Merge branch 'master' into entitlements - incorporating the new entitlements docs into the new docs structure
Project: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/commit/c53e4e34 Tree: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/tree/c53e4e34 Diff: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/diff/c53e4e34 Branch: refs/heads/master Commit: c53e4e3422dcd862171de0930c30739e17429d32 Parents: a869ea2 974e713 Author: Alex Heneveld <[email protected]> Authored: Tue Jan 20 17:58:41 2015 +0000 Committer: Alex Heneveld <[email protected]> Committed: Tue Jan 20 17:58:41 2015 +0000 ---------------------------------------------------------------------- NOTICE | 2 +- README.md | 6 +- .../java/brooklyn/catalog/BrooklynCatalog.java | 2 + brooklyn-install.sh | 2 +- .../brooklyn/catalog/CatalogPredicates.java | 25 +- .../catalog/internal/BasicBrooklynCatalog.java | 62 +- .../brooklyn/catalog/internal/CatalogDo.java | 2 +- .../catalog/internal/CatalogItemComparator.java | 11 +- .../entity/basic/BrooklynConfigKeys.java | 34 +- .../brooklyn/entity/basic/BrooklynTaskTags.java | 33 +- .../brooklyn/entity/basic/DynamicGroup.java | 14 +- .../DownloadProducerFromProperties.java | 2 +- .../rebind/PeriodicDeltaChangeListener.java | 2 +- .../entity/rebind/RebindManagerImpl.java | 2 +- .../rebind/transformer/CompoundTransformer.java | 2 +- .../basic/PortAttributeSensorAndConfigKey.java | 10 +- .../internal/BrooklynFeatureEnablement.java | 55 +- .../location/access/PortForwardManagerImpl.java | 4 +- .../location/basic/SshMachineLocation.java | 9 +- .../brooklyn/management/ha/OsgiManager.java | 44 +- .../internal/AbstractManagementContext.java | 23 +- .../internal/BrooklynGarbageCollector.java | 2 +- .../management/internal/EffectorUtils.java | 2 +- .../management/internal/LocalEntityManager.java | 2 +- .../internal/LocalManagementContext.java | 10 +- .../util/internal/ssh/ShellAbstractTool.java | 175 +- .../brooklyn/util/internal/ssh/ShellTool.java | 11 +- .../internal/ssh/sshj/SshjClientConnection.java | 2 +- .../util/internal/ssh/sshj/SshjTool.java | 354 +++- .../src/main/java/brooklyn/util/task/Tasks.java | 12 +- .../brooklyn/entity/rebind/RebindOptions.java | 2 +- .../entity/rebind/RebindTestFixture.java | 2 +- .../internal/BrooklynFeatureEnablementTest.java | 27 + .../internal/ssh/ShellToolAbstractTest.java | 5 +- .../sshj/SshjToolAsyncStubIntegrationTest.java | 177 ++ .../ssh/sshj/SshjToolIntegrationTest.java | 115 +- .../camp/lite/test-app-service-blueprint.yaml | 2 +- docs/.gitignore | 1 + docs/Gemfile | 4 +- docs/Gemfile.lock | 43 +- docs/README.md | 73 +- docs/_build/build.sh | 104 +- docs/_build/config-exclude-all-but-guide.yml | 2 +- docs/_build/config-exclude-guide.yml | 2 +- docs/_build/htmlproof-brooklyn.sh | 21 + docs/_build/javadoc-overview.html | 22 + docs/_build/make-javadoc.sh | 42 +- docs/_build/quick-make-few-javadoc.sh | 2 +- docs/_build/tests/jsonball/test_jsonball.md | 2 +- docs/_config.yml | 10 + .../_extra/big_examples/before-begin.include.md | 56 + .../console-geoscaling-details-w700.png | Bin 0 -> 167441 bytes .../console-geoscaling-details.png | Bin 0 -> 176651 bytes .../global-web-fabric/console-map-w700.png | Bin 0 -> 201060 bytes .../global-web-fabric/console-map.png | Bin 0 -> 331520 bytes .../geopaas-deployed-app-w700.png | Bin 0 -> 153738 bytes .../global-web-fabric/geopaas-deployed-app.png | Bin 0 -> 114615 bytes .../big_examples/global-web-fabric/index.md | 378 ++++ docs/_extra/big_examples/index.md | 18 + docs/_extra/big_examples/messaging/index.md | 181 ++ .../nosql-cassandra/cassandra.include.md | 282 +++ .../big_examples/nosql-cassandra/index.md | 7 + docs/_extra/big_examples/simple-web-cluster.md | 9 + docs/_extra/big_examples/toc.json | 13 + docs/_extra/big_examples/webcluster.md | 9 + docs/_extra/big_examples/webcluster/index.md | 7 + .../webcluster/webcluster.include.md | 124 ++ docs/_extra/brooklyn-gpg-public-key.asc | 21 + docs/_extra/deploying-yaml.md | 37 + docs/_extra/highlevel1.md | 50 + docs/_extra/list-of-blueprints.md | 160 ++ docs/_extra/local-artifact-repo.md | 32 + docs/_extra/release.md | 288 +++ .../example_files/tomcat_multi-location.java | 15 + .../example_files/tomcat_nginx.java | 17 + .../example_files/tomcat_simple.java | 9 + docs/_extra/simple_java_examples/examples.md | 121 ++ docs/_extra/update-docs.md | 14 + docs/_includes/base-head.html | 4 +- docs/_includes/base-scss.scss | 32 +- docs/_includes/breadcrumbs.html | 71 - docs/_includes/feature-image.html | 4 + docs/_includes/feature-item-end.html | 14 + docs/_includes/feature-item.html | 4 + docs/_includes/fields.md | 2 +- docs/_includes/footer.html | 6 +- docs/_includes/java_link.html | 18 + docs/_includes/list-children.html | 9 + docs/_includes/sidebar.html | 77 - docs/_includes/sidemenu.html | 244 +++ docs/_includes/sitemap-item.html | 36 + docs/_includes/topbar.html | 49 - docs/_includes/topmenu.html | 82 +- docs/_layouts/base.html | 156 +- docs/_layouts/guide-base.html | 183 -- docs/_layouts/guide-normal.html | 65 - docs/_layouts/website-landing.html | 9 +- docs/_layouts/website-normal.html | 17 +- docs/_plugins/brooklyn_jekyll_util.rb | 129 ++ docs/_plugins/brooklyn_metadata.rb | 21 +- docs/_plugins/read.rb | 4 +- docs/_plugins/site_structure.rb | 362 +++- docs/guide/concepts/advanced-concepts.md | 14 + .../concepts/application-parent-membership.md | 25 + ...ooklyn-flow-websequencediagrams.com-w400.png | Bin 0 -> 58518 bytes .../brooklyn-flow-websequencediagrams.com.png | Bin 0 -> 106928 bytes .../concepts/configuration-sensor-effectors.md | 42 + docs/guide/concepts/dependent-configuration.md | 34 + docs/guide/concepts/entities.md | 23 + docs/guide/concepts/execution.md | 34 + docs/guide/concepts/index.md | 21 + .../concepts/lifecycle-managementcontext.md | 44 + docs/guide/concepts/location.md | 22 + docs/guide/concepts/policies.md | 11 + .../dev/build/debugging-remote-brooklyn.md | 140 -- docs/guide/dev/build/developers-catalog.xml | 87 - docs/guide/dev/build/eclipse.include.md | 15 - docs/guide/dev/build/ide.md | 123 -- docs/guide/dev/build/index.md | 184 -- docs/guide/dev/build/tests.md | 26 - docs/guide/dev/build/toc.json | 8 - docs/guide/dev/code/entity.md | 91 - docs/guide/dev/code/index.include.md | 97 - docs/guide/dev/code/index.md | 98 +- docs/guide/dev/code/policy.md | 47 - docs/guide/dev/code/tests.md | 26 + docs/guide/dev/code/toc.json | 10 - docs/guide/dev/env/ide/eclipse.include.md | 13 + docs/guide/dev/env/ide/index.md | 122 ++ docs/guide/dev/env/index.md | 13 + docs/guide/dev/env/maven-build.md | 180 ++ docs/guide/dev/how-to-contrib.md | 38 - docs/guide/dev/index.md | 38 +- docs/guide/dev/links.md | 22 - .../guide/dev/tips/debugging-remote-brooklyn.md | 138 ++ docs/guide/dev/tips/index.md | 7 +- docs/guide/dev/tips/local-artifact-repo.md | 32 - docs/guide/dev/tips/logging.md | 3 +- docs/guide/dev/tips/release.md | 288 --- docs/guide/dev/tips/standards.md | 15 - docs/guide/dev/tips/toc.json | 14 - docs/guide/dev/tips/update-docs.md | 14 - docs/guide/dev/toc.json | 26 - docs/guide/index.md | 22 +- docs/guide/java/archetype.md | 64 + docs/guide/java/common-usage.md | 140 ++ docs/guide/java/defining-and-deploying.md | 125 ++ docs/guide/java/entities.md | 126 ++ docs/guide/java/entitlements.md | 42 + docs/guide/java/entity.md | 90 + docs/guide/java/index.md | 23 + docs/guide/java/policies.md | 123 ++ docs/guide/java/policy.md | 46 + docs/guide/java/service-state.md | 73 + ...topology-dependencies-management-policies.md | 69 + docs/guide/java/wt-deployed-application-700.png | Bin 0 -> 176494 bytes docs/guide/java/wt-deployed-application.png | Bin 0 -> 127347 bytes docs/guide/java/wt-starting-700.png | Bin 0 -> 303892 bytes docs/guide/java/wt-starting.png | Bin 0 -> 332710 bytes docs/guide/java/wt-tree-jboss-sensors-700.png | Bin 0 -> 268853 bytes docs/guide/java/wt-tree-jboss-sensors.png | Bin 0 -> 169929 bytes docs/guide/license/index.md | 18 - docs/guide/license/license.md | 194 -- docs/guide/license/toc.json | 4 - docs/guide/meta/brooklyn-gpg-public-key.asc | 21 - docs/guide/meta/contact.include.md | 9 - docs/guide/meta/contact.md | 7 - docs/guide/meta/irc.md | 31 - docs/guide/meta/toc.json | 8 - docs/guide/meta/verify.md | 36 - docs/guide/meta/versions.md | 113 -- docs/guide/misc/download.md | 176 ++ docs/guide/misc/index.md | 20 + docs/guide/misc/javadoc/index.md | 11 + docs/guide/misc/known-issues.md | 27 + docs/guide/misc/release-notes.md | 50 + docs/guide/ops/brooklyn_properties.md | 189 ++ docs/guide/ops/catalog/index.md | 174 ++ .../guide/ops/catalog/mysql-in-catalog-w700.png | Bin 0 -> 92767 bytes docs/guide/ops/catalog/mysql-in-catalog.png | Bin 0 -> 168831 bytes docs/guide/ops/cli.md | 143 ++ docs/guide/ops/index.md | 13 + docs/guide/ops/locations/index.md | 268 +++ docs/guide/ops/locations/more-locations.md | 55 + docs/guide/ops/locations/ssh-keys.md | 85 + docs/guide/ops/logging.md | 46 + docs/guide/ops/persistence/index.md | 281 +++ docs/guide/start/_my-web-cluster.yaml | 21 + docs/guide/start/blueprints.md | 63 + docs/guide/start/brooklyn.properties | 324 ++++ docs/guide/start/catalog.xml | 22 + docs/guide/start/docs-summary.include.md | 7 - docs/guide/start/docs-summary.md | 9 - docs/guide/start/download.md | 171 -- ...cation-catalog-web-cluster-with-db-large.png | Bin 0 -> 131618 bytes ...talog-web-cluster-with-db-location-large.png | Bin 0 -> 152721 bytes ...ion-catalog-web-cluster-with-db-location.png | Bin 0 -> 86425 bytes ...-application-catalog-web-cluster-with-db.png | Bin 0 -> 76065 bytes .../start/images/add-application-modal-yaml.png | Bin 0 -> 68401 bytes .../images/jboss7-cluster-policies-large.png | Bin 0 -> 157883 bytes .../start/images/jboss7-cluster-policies.png | Bin 0 -> 94056 bytes .../start/images/my-db-activities-large.png | Bin 0 -> 208313 bytes docs/guide/start/images/my-db-activities.png | Bin 0 -> 130262 bytes .../start/images/my-web-cluster-starting.png | Bin 0 -> 32948 bytes .../my-web-cluster-stop-confirm-large.png | Bin 0 -> 148155 bytes .../images/my-web-cluster-stop-confirm.png | Bin 0 -> 79280 bytes .../guide/start/images/my-web-summary-large.png | Bin 0 -> 178785 bytes docs/guide/start/images/my-web-summary.png | Bin 0 -> 80583 bytes docs/guide/start/images/my-web.png | Bin 0 -> 83081 bytes docs/guide/start/index.include.md | 50 - docs/guide/start/index.md | 14 +- docs/guide/start/known-issues.md | 28 - docs/guide/start/managing.md | 56 + docs/guide/start/policies.md | 51 + docs/guide/start/release-notes.md | 51 - docs/guide/start/running.md | 68 + docs/guide/start/toc.json | 10 - