <tt>JaasLoginCoordinator Subject
</tt>.</p>
+
+<p>At the very end <tt>JaasLoginCoordinator.commit()</tt> method notifies the <tt>JaasLoginService</tt> of login success: <tt>LoginService.loginSucceed(security-session-id)</tt>. As a result, <tt>JaasLoginService</tt> registers it's session Subject with the <tt>ContextManager</tt> and generates a <b>subject-id</b> based on the Subject. It then wraps this subject-id into the <tt>IdentificationPrincipal</tt>, adds it to the set of <tt>Principals</tt> in the <tt>Subject</tt> and returns <tt>IdentificationPrincipal</tt> to the <tt>JaasLoginCoordinator</tt>.</p>
+
+<p><tt>JaasLoginCoordinator</tt> adds <tt>IndentificationPrincipal</tt> into it's own Subject.</p>
+
+<p><b>Authentication complete!!!</b></p>
+
+
+ </td>
+ </tr>
+ </table>
+ <table border="0" cellpadding="0" cellspacing="0" width="100%">
+ <tr>
+ <td height="12" background="border/border_bottom.gif"><img src="border/spacer.gif" width="1" height="1" border="0"/></td>
+ </tr>
+ <tr>
+ <td align="center"><font color="grey">Document generated by Confluence on Dec 09, 2005 22:10</font></td>
+ </tr>
+ </table>
+ </body>
+</html>
\ No newline at end of file
Propchange: geronimo/branches/1.0/modules/scripts/src/resources/docs/Login into Geronimo.html
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: geronimo/branches/1.0/modules/scripts/src/resources/docs/Login into Geronimo.html
------------------------------------------------------------------------------
svn:executable = *
Added: geronimo/branches/1.0/modules/scripts/src/resources/docs/Maintenance.html
URL: http://svn.apache.org/viewcvs/geronimo/branches/1.0/modules/scripts/src/resources/docs/Maintenance.html?rev=356160&view=auto
==============================================================================
--- geronimo/branches/1.0/modules/scripts/src/resources/docs/Maintenance.html (added)
+++ geronimo/branches/1.0/modules/scripts/src/resources/docs/Maintenance.html Sun Dec 11 21:27:20 2005
@@ -0,0 +1,39 @@
+<html>
+ <head>
+ <title>Geronimo : Maintenance</title>
+ <link rel="stylesheet" href="styles/site.css" type="text/css" />
+ <META http-equiv="Content-Type" content="text/html; charset=UTF-8">
+ </head>
+
+ <body>
+ <table class="pagecontent" border="0" cellpadding="0" cellspacing="0" width="100%" bgcolor="#ffffff">
+ <tr>
+ <td valign="top" class="pagebody">
+ <div class="pageheader">
+ <span class="pagetitle">
+ Geronimo : Maintenance
+ </span>
+ </div>
+ <div class="pagesubheading">
+ This page last changed on Dec 01, 2005 by <font color="#0050B2">hcunico@gmail.com</font>.
+ </div>
+
+
+<p><a name="Maintenance-top"></a></p>
+
+<p><em><b>Article donated by:</b> <a href="mailto:hcunico@gmail.com" title="Send mail to Hernan Cunico">Hernan Cunico</a></em></p>
+
+
+ </td>
+ </tr>
+ </table>
+ <table border="0" cellpadding="0" cellspacing="0" width="100%">
+ <tr>
+ <td height="12" background="border/border_bottom.gif"><img src="border/spacer.gif" width="1" height="1" border="0"/></td>
+ </tr>
+ <tr>
+ <td align="center"><font color="grey">Document generated by Confluence on Dec 09, 2005 22:10</font></td>
+ </tr>
+ </table>
+ </body>
+</html>
\ No newline at end of file
Propchange: geronimo/branches/1.0/modules/scripts/src/resources/docs/Maintenance.html
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: geronimo/branches/1.0/modules/scripts/src/resources/docs/Maintenance.html
------------------------------------------------------------------------------
svn:executable = *
Added: geronimo/branches/1.0/modules/scripts/src/resources/docs/Mapping J2EE Roles in M5 release.html
URL: http://svn.apache.org/viewcvs/geronimo/branches/1.0/modules/scripts/src/resources/docs/Mapping%20J2EE%20Roles%20in%20M5%20release.html?rev=356160&view=auto
==============================================================================
--- geronimo/branches/1.0/modules/scripts/src/resources/docs/Mapping J2EE Roles in M5 release.html (added)
+++ geronimo/branches/1.0/modules/scripts/src/resources/docs/Mapping J2EE Roles in M5 release.html Sun Dec 11 21:27:20 2005
@@ -0,0 +1,86 @@
+<html>
+ <head>
+ <title>Geronimo : Mapping J2EE Roles in M5 release</title>
+ <link rel="stylesheet" href="styles/site.css" type="text/css" />
+ <META http-equiv="Content-Type" content="text/html; charset=UTF-8">
+ </head>
+
+ <body>
+ <table class="pagecontent" border="0" cellpadding="0" cellspacing="0" width="100%" bgcolor="#ffffff">
+ <tr>
+ <td valign="top" class="pagebody">
+ <div class="pageheader">
+ <span class="pagetitle">
+ Geronimo : Mapping J2EE Roles in M5 release
+ </span>
+ </div>
+ <div class="pagesubheading">
+ This page last changed on Nov 21, 2005 by <font color="#0050B2">hcunico@gmail.com</font>.
+ </div>
+
+
+<p><a name="MappingJ2EERolesinM5release-top"></a></p>
+
+<p><em><b>Article donated by:</b> <a href="mailto:simon@godik.com" title="Send mail to Simon Godik">Simon Godik</a>, <a href="mailto:hcunico@gmail.com" title="Send mail to Hernan Cunico">Hernan Cunico</a></em></p>
+
+<p>The security schema namespace for the Apache Geronimo M5 is "http://geronimo.apache.org/xml/ns/security-1.0"</p>
+
+<p>Geronimo M5 and earlier versions do not support concepts of the <tt>DomainPrincipal</tt> and <tt>RealmPrincipal</tt>. When wrapping J2EE roles to Principals, <tt>Principal</tt> elements are wrapped by the <tt>Realm</tt> elements.</p>
+
+<div class="code" style="border-style: solid; "><div class="codeContent">
+<pre class="code-xml"><span class="code-tag"><xsd:complexType name=<span class="code-quote">"roleType"</span>></span>
+ <span class="code-tag"><xsd:sequence></span>
+ <xsd:element name=<span class="code-quote">"description"</span> type=<span class="code-quote">"security-1.0:descriptionType"</span>
+ minOccurs=<span class="code-quote">"0"</span> maxOccurs=<span class="code-quote">"unbounded"</span>/>
+ <xsd:element name=<span class="code-quote">"realm"</span> type=<span class="code-quote">"security-1.0:realmType"</span> minOccurs=<span class="code-quote">"0"</span>
+ maxOccurs=<span class="code-quote">"unbounded"</span>/>
+ <xsd:element name=<span class="code-quote">"distinguished-name"</span>
+ type=<span class="code-quote">"security-1.0:distinguishedNameType"</span> minOccurs=<span class="code-quote">"0"</span>
+ maxOccurs=<span class="code-quote">"unbounded"</span>/>
+ <span class="code-tag"></xsd:sequence></span>
+ <span class="code-tag"><xsd:attribute name=<span class="code-quote">"role-name"</span> type=<span class="code-quote">"xsd:string"</span> use=<span class="code-quote">"required"</span>/></span>
+<span class="code-tag"></xsd:complexType></span></pre>
+</div></div>
+
+<div class="code" style="border-style: solid; "><div class="codeContent">
+<pre class="code-xml"><span class="code-tag"><?xml version=<span class="code-quote">"1.0"</span> encoding=<span class="code-quote">"UTF-8"</span>?></span>
+<web-app
+ xmlns=<span class="code-quote">"http://geronimo.apache.org/xml/ns/j2ee/web-1.0"</span>
+ <span class="code-keyword">xmlns:sec</span>=<span class="code-quote">"http://geronimo.apache.org/xml/ns/security-1.0"</span>
+ configId=<span class="code-quote">"org/apache/geronimo/tools/JMXConsole"</span>
+ parentId=<span class="code-quote">"org/apache/geronimo/Server"</span>>
+
+ <span class="code-tag"><context-root></span>/example<span class="code-tag"></context-root></span>
+ <span class="code-tag"><context-priority-classloader></span>false<span class="code-tag"></context-priority-classloader></span>
+
+ <span class="code-tag"><security-realm-name></span>geronimo-properties-realm<span class="code-tag"></security-realm-name></span>
+ <span class="code-tag"><sec:security></span>
+ <span class="code-tag"><sec:default-principal realm-name=<span class="code-quote">"geronimo-properties-realm"</span>></span>
+ <span class="code-tag"><sec:principal class=<span class="code-quote">"org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"</span> name=<span class="code-quote">"system"</span>/></span>
+ <span class="code-tag"></sec:default-principal></span>
+ <span class="code-tag"><sec:role-mappings></span>
+ <span class="code-tag"><sec:role role-name=<span class="code-quote">"admin"</span>></span>
+ <span class="code-tag"><sec:realm realm-name=<span class="code-quote">"geronimo-properties-realm"</span>></span>
+ <sec:principal class=<span class="code-quote">"org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal"</span>
+ name=<span class="code-quote">"admin"</span> designated-run-as=<span class="code-quote">"true"</span>/>
+ <span class="code-tag"></sec:realm></span>
+ <span class="code-tag"></sec:role></span>
+ <span class="code-tag"></sec:role-mappings></span>
+ <span class="code-tag"></sec:security></span>
+<span class="code-tag"></web-app></span></pre>
+</div></div>
+
+
+ </td>
+ </tr>
+ </table>
+ <table border="0" cellpadding="0" cellspacing="0" width="100%">
+ <tr>
+ <td height="12" background="border/border_bottom.gif"><img src="border/spacer.gif" width="1" height="1" border="0"/></td>
+ </tr>
+ <tr>
+ <td align="center"><font color="grey">Document generated by Confluence on Dec 09, 2005 22:10</font></td>
+ </tr>
+ </table>
+ </body>
+</html>
\ No newline at end of file
Propchange: geronimo/branches/1.0/modules/scripts/src/resources/docs/Mapping J2EE Roles in M5 release.html
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: geronimo/branches/1.0/modules/scripts/src/resources/docs/Mapping J2EE Roles in M5 release.html
------------------------------------------------------------------------------
svn:executable = *
Added: geronimo/branches/1.0/modules/scripts/src/resources/docs/Migrating to Apache Geronimo.html
URL: http://svn.apache.org/viewcvs/geronimo/branches/1.0/modules/scripts/src/resources/docs/Migrating%20to%20Apache%20Geronimo.html?rev=356160&view=auto
==============================================================================
--- geronimo/branches/1.0/modules/scripts/src/resources/docs/Migrating to Apache Geronimo.html (added)
+++ geronimo/branches/1.0/modules/scripts/src/resources/docs/Migrating to Apache Geronimo.html Sun Dec 11 21:27:20 2005
@@ -0,0 +1,60 @@
+<html>
+ <head>
+ <title>Geronimo : Migrating to Apache Geronimo</title>
+ <link rel="stylesheet" href="styles/site.css" type="text/css" />
+ <META http-equiv="Content-Type" content="text/html; charset=UTF-8">
+ </head>
+
+ <body>
+ <table class="pagecontent" border="0" cellpadding="0" cellspacing="0" width="100%" bgcolor="#ffffff">
+ <tr>
+ <td valign="top" class="pagebody">
+ <div class="pageheader">
+ <span class="pagetitle">
+ Geronimo : Migrating to Apache Geronimo
+ </span>
+ </div>
+ <div class="pagesubheading">
+ This page last changed on Nov 16, 2005 by <font color="#0050B2">hcunico@gmail.com</font>.
+ </div>
+
+
+<p><a name="MigratingtoApacheGeronimo-top"></a></p>
+
+<p><em><b>Article donated by:</b> <a href="mailto:hcunico@gmail.com" title="Send mail to Hernan Cunico">Hernan Cunico</a></em></p>
+
+<h1><a name="MigratingtoApacheGeronimo-MigratingtoApacheGeronimo"></a>Migrating to Apache Geronimo </h1>
+<p>The following are a series of articles to assist you to migrate applications from JBoss v4 to Apache Geronimo. At the time of writing these articles JBoss v4.0.2 and Apache Geronimo M5 was used.</p>
+
+<p>There are several articles focusing on different features/functionalities of the J2EE specification. All these articles are self contained and fully independent from each other. They provide feature-to-feature comparison analysis between the differences in the implementation from JBoss to Apache Geronimo, this will particularly help you when doing the migration planning.</p>
+
+<p>Additionally, each article provides a sample application for you to practice and gain experience migrating from one platform to another. All these articles have the same internal structure so it will be easier for you to find similar information about different topics across the articles.</p>
+
+<p>Available articles:</p>
+<ol>
+ <li><a href="JBoss to Geronimo - Servlets and JSPs Migration.html" title="JBoss to Geronimo - Servlets and JSPs Migration">JBoss to Geronimo \- Servlets and JSPs Migration</a></li>
+ <li><a href="JBoss to Geronimo - JDBC Migration.html" title="JBoss to Geronimo - JDBC Migration">JBoss to Geronimo \- JDBC Migration</a></li>
+ <li><a href="JBoss to Geronimo - Security Migration.html" title="JBoss to Geronimo - Security Migration">JBoss to Geronimo \- Security Migration</a></li>
+ <li><a href="JBoss to Geronimo - JCA Migration.html" title="JBoss to Geronimo - JCA Migration">JBoss to Geronimo \- JCA Migration</a></li>
+ <li><a href="JBoss to Geronimo - Web Services Migration.html" title="JBoss to Geronimo - Web Services Migration">JBoss to Geronimo \- Web Services Migration</a></li>
+ <li><a href="JBoss to Geronimo - EJB-BMP Migration.html" title="JBoss to Geronimo - EJB-BMP Migration">JBoss to Geronimo \- EJB\-BMP Migration</a></li>
+ <li><a href="JBoss to Geronimo - EJB-MDB Migration.html" title="JBoss to Geronimo - EJB-MDB Migration">JBoss to Geronimo \- EJB\-MDB Migration</a></li>
+ <li><a href="JBoss to Geronimo - EJB-Session Beans Migration.html" title="JBoss to Geronimo - EJB-Session Beans Migration">JBoss to Geronimo \- EJB\-Session Beans Migration</a></li>
+ <li><a href="JBoss to Geronimo - EJB-CMP Migration.html" title="JBoss to Geronimo - EJB-CMP Migration">JBoss to Geronimo \- EJB\-CMP Migration</a></li>
+</ol>
+
+
+
+ </td>
+ </tr>
+ </table>
+ <table border="0" cellpadding="0" cellspacing="0" width="100%">
+ <tr>
+ <td height="12" background="border/border_bottom.gif"><img src="border/spacer.gif" width="1" height="1" border="0"/></td>
+ </tr>
+ <tr>
+ <td align="center"><font color="grey">Document generated by Confluence on Dec 09, 2005 22:10</font></td>
+ </tr>
+ </table>
+ </body>
+</html>
\ No newline at end of file
Propchange: geronimo/branches/1.0/modules/scripts/src/resources/docs/Migrating to Apache Geronimo.html
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: geronimo/branches/1.0/modules/scripts/src/resources/docs/Migrating to Apache Geronimo.html
------------------------------------------------------------------------------
svn:executable = *
Added: geronimo/branches/1.0/modules/scripts/src/resources/docs/Performance and high availability.html
URL: http://svn.apache.org/viewcvs/geronimo/branches/1.0/modules/scripts/src/resources/docs/Performance%20and%20high%20availability.html?rev=356160&view=auto
==============================================================================
--- geronimo/branches/1.0/modules/scripts/src/resources/docs/Performance and high availability.html (added)
+++ geronimo/branches/1.0/modules/scripts/src/resources/docs/Performance and high availability.html Sun Dec 11 21:27:20 2005
@@ -0,0 +1,44 @@
+<html>
+ <head>
+ <title>Geronimo : Performance and high availability</title>
+ <link rel="stylesheet" href="styles/site.css" type="text/css" />
+ <META http-equiv="Content-Type" content="text/html; charset=UTF-8">
+ </head>
+
+ <body>
+ <table class="pagecontent" border="0" cellpadding="0" cellspacing="0" width="100%" bgcolor="#ffffff">
+ <tr>
+ <td valign="top" class="pagebody">
+ <div class="pageheader">
+ <span class="pagetitle">
+ Geronimo : Performance and high availability
+ </span>
+ </div>
+ <div class="pagesubheading">
+ This page last changed on Nov 21, 2005 by <font color="#0050B2">hcunico@gmail.com</font>.
+ </div>
+
+
+<p><a name="Performanceandhighavailability-top"></a></p>
+
+<p><em><b>Article donated by:</b> <a href="mailto:hcunico@gmail.com" title="Send mail to Hernan Cunico">Hernan Cunico</a></em></p>
+
+<p>Here is a document with performance analysis on Geronimo M5 using DayTrader, <a href="http://www-1.ibm.com/support/docview.wss?uid=swg27006724&aid=1" title="Visit page outside Confluence">Geronimo_Performance_BaseLine-20051007.pdf</a></p>
+
+<h1><a name="Performanceandhighavailability-Scalability"></a>Scalability </h1>
+<h1><a name="Performanceandhighavailability-Clustering"></a>Clustering </h1>
+
+
+ </td>
+ </tr>
+ </table>
+ <table border="0" cellpadding="0" cellspacing="0" width="100%">
+ <tr>
+ <td height="12" background="border/border_bottom.gif"><img src="border/spacer.gif" width="1" height="1" border="0"/></td>
+ </tr>
+ <tr>
+ <td align="center"><font color="grey">Document generated by Confluence on Dec 09, 2005 22:10</font></td>
+ </tr>
+ </table>
+ </body>
+</html>
\ No newline at end of file
Propchange: geronimo/branches/1.0/modules/scripts/src/resources/docs/Performance and high availability.html
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: geronimo/branches/1.0/modules/scripts/src/resources/docs/Performance and high availability.html
------------------------------------------------------------------------------
svn:executable = *
Added: geronimo/branches/1.0/modules/scripts/src/resources/docs/Quick start - Apache Geronimo for the impatient.html
URL: http://svn.apache.org/viewcvs/geronimo/branches/1.0/modules/scripts/src/resources/docs/Quick%20start%20-%20Apache%20Geronimo%20for%20the%20impatient.html?rev=356160&view=auto
==============================================================================
--- geronimo/branches/1.0/modules/scripts/src/resources/docs/Quick start - Apache Geronimo for the impatient.html (added)
+++ geronimo/branches/1.0/modules/scripts/src/resources/docs/Quick start - Apache Geronimo for the impatient.html Sun Dec 11 21:27:20 2005
@@ -0,0 +1,207 @@
+<html>
+ <head>
+ <title>Geronimo : Quick start - Apache Geronimo for the impatient</title>
+ <link rel="stylesheet" href="styles/site.css" type="text/css" />
+ <META http-equiv="Content-Type" content="text/html; charset=UTF-8">
+ </head>
+
+ <body>
+ <table class="pagecontent" border="0" cellpadding="0" cellspacing="0" width="100%" bgcolor="#ffffff">
+ <tr>
+ <td valign="top" class="pagebody">
+ <div class="pageheader">
+ <span class="pagetitle">
+ Geronimo : Quick start - Apache Geronimo for the impatient
+ </span>
+ </div>
+ <div class="pagesubheading">
+ This page last changed on Dec 09, 2005 by <font color="#0050B2">system</font>.
+ </div>
+
+ <p><a name="Quickstart-ApacheGeronimofortheimpatient-top"></a><br/>
+<em><b>Article donated by:</b> <a href="mailto:hcunico@gmail.com" title="Send mail to Hernan Cunico">Hernan Cunico</a></em></p>
+
+<p>If you are in a hurry to have Apache Geronimo up and running right away, this article will provide you with some basic steps for downloading, building (when needed) and run the server in no time. This is clearly not a complete guide so you may want to check the other links in the Apache Geronimo V1 \- Documentation Draft main section for further information.</p>
+
+<p>All you need is 5 to 10 minutes and to follow these basic steps.</p>
+<ul>
+ <li><a href="#Quickstart-ApacheGeronimofortheimpatient-Gettingthesoftware" title="Getting the software on Quick start - Apache Geronimo for the impatient">Getting the software</a></li>
+ <li><a href="#Quickstart-ApacheGeronimofortheimpatient-Starttheserver" title="Start the server on Quick start - Apache Geronimo for the impatient">Start the server</a></li>
+ <li><a href="#Quickstart-ApacheGeronimofortheimpatient-Createanddeployasampleapplication" title="Create and deploy a sample application on Quick start - Apache Geronimo for the impatient">Create and deploy a sample application</a></li>
+</ul>
+
+
+<h1><a name="Quickstart-ApacheGeronimofortheimpatient-Gettingthesoftware"></a>Getting the software</h1>
+<p>At this time you have mainly two options to get the software. You can either download the latest, and stable, major milestone (namely M4, M5...) or get the latest available build (unstable sometimes). The fastest and easiest way is to get the binary directly from the Apache site. Since this article is intended to help you to have Apache Geronimo up and running in the fastest way only the binary download will be covered at this time.</p>
+
+<h2><a name="Quickstart-ApacheGeronimofortheimpatient-Prerequisites"></a>Prerequisites</h2>
+<p>Although this installation path is the fastest one, still you will need to install some software before installing Geronimo.</p>
+
+<h3><a name="Quickstart-ApacheGeronimofortheimpatient-J2SE1.4.2"></a>J2SE 1.4.2</h3>
+<p>Geronimo is currently using the Sun ORB for RMI so it is required to use SUN JDK. <b>Using a different JDK or different version of the JDK may result in compilation errors.</b> Refer to the following URL for details on how to download and install J2SE 1.4.2:<br/>
+<a href="http://java.sun.com" title="Visit page outside Confluence">http://java.sun.com</a></p>
+
+<h2><a name="Quickstart-ApacheGeronimofortheimpatient-Downloadbinaries"></a>Download binaries</h2>
+<p>Depending on the platform you plan to install and run Apache Geronimo you will select the appropriate installation image. Open a Web browser and access the following URL, there you will find the available packages for download (binaries and source code).</p>
+
+<p><a href="http://geronimo.apache.org/downloads.html" title="Visit page outside Confluence">http://geronimo.apache.org/downloads.html</a></p>
+
+<p>Select the file compression format compatible with your system (zip, tar, gz) by clicking directly on the link, download it and expand the binary to your hard drive in a new directory. For example in z:/geronimo, from now on this directory will be referenced as <b><geronimo_home></b>.</p>
+
+<p>The installation of Apache Geronimo is as simple as uncompressing the .zip or .tar files. The next step is to start the server.</p>
+
+<h1><a name="Quickstart-ApacheGeronimofortheimpatient-Starttheserver"></a>Start the server</h1>
+<p>With Apache Geronimo already installed, open a command line console and change directory to <b><geronimo_home>/bin</b>. In that directory you will find some script files (.bat and .sh) and three .jar files. If you look at these three files you will find:</p>
+<ul>
+ <li>client.jar</li>
+ <li>deployer.jar</li>
+ <li>server.jar</li>
+</ul>
+
+
+<p>To start the server run the following command:</p>
+
+<p><tt>java -jar server.jar</tt></p>
+
+<p>Alternatively a script is provided, the <b>startup</b> script will also start the server. Once the server is started you should see the following information on the command line console.</p>
+
+<p><font color="white"><div class="preformatted" style="border-style: solid; "><div class="preformattedContent" style="background-color: #000000; ">
+<pre> E:\geronimo\bin>java -jar server.jar
+Booting Geronimo Kernel (in Java 1.4.2_09)...
+Starting Geronimo Application Server
+[*****************] 100% 25s Startup complete
+ Listening on Ports:
+ 1099 0.0.0.0 RMI Naming
+ 1527 0.0.0.0 Derby Connector
+ 4201 0.0.0.0 ActiveIO Connector EJB
+ 4242 0.0.0.0 Remote Login Listener
+ 8019 0.0.0.0 Tomcat Connector AJP
+ 8080 0.0.0.0 Jetty Connector HTTP
+ 8090 0.0.0.0 Tomcat Connector HTTP
+ 8443 0.0.0.0 Jetty Connector HTTPS
+ 8453 0.0.0.0 Tomcat Connector HTTPS
+ 61616 0.0.0.0 ActiveMQ Message Broker Connector
+ Started Application Modules:
+ EAR: org/apache/geronimo/Console/Jetty
+ WAR: org/apache/geronimo/applications/Welcome/Jetty
+ Web Applications:
+ http://hcunico:8080/
+ http://hcunico:8080/console
+ http://hcunico:8080/console-standard
+Geronimo Application Server started</pre>
+</div></div></font></p>
+
+<p>To test the Apache Geronimo server you can just point your Web browser to the following URL to test the Geronimo Console. The Geronimo Console is the first application you can test, and the good thing is, it is already deployed.</p>
+
+<p><a href="http://localhost:8080/console" title="Visit page outside Confluence">http://localhost:8080/console</a></p>
+
+<p>When prompted enter <b>system</b> as the user name and <b>manager</b> as the password. </p>
+
+<p>The following figure illustrates the Web based console.</p>
+
+<p><img src="Quick start - Apache Geronimo for the impatient_attachments/console_login.jpg" align="absmiddle" border="0" /></p>
+
+<p>At this point you have Apache Geronimo up and running and the time spent has been minimal. The following section will propose a very basic sample JSP and show you how to deploy and run that sample application.</p>
+
+<h1><a name="Quickstart-ApacheGeronimofortheimpatient-Createanddeployasampleapplication"></a>Create and deploy a sample application</h1>
+<p>A <b>HelloWorld</b> like JSP is almost a default for these basic testing and everybody is already familiar with it. Create a new directory to hold all the application related files. From now on this directory will be referred as <b><app_home></b>.</p>
+
+<p>Create a plain text file in the <app_home> directory named <b>HelloWorld.jsp</b> and copy the content of the following example.</p>
+
+<div class="preformatted" style="border-style: solid; "><div class="preformattedHeader" style="border-bottom-style: solid; "><b>HelloWorld.jsp</b></div><div class="preformattedContent">
+<pre><html>
+ <head>
+ <jsp:useBean id="datetime" class="java.util.Date"/>
+ <title>
+ Basic HelloWorld JSP
+ </title>
+ </head>
+ <body bgcolor="#909DB8">
+ <h1>
+ <font face="tahoma" color="white">
+ Hello world from GERONIMO!
+ </font>
+ </h1>
+ <font face="tahoma" color="white">on ${datetime}</font>
+ </body>
+</html></pre>
+</div></div>
+
+<p>Although for such a simple application it is not necessary, you will still create a Geronimo deployment plan so you would get a first view of the deployment plans. Create a directory named <b>WEB-INF</b> inside the <app_home> directory. </p>
+
+<p>Create a plain text file in the <app_home>/WEB-INF directory named <b>geronimo-web.xml</b> and copy the content of the following example.</p>
+
+<div class="code" style="border-style: solid; "><div class="codeHeader" style="border-bottom-style: solid; "><b>Geronimo deployment plan geronimo-web.xml</b></div><div class="codeContent">
+<pre class="code-xml"><span class="code-tag"><?xml version=<span class="code-quote">"1.0"</span>?></span>
+<web-app
+ xmlns=<span class="code-quote">"http://geronimo.apache.org/xml/ns/web"</span>
+ <span class="code-keyword">xmlns:naming</span>=<span class="code-quote">"http://geronimo.apache.org/xml/ns/naming"</span>
+ configId=<span class="code-quote">"HelloWorld"</span>>
+
+ <span class="code-tag"><context-root></span>/hello<span class="code-tag"></context-root></span>
+
+<span class="code-tag"></web-app></span></pre>
+</div></div>
+
+<p>Create a plain text file in the <app_home>/WEB-INF directory named <b>web.xml</b> and copy the content of the following example.</p>
+
+<div class="code" style="border-style: solid; "><div class="codeHeader" style="border-bottom-style: solid; "><b>web.xml</b></div><div class="codeContent">
+<pre class="code-xml"><span class="code-tag"><web-app version=<span class="code-quote">"2.4"</span> xmlns=<span class="code-quote">"http://java.sun.com/xml/ns/j2ee"</span>></span>
+ <span class="code-tag"><welcome-file-list></span>
+ <span class="code-tag"><welcome-file></span>HelloWorld.jsp<span class="code-tag"></welcome-file></span>
+ <span class="code-tag"></welcome-file-list></span>
+<span class="code-tag"></web-app></span></pre>
+</div></div>
+
+<h2><a name="Quickstart-ApacheGeronimofortheimpatient-Packagetheapplication"></a>Package the application</h2>
+
+<p>From a command line window change directory to <app_home> and run the following command to package the HelloWorld application into a single .war file.</p>
+
+<p><b><tt>jar -cvf HelloWorld.war *</tt></b></p>
+
+<p>This will create a HelloWorld.war file in the <app_home> directory. The next step is to deploy this application.</p>
+
+<h2><a name="Quickstart-ApacheGeronimofortheimpatient-Deployandtesttheapplication"></a>Deploy and test the application</h2>
+<p>To deploy the application you have two options, you can use the Geronimo Console or the command line. For this example you will use the command line option. Change directory to <geronimo_home>/bin and run the following command:</p>
+
+<p><b><tt>java -jar deployer.jar --user system --password manager deploy <app_home>/HelloWorld.war</tt></b></p>
+
+<p>Once the application is successfully deployed you should see the following message:</p>
+
+<p><font color="white"><div class="preformatted" style="border-style: solid; "><div class="preformattedContent" style="background-color: #000000; ">
+<pre>
+E:\geronimo\bin>java -jar deployer.jar --user system --password manager deploy E:\HelloWorld\HelloWorld.war
+ Deployed HelloWorld @ http://hcunico:8080/hello</pre>
+</div></div></font></p>
+
+<p>Test the application by pointing a Web browser to the following URL:</p>
+
+<p><a href="http://localhost:8080/hello" title="Visit page outside Confluence">http://localhost:8080/hello</a></p>
+
+<h1><a name="Quickstart-ApacheGeronimofortheimpatient-Summary"></a>Summary</h1>
+<p>This article showed you how simple is to have Apache Geronimo up and running. The overall time for getting the server running should be less than five minutes if you have the prerequisite (Java 1.4.2) already installed. Additionally, this article also showed you how to create, deploy and test a very simple JSP in less than five minutes.</p>
+
+ <br/>
+ <div class="tabletitle">
+ <a name="attachments">Attachments:</a>
+ </div>
+
+ <div class="greybox" align="left">
+ <img src="icons/bullet_blue.gif" height="8" width="8" alt=""/>
+ <a href="Quick start - Apache Geronimo for the impatient_attachments/console_login.jpg">console_login.jpg</a> (image/pjpeg)
+ <br/>
+ </div>
+
+ </td>
+ </tr>
+ </table>
+ <table border="0" cellpadding="0" cellspacing="0" width="100%">
+ <tr>
+ <td height="12" background="border/border_bottom.gif"><img src="border/spacer.gif" width="1" height="1" border="0"/></td>
+ </tr>
+ <tr>
+ <td align="center"><font color="grey">Document generated by Confluence on Dec 09, 2005 22:10</font></td>
+ </tr>
+ </table>
+ </body>
+</html>
\ No newline at end of file
Propchange: geronimo/branches/1.0/modules/scripts/src/resources/docs/Quick start - Apache Geronimo for the impatient.html
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: geronimo/branches/1.0/modules/scripts/src/resources/docs/Quick start - Apache Geronimo for the impatient.html
------------------------------------------------------------------------------
svn:executable = *
Added: geronimo/branches/1.0/modules/scripts/src/resources/docs/Quick start - Apache Geronimo for the impatient_attachments/console_login.jpg
URL: http://svn.apache.org/viewcvs/geronimo/branches/1.0/modules/scripts/src/resources/docs/Quick%20start%20-%20Apache%20Geronimo%20for%20the%20impatient_attachments/console_login.jpg?rev=356160&view=auto
==============================================================================
Binary file - no diff available.
Propchange: geronimo/branches/1.0/modules/scripts/src/resources/docs/Quick start - Apache Geronimo for the impatient_attachments/console_login.jpg
------------------------------------------------------------------------------
svn:executable = *
Propchange: geronimo/branches/1.0/modules/scripts/src/resources/docs/Quick start - Apache Geronimo for the impatient_attachments/console_login.jpg
------------------------------------------------------------------------------
svn:mime-type = image/jpeg
Added: geronimo/branches/1.0/modules/scripts/src/resources/docs/Security Definition Schema.html
URL: http://svn.apache.org/viewcvs/geronimo/branches/1.0/modules/scripts/src/resources/docs/Security%20Definition%20Schema.html?rev=356160&view=auto
==============================================================================
--- geronimo/branches/1.0/modules/scripts/src/resources/docs/Security Definition Schema.html (added)
+++ geronimo/branches/1.0/modules/scripts/src/resources/docs/Security Definition Schema.html Sun Dec 11 21:27:20 2005
@@ -0,0 +1,273 @@
+<html>
+ <head>
+ <title>Geronimo : Security Definition Schema</title>
+ <link rel="stylesheet" href="styles/site.css" type="text/css" />
+ <META http-equiv="Content-Type" content="text/html; charset=UTF-8">
+ </head>
+
+ <body>
+ <table class="pagecontent" border="0" cellpadding="0" cellspacing="0" width="100%" bgcolor="#ffffff">
+ <tr>
+ <td valign="top" class="pagebody">
+ <div class="pageheader">
+ <span class="pagetitle">
+ Geronimo : Security Definition Schema
+ </span>
+ </div>
+ <div class="pagesubheading">
+ This page last changed on Nov 18, 2005 by <font color="#0050B2">hcunico@gmail.com</font>.
+ </div>
+
+
+<p><a name="SecurityDefinitionSchema-top"></a></p>
+
+<p><em><b>Article donated by:</b> <a href="mailto:simon@godik.com" title="Send mail to Simon Godik">Simon Godik</a>, <a href="mailto:hcunico@gmail.com" title="Send mail to Hernan Cunico">Hernan Cunico</a></em></p>
+
+<p>Security schema is the <b>main syntax for the security-related definitions of any deployment plan</b>. Security schema is normally <b>imported</b> by the host schema.<br/>
+Security schema namespace is: <a href="http://geronimo.apache.org/xml/ns/security-1.1" title="Visit page outside Confluence">http://geronimo.apache.org/xml/ns/security-1.1</a> Security schema file is geronimo-security-1.1.xsd.</p>
+
+<p>The usual namespace prefix for the security schema is <tt>security</tt>. So if you want to refer to the elements of this namespace from some other namespace, you will do it this way: <tt>security:security</tt>.</p>
+
+<p>Here is the syntactic reference for the security schema. All security schema types are <b>global</b> (in the xml schema sense). There are only two global security elements: <tt>security:security</tt> and <tt>security:defaultPrincipal</tt>.</p>
+
+<p>Note that although default-principal is declared to be a <b>global</b> element, security schema does not make use of it and defines local default-principal element of the same type every time it needs it.</p>
+
+<p>The following sections describe the syntax and meaning of the security schema element.</p>
+
+<table cellpadding='5' width='85%' cellspacing='8px' class='noteMacro' border="0" align='center'><colgroup><col width='24'><col></colgroup><tr><td valign='top'><img src="icons/emoticons/warning.gif" width="16" height="16" align="absmiddle" alt="" border="0"></td><td> It has been used simple x-path path expressions such as /a/b/c and attribute expressions such as @attribute as a short-hand.</td></tr></table>
+
+<h2><a name="SecurityDefinitionSchema-TypesecurityType"></a>Type securityType</h2>
+<p><tt>security:securityType</tt> is the global type that defines security requirements of an application with respect to the J2EE role mapping to <tt>Principals</tt>.</p>
+
+<div class="code" style="border-style: solid; "><div class="codeContent">
+<pre class="code-xml"><span class="code-tag"><xsd:complexType name=<span class="code-quote">"securityType"</span>></span>
+ <span class="code-tag"><xsd:sequence></span>
+ <xsd:element name=<span class="code-quote">"description"</span> type=<span class="code-quote">"security:descriptionType"</span>
+ minOccurs=<span class="code-quote">"0"</span> maxOccurs=<span class="code-quote">"unbounded"</span>/>
+ <span class="code-tag"><xsd:element name=<span class="code-quote">"default-principal"</span> type=<span class="code-quote">"security:default-principalType"</span>/></span>
+ <xsd:element name=<span class="code-quote">"role-mappings"</span> type=<span class="code-quote">"security:role-mappingsType"</span>
+ minOccurs=<span class="code-quote">"0"</span>/>
+ <span class="code-tag"></xsd:sequence></span>
+ <span class="code-tag"><xsd:attribute name=<span class="code-quote">"doas-current-caller"</span> type=<span class="code-quote">"xsd:boolean"</span> default=<span class="code-quote">"false"</span>/></span>
+ <span class="code-tag"><xsd:attribute name=<span class="code-quote">"use-context-handler"</span> type=<span class="code-quote">"xsd:boolean"</span> default=<span class="code-quote">"false"</span>/></span>
+ <span class="code-tag"><xsd:attribute name=<span class="code-quote">"default-role"</span> type=<span class="code-quote">"xsd:string"</span>/></span>
+<span class="code-tag"></xsd:complexType></span></pre>
+</div></div>
+
+<p><tt>@doas-current-caller</tt> - Set this attribute to <b>true</b> if the work is to be performed as the calling <tt>Subject</tt>. This attribute is optional, the default value is false.<br/>
+<tt>@use-context-handler</tt> - Set this attribute to <b>true</b> if the installed JACC policy contexts will use <tt>PolicyContextHandlers</tt>. This attribute is optional, the default value is false.<br/>
+<tt>@default-role</tt> - Used by the <b>Deployer</b> to assign method permissions for all of the unspecified methods, either by assigning them to security roles or by marking them as unchecked. If the value of default-role is empty then the unspecified methods are marked unchecked.</p>
+
+<p><tt>description</tt> - optional element. 0 to many description elements.<br/>
+<tt>default-principal</tt> - required element. Defines default principal for anonymous access.<br/>
+<tt>role-mappings</tt> - optional element. Maps J2EE roles to principals.</p>
+
+<p><a href="#SecurityDefinitionSchema-top" title="top on Security Definition Schema">Back to Top</a></p>
+
+<h2><a name="SecurityDefinitionSchema-TypedefaultPrincipalType"></a>Type defaultPrincipalType</h2>
+<p>Default principal is used for anonymous access.</p>
+
+<p><tt>security:default-principalType</tt> is a sequence of optional description, the choice of principal, login-domain-principal, realm-principal, followed by a sequence of <br/>
+<tt>named-username-password-credential</tt> elements.</p>
+
+<div class="code" style="border-style: solid; "><div class="codeContent">
+<pre class="code-xml"><span class="code-tag"><xsd:complexType name=<span class="code-quote">"default-principalType"</span>></span>
+ <span class="code-tag"><xsd:sequence></span>
+ <xsd:element name=<span class="code-quote">"description"</span> type=<span class="code-quote">"security:descriptionType"</span>
+ minOccurs=<span class="code-quote">"0"</span> maxOccurs=<span class="code-quote">"unbounded"</span>/>
+ <span class="code-tag"><xsd:choice></span>
+ <span class="code-tag"><xsd:element name=<span class="code-quote">"principal"</span> type=<span class="code-quote">"security:principalType"</span>/></span>
+ <xsd:element name=<span class="code-quote">"login-domain-principal"</span>
+ type=<span class="code-quote">"security:loginDomainPrincipalType"</span>/>
+ <span class="code-tag"><xsd:element name=<span class="code-quote">"realm-principal"</span> type=<span class="code-quote">"security:realmPrincipalType"</span>/></span>
+ <span class="code-tag"></xsd:choice></span>
+ <xsd:element name=<span class="code-quote">"named-username-password-credential"</span>
+ type=<span class="code-quote">"security:named-username-password-credentialType"</span> minOccurs=<span class="code-quote">"0"</span>
+ maxOccurs=<span class="code-quote">"unbounded"</span>/>
+ <span class="code-tag"></xsd:sequence></span>
+<span class="code-tag"></xsd:complexType></span></pre>
+</div></div>
+
+<p><tt>description</tt> - optional. 0 to many description elements.<br/>
+<tt>principal</tt> - required choice element. Defines default principal to be of the <tt>security:princpalType</tt>.<br/>
+<tt>login-domain-principal</tt> - required choice element. Defines default principal to be of the <tt>security:loginDomainPrincipalType</tt>.<br/>
+<tt>realm-principal</tt> - required choice element. Defines default principal to be of the <tt>security:realmPrincipalType</tt>.<br/>
+<tt>named-username-password-credential</tt> - optional sequence of 0 to many elements of the <tt>security:named-username-password-credentialType</tt>.</p>
+
+<p><a href="#SecurityDefinitionSchema-top" title="top on Security Definition Schema">Back to Top</a></p>
+
+<h2><a name="SecurityDefinitionSchema-TypeprincipalType"></a>Type principalType</h2>
+<p><tt>security:principalType</tt> defines authenticated principal.</p>
+
+<div class="code" style="border-style: solid; "><div class="codeContent">
+<pre class="code-xml"><span class="code-tag"><xsd:complexType name=<span class="code-quote">"principalType"</span>></span>
+ <span class="code-tag"><xsd:sequence></span>
+ <xsd:element name=<span class="code-quote">"description"</span> type=<span class="code-quote">"geronimo:descriptionType"</span>
+ minOccurs=<span class="code-quote">"0"</span> maxOccurs=<span class="code-quote">"unbounded"</span>/>
+ <span class="code-tag"></xsd:sequence></span>
+ <span class="code-tag"><xsd:attribute name=<span class="code-quote">"class"</span> type=<span class="code-quote">"xsd:string"</span> use=<span class="code-quote">"required"</span>/></span>
+ <span class="code-tag"><xsd:attribute name=<span class="code-quote">"name"</span> type=<span class="code-quote">"xsd:string"</span> use=<span class="code-quote">"required"</span>/></span>
+ <span class="code-tag"><xsd:attribute name=<span class="code-quote">"designated-run-as"</span> type=<span class="code-quote">"xsd:boolean"</span> default=<span class="code-quote">"false"</span>/></span>
+<span class="code-tag"></xsd:complexType></span></pre>
+</div></div>
+
+<p><tt>@class</tt> is principal implementation class.<br/>
+<tt>@name</tt> is authenticated principal name.<br/>
+<tt>@designated-run-as</tt> if set to <b>true</b> makes this principal a <b>run-as</b> principal for the role that maps this principal.</p>
+
+<p><a href="#SecurityDefinitionSchema-top" title="top on Security Definition Schema">Back to Top</a></p>
+
+<h2><a name="SecurityDefinitionSchema-TypeloginDomainPrincipalType"></a>Type loginDomainPrincipalType</h2>
+<p><tt>security:loginDomainPrincipalType</tt> type associates a <tt>Principal</tt> with the <b>Login Domain</b> that authenticated that principal. If <b>Security Realm</b> into which login module (<b>Login Domain</b>) is wired up is configured to wrap <tt>Principals</tt>, every <tt>Principal</tt> produced by every login module will be wrapped into the <tt>DomainPrincipal</tt>.</p>
+
+<p>login-domainPrincipalType extends principalType.</p>
+
+<div class="code" style="border-style: solid; "><div class="codeContent">
+<pre class="code-xml"><span class="code-tag"><xsd:complexType name=<span class="code-quote">"loginDomainPrincipalType"</span>></span>
+ <span class="code-tag"><xsd:complexContent></span>
+ <span class="code-tag"><xsd:extension base=<span class="code-quote">"security:principalType"</span>></span>
+ <span class="code-tag"><xsd:attribute name=<span class="code-quote">"domain-name"</span> type=<span class="code-quote">"xsd:string"</span> use=<span class="code-quote">"required"</span>/></span>
+ <span class="code-tag"></xsd:extension></span>
+ <span class="code-tag"></xsd:complexContent></span>
+<span class="code-tag"></xsd:complexType></span></pre>
+</div></div>
+
+<p><tt>@domain-name</tt> - Login Domain name.</p>
+
+<p>Note that elements of the <tt>security:loginDomainPrincipalType</tt> wrap elements of <tt>security:principalType</tt>, so the <tt>@class</tt> attribute value must be the value of the <tt>Principal</tt> implementation class that is wrapped by the <tt>security:loginDomainPrincipal</tt>.</p>
+
+<p><a href="#SecurityDefinitionSchema-top" title="top on Security Definition Schema">Back to Top</a></p>
+
+<h2><a name="SecurityDefinitionSchema-TyperealmPrincipalType"></a>Type realmPrincipalType</h2>
+<p><b>Realm principal</b> associates a <tt>Principal</tt> with the realm in which it was authenticated. If Security Realm is configured to wrap <tt>Principals</tt>, each <tt>DomainPrincipal</tt> will be wrapped into the <tt>RealmPrincipal</tt>.</p>
+
+<p><tt>realmPrincipalType</tt> extends <tt>security:loginDomainPrincipalType</tt>.</p>
+
+<div class="code" style="border-style: solid; "><div class="codeContent">
+<pre class="code-xml"><span class="code-tag"><xsd:complexType name=<span class="code-quote">"realmPrincipalType"</span>></span>
+ <span class="code-tag"><xsd:complexContent></span>
+ <span class="code-tag"><xsd:extension base=<span class="code-quote">"security:loginDomainPrincipalType"</span>></span>
+ <span class="code-tag"><xsd:attribute name=<span class="code-quote">"realm-name"</span> type=<span class="code-quote">"xsd:string"</span> use=<span class="code-quote">"required"</span>/></span>
+ <span class="code-tag"></xsd:extension></span>
+ <span class="code-tag"></xsd:complexContent></span>
+<span class="code-tag"></xsd:complexType></span></pre>
+</div></div>
+
+<p><tt>@realm-name</tt> is required attribute that defines realm name.</p>
+
+<p>Note that elements of <tt>security:realmPrincipalType</tt> wrap elements of <tt>security:principalType</tt>, that wrap elements of <tt>security:loginDomainPrincipalType</tt>. So the <tt>@class</tt> attribute value must be the value of the <tt>Principal</tt> implementation class that is wrapped by the <tt>security:loginDomainPrincipal</tt>.</p>
+
+<p><a href="#SecurityDefinitionSchema-top" title="top on Security Definition Schema">Back to Top</a></p>
+
+<h2><a name="SecurityDefinitionSchema-TypenamedusernamepasswordcredentialType"></a>Type named-username-password-credentialType</h2>
+<p>This element defines username - password credential.</p>
+
+<div class="code" style="border-style: solid; "><div class="codeContent">
+<pre class="code-xml"><span class="code-tag"><xsd:complexType name=<span class="code-quote">"named-username-password-credentialType"</span>></span>
+ <span class="code-tag"><xsd:sequence></span>
+ <span class="code-tag"><xsd:element name=<span class="code-quote">"name"</span> type=<span class="code-quote">"xsd:string"</span>/></span>
+ <span class="code-tag"><xsd:element name=<span class="code-quote">"username"</span> type=<span class="code-quote">"xsd:string"</span>/></span>
+ <span class="code-tag"><xsd:element name=<span class="code-quote">"password"</span> type=<span class="code-quote">"xsd:string"</span>/></span>
+ <span class="code-tag"></xsd:sequence></span>
+<span class="code-tag"></xsd:complexType></span></pre>
+</div></div>
+
+<p><tt>name</tt> - required element. Names this credential set.<br/>
+<tt>username</tt> - required element. User name.<br/>
+<tt>password</tt> - required element. User password.</p>
+
+<p><a href="#SecurityDefinitionSchema-top" title="top on Security Definition Schema">Back to Top</a></p>
+
+<h2><a name="SecurityDefinitionSchema-TyperolemappingsType"></a>Type role-mappingsType</h2>
+<p><tt>security:role-mappingsType</tt> defines mappings of J2EE roles to principals.</p>
+
+<p><xsd:complexType name="role-mappingsType"><br/>
+ <xsd:sequence><br/>
+ <xsd:element name="role" type="security:roleType" minOccurs="1" <br/>
+ maxOccurs="unbounded"/><br/>
+ </xsd:sequence><br/>
+</xsd:complexType></p>
+
+<p><tt>role</tt> - required sequence of 1 or more elements of <tt>security:roleType</tt>.</p>
+
+<p><a href="#SecurityDefinitionSchema-top" title="top on Security Definition Schema">Back to Top</a></p>
+
+<h2><a name="SecurityDefinitionSchema-TyperoleType"></a>Type roleType</h2>
+<p><tt>security:roleType</tt> element defines J2EE role mapping to a set of <tt>Principals</tt>. Mapped principals can be any kind of <tt>principal: domain-principal</tt>, <tt>realm-principal</tt>, <tt>principal</tt>, or a <tt>distinguished name</tt> (dn).</p>
+
+<p>Note that ideally we want to map to <tt>DomainPrincipals</tt> or <tt>RealmPrincipals</tt>. This type of mapping is not supported in Geronimo M5 or earlier milestones. The only type of mapping in M5 and before is <tt>principalType</tt> mapping and <tt>dn</tt> mapping.</p>
+
+<div class="code" style="border-style: solid; "><div class="codeContent">
+<pre class="code-xml"><span class="code-tag"><xsd:complexType name=<span class="code-quote">"roleType"</span>></span>
+ <span class="code-tag"><xsd:sequence></span>
+ <span class="code-tag"><xsd:element name=<span class="code-quote">"description"</span> type=<span class="code-quote">"security:descriptionType"</span> minOccurs=<span class="code-quote">"0"</span> maxOccurs=<span class="code-quote">"unbounded"</span>/></span>
+ <span class="code-tag"><xsd:element name=<span class="code-quote">"realm-principal"</span> type=<span class="code-quote">"security:realmPrincipalType"</span> minOccurs=<span class="code-quote">"0"</span> maxOccurs=<span class="code-quote">"unbounded"</span>/></span>
+ <xsd:element name=<span class="code-quote">"login-domain-principal"</span>
+ type=<span class="code-quote">"security:loginDomainPrincipalType"</span> minOccurs=<span class="code-quote">"0"</span> maxOccurs=<span class="code-quote">"unbounded"</span>/>
+ <span class="code-tag"><xsd:element name=<span class="code-quote">"principal"</span> type=<span class="code-quote">"security:principalType"</span> minOccurs=<span class="code-quote">"0"</span> maxOccurs=<span class="code-quote">"unbounded"</span>/></span>
+ <xsd:element name=<span class="code-quote">"distinguished-name"</span>
+ type=<span class="code-quote">"security:distinguishedNameType"</span> minOccurs=<span class="code-quote">"0"</span> maxOccurs=<span class="code-quote">"unbounded"</span>/>
+ <span class="code-tag"></xsd:sequence></span>
+ <span class="code-tag"><xsd:attribute name=<span class="code-quote">"role-name"</span> type=<span class="code-quote">"xsd:string"</span> use=<span class="code-quote">"required"</span>/></span>
+<span class="code-tag"></xsd:complexType></span></pre>
+</div></div>
+
+<p><tt>@role-name</tt> - J2EE role name. This is required attribute.</p>
+
+<p><tt>description</tt> - optional sequence from 0 to many <tt>security:description</tt> elements.<br/>
+<tt>realm-principal</tt> - optional sequence from 0 to many <tt>security:realmPrincipalType</tt> elements. Not supported for Geronimo M5 or earlier milestones.<br/>
+<tt>login-domain-principal</tt> - optional sequence from 0 to many <tt>security:loginDomainPrincipal</tt> type elements. Not supported for Geronimo M5 or earlier milestones.<br/>
+<tt>principal</tt> - optinal sequence from 0 to many <tt>security:principalType</tt> elements.<br/>
+<tt>distinguished-name</tt> - optional sequence of <tt>security:distinguishedNameType</tt> elements.</p>
+
+<p><a href="#SecurityDefinitionSchema-top" title="top on Security Definition Schema">Back to Top</a></p>
+
+<h2><a name="SecurityDefinitionSchema-TypedistinguishedNameType"></a>Type distinguishedNameType</h2>
+<div class="code" style="border-style: solid; "><div class="codeContent">
+<pre class="code-xml"><span class="code-tag"><xsd:complexType name=<span class="code-quote">"distinguishedNameType"</span>></span>
+ <span class="code-tag"><xsd:sequence></span>
+ <xsd:element name=<span class="code-quote">"description"</span> type=<span class="code-quote">"security:descriptionType"</span>
+ minOccurs=<span class="code-quote">"0"</span> maxOccurs=<span class="code-quote">"unbounded"</span>/>
+ <span class="code-tag"></xsd:sequence></span>
+ <span class="code-tag"><xsd:attribute name=<span class="code-quote">"name"</span> type=<span class="code-quote">"xsd:string"</span> use=<span class="code-quote">"required"</span>/></span>
+ <span class="code-tag"><xsd:attribute name=<span class="code-quote">"designated-run-as"</span> type=<span class="code-quote">"xsd:boolean"</span> default=<span class="code-quote">"false"</span>/></span>
+<span class="code-tag"></xsd:complexType></span></pre>
+</div></div>
+
+<p><tt>@designated-run-as</tt> - Set this attribute to <b>true</b> if this principal is to be used as the <b>run-as</b> principal for this role. This is optional attribute, default value is false.</p>
+
+<p><tt>desciption</tt> - optional sequence from 0 to many elements of <tt>security:descriptionType</tt>.</p>
+
+<p><a href="#SecurityDefinitionSchema-top" title="top on Security Definition Schema">Back to Top</a></p>
+
+<h2><a name="SecurityDefinitionSchema-TypedescriptionType"></a>Type descriptionType</h2>
+<p><tt>security:descriptionType</tt> element allows description to be inserted in any other element. This type extends schema string type with the reference to the global <tt>xml:lang</tt> attribute.</p>
+
+<div class="code" style="border-style: solid; "><div class="codeContent">
+<pre class="code-xml"><span class="code-tag"><xsd:complexType name=<span class="code-quote">"descriptionType"</span>></span>
+ <span class="code-tag"><xsd:simpleContent></span>
+ <span class="code-tag"><xsd:extension base=<span class="code-quote">"xsd:string"</span>></span>
+ <span class="code-tag"><xsd:attribute ref=<span class="code-quote">"xml:lang"</span>/></span>
+ <span class="code-tag"></xsd:extension></span>
+ <span class="code-tag"></xsd:simpleContent></span>
+<span class="code-tag"></xsd:complexType></span></pre>
+</div></div>
+
+<p><tt>@xml:lang</tt> - language attribute. This attribute is optional.</p>
+
+<p><a href="#SecurityDefinitionSchema-top" title="top on Security Definition Schema">Back to Top</a></p>
+
+
+ </td>
+ </tr>
+ </table>
+ <table border="0" cellpadding="0" cellspacing="0" width="100%">
+ <tr>
+ <td height="12" background="border/border_bottom.gif"><img src="border/spacer.gif" width="1" height="1" border="0"/></td>
+ </tr>
+ <tr>
+ <td align="center"><font color="grey">Document generated by Confluence on Dec 09, 2005 22:10</font></td>
+ </tr>
+ </table>
+ </body>
+</html>
\ No newline at end of file
Propchange: geronimo/branches/1.0/modules/scripts/src/resources/docs/Security Definition Schema.html
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: geronimo/branches/1.0/modules/scripts/src/resources/docs/Security Definition Schema.html
------------------------------------------------------------------------------
svn:executable = *
Added: geronimo/branches/1.0/modules/scripts/src/resources/docs/Security.html
URL: http://svn.apache.org/viewcvs/geronimo/branches/1.0/modules/scripts/src/resources/docs/Security.html?rev=356160&view=auto
==============================================================================
--- geronimo/branches/1.0/modules/scripts/src/resources/docs/Security.html (added)
+++ geronimo/branches/1.0/modules/scripts/src/resources/docs/Security.html Sun Dec 11 21:27:20 2005
@@ -0,0 +1,125 @@
+<html>
+ <head>
+ <title>Geronimo : Security</title>
+ <link rel="stylesheet" href="styles/site.css" type="text/css" />
+ <META http-equiv="Content-Type" content="text/html; charset=UTF-8">
+ </head>
+
+ <body>
+ <table class="pagecontent" border="0" cellpadding="0" cellspacing="0" width="100%" bgcolor="#ffffff">
+ <tr>
+ <td valign="top" class="pagebody">
+ <div class="pageheader">
+ <span class="pagetitle">
+ Geronimo : Security
+ </span>
+ </div>
+ <div class="pagesubheading">
+ This page last changed on Nov 29, 2005 by <font color="#0050B2">hcunico@gmail.com</font>.
+ </div>
+
+
+<p><a name="Security-top"></a></p>
+
+<p><em><b>Article donated by:</b> <a href="mailto:simon@godik.com" title="Send mail to Simon Godik">Simon Godik</a>, <a href="mailto:hcunico@gmail.com" title="Send mail to Hernan Cunico">Hernan Cunico</a></em></p>
+
+<p>The following are a series of articles that will help you understand better security and how those comcepts are implemented in Apache Geronimo.</p>
+
+<ol>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Concepts.html" title="Concepts">Concepts</a>
+ <ul>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Concepts.html#Concepts-LoginDomain" title="Login Domain on Concepts">Login Domain</a></li>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Concepts.html#Concepts-SecurityRealm" title="Security Realm on Concepts">Security Realm</a></li>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Concepts.html#Concepts-AuthenticationandPrincipals" title="Authentication and Principals on Concepts">Authentication and Principals</a></li>
+ </ul>
+ </li>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Login into Geronimo.html" title="Login into Geronimo">Login into Geronimo</a>
+ <ul>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Login into Geronimo.html#LoginintoGeronimo-LoginServiceAPI" title="Login Service API on Login into Geronimo">Login Service API</a></li>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Login into Geronimo.html#LoginintoGeronimo-JaasLoginCoordinator" title="JaasLoginCoordinator on Login into Geronimo">Login into Geronimo the portable way: JaasLoginCoordinator</a></li>
+ </ul>
+ </li>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Geronimo and JAAS.html" title="Geronimo and JAAS">Geronimo and JAAS</a>
+ <ul>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Geronimo and JAAS.html#GeronimoandJAAS-jaas" title="jaas on Geronimo and JAAS">Integrating Geronimo security with the JAAS API</a></li>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Geronimo and JAAS.html#GeronimoandJAAS-implementations" title="implementations on Geronimo and JAAS">ConfigurationEntryFactory implementations</a></li>
+ </ul>
+ </li>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="JaasLoginService API Discussion.html" title="JaasLoginService API Discussion">JaasLoginService API Discussion</a></li>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Component Configuration.html" title="Component Configuration">Component Configuration</a>
+ <ul>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Component Configuration.html#ComponentConfiguration-ConfiguringDirectConfigurationEntry" title="Configuring DirectConfigurationEntry on Component Configuration">Configuring DirectConfigurationEntry</a></li>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Component Configuration.html#ComponentConfiguration-ConfiguringServerRealmConfigurationEntry" title="Configuring ServerRealmConfigurationEntry on Component Configuration">Configuring ServerRealmConfigurationEntry</a></li>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Component Configuration.html#ComponentConfiguration-ConfiguringSecurityRealm" title="Configuring Security Realm on Component Configuration">Configuring Security Realm</a></li>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Component Configuration.html#ComponentConfiguration-xmlreference" title="xml-reference on Component Configuration">Configuring GenericSecurityRealm using xml-reference</a></li>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Component Configuration.html#ComponentConfiguration-ConfiguringLoginmodule" title="Configuring Login module on Component Configuration">Configuring Login module</a></li>
+ </ul>
+ </li>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Authorization - mapping J2EE roles to Principals.html" title="Authorization - mapping J2EE roles to Principals">Authorization \- mapping J2EE roles to Principals</a></li>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Security Definition Schema.html" title="Security Definition Schema">Security Definition Schema</a>
+ <ul>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Security Definition Schema.html#SecurityDefinitionSchema-TypesecurityType" title="Type securityType on Security Definition Schema">Type securityType</a></li>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Security Definition Schema.html#SecurityDefinitionSchema-TypedefaultPrincipalType" title="Type defaultPrincipalType on Security Definition Schema">Type defaultPrincipalType</a></li>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Security Definition Schema.html#SecurityDefinitionSchema-TypeprincipalType" title="Type principalType on Security Definition Schema">Type principalType</a></li>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Security Definition Schema.html#SecurityDefinitionSchema-TypeloginDomainPrincipalType" title="Type loginDomainPrincipalType on Security Definition Schema">Type loginDomainPrincipalType</a></li>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Security Definition Schema.html#SecurityDefinitionSchema-TyperealmPrincipalType" title="Type realmPrincipalType on Security Definition Schema">Type realmPrincipalType</a></li>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Security Definition Schema.html#SecurityDefinitionSchema-TypenamedusernamepasswordcredentialType" title="Type named-username-password-credentialType on Security Definition Schema">Type named-username-password-credentialType</a></li>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Security Definition Schema.html#SecurityDefinitionSchema-TyperolemappingsType" title="Type role-mappingsType on Security Definition Schema">Type role-mappingsType</a></li>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Security Definition Schema.html#SecurityDefinitionSchema-TyperoleType" title="Type roleType on Security Definition Schema">Type roleType</a></li>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Security Definition Schema.html#SecurityDefinitionSchema-TypedistinguishedNameType" title="Type distinguishedNameType on Security Definition Schema">Type distinguishedNameType</a></li>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Security Definition Schema.html#SecurityDefinitionSchema-TypedescriptionType" title="Type descriptionType on Security Definition Schema">Type descriptionType</a></li>
+ </ul>
+ </li>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Geronimo Login Config Schema.html" title="Geronimo Login Config Schema">Geronimo Login Config Schema</a>
+ <ul>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Geronimo Login Config Schema.html#GeronimoLoginConfigSchema-TypeLoginconfigType" title="Type Login-configType on Geronimo Login Config Schema">Type Login-configType</a></li>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Geronimo Login Config Schema.html#GeronimoLoginConfigSchema-TypeabstractloginmoduleType" title="Type abstract-login-moduleType on Geronimo Login Config Schema">Type abstract-login-moduleType</a></li>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Geronimo Login Config Schema.html#GeronimoLoginConfigSchema-TypecontrolflagType" title="Type control-flagType on Geronimo Login Config Schema">Type control-flagType</a></li>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Geronimo Login Config Schema.html#GeronimoLoginConfigSchema-TypeloginmodulerefType" title="Type login-module-refType on Geronimo Login Config Schema">Type login-module-refType</a></li>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Geronimo Login Config Schema.html#GeronimoLoginConfigSchema-TypeloginmoduleType" title="Type login-moduleType on Geronimo Login Config Schema">Type login-moduleType</a></li>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Geronimo Login Config Schema.html#GeronimoLoginConfigSchema-TypeoptionType" title="Type optionType on Geronimo Login Config Schema">Type optionType</a></li>
+ </ul>
+ </li>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Deploying secure applications.html" title="Deploying secure applications">Deploying secure applications</a>
+ <ul>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Deploying secure applications.html#Deployingsecureapplications-DeploymentoptionsforWebapplications" title="Deployment options for Web applications on Deploying secure applications">Deployment options for Web applications</a></li>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Deploying secure applications.html#Deployingsecureapplications-DeployingWebapplicationwiththecontainerneutralschema" title="Deploying Web application with the container-neutral schema on Deploying secure applications">Deploying Web application with the container-neutral schema</a></li>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Deploying secure applications.html#Deployingsecureapplications-DefiningSecurityRealmName" title="Defining Security Realm Name on Deploying secure applications">Defining Security Realm Name</a></li>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Deploying secure applications.html#Deployingsecureapplications-ExampleoftheWebapplicationdeploymentwithwebcontainerneutralschema" title="Example of the Web application deployment with web-container neutral schema on Deploying secure applications">Example of the Web application deployment with web-container neutral schema</a></li>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Deploying secure applications.html#Deployingsecureapplications-DeployingWebapplicationonJettycontainer" title="Deploying Web application on Jetty container on Deploying secure applications">Deploying Web application on Jetty container</a></li>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Deploying secure applications.html#Deployingsecureapplications-DeployingWebapplicationonTomcatcontainer" title="Deploying Web application on Tomcat container on Deploying secure applications">Deploying Web application on Tomcat container</a></li>
+ </ul>
+ </li>
+ <li><a href="Available login modules.html" title="Available login modules">Available login modules</a>
+ <ul>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Available login modules.html#Availableloginmodules-PropertiesFileLoginModule" title="PropertiesFileLoginModule on Available login modules">PropertiesFileLoginModule</a></li>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Available login modules.html#Availableloginmodules-LDAPLoginModule" title="LDAPLoginModule on Available login modules">LDAPLoginModule</a></li>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Available login modules.html#Availableloginmodules-SQLLoginModule" title="SQLLoginModule on Available login modules">SQLLoginModule</a></li>
+ <li>CertificateChainLoginModule</li>
+ <li>CertificatePropertiesFileLoginModule</li>
+ <li>FileAuditLoginModule
+ <ul>
+ <li><img class="emoticon" src="./icons/emoticons/check.gif" height="16" width="16" align="absmiddle" alt="" border="0"/> <a href="Configuring LDAP.html" title="Configuring LDAP">Configuring LDAP</a></li>
+ </ul>
+ </li>
+ </ul>
+ </li>
+ <li><a href="Mapping J2EE Roles in M5 release.html" title="Mapping J2EE Roles in M5 release">Mapping J2EE Roles in M5 release</a></li>
+ <li>Configuring SSL</li>
+</ol>
+
+
+
+ </td>
+ </tr>
+ </table>
+ <table border="0" cellpadding="0" cellspacing="0" width="100%">
+ <tr>
+ <td height="12" background="border/border_bottom.gif"><img src="border/spacer.gif" width="1" height="1" border="0"/></td>
+ </tr>
+ <tr>
+ <td align="center"><font color="grey">Document generated by Confluence on Dec 09, 2005 22:10</font></td>
+ </tr>
+ </table>
+ </body>
+</html>
\ No newline at end of file
Propchange: geronimo/branches/1.0/modules/scripts/src/resources/docs/Security.html
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: geronimo/branches/1.0/modules/scripts/src/resources/docs/Security.html
------------------------------------------------------------------------------
svn:executable = *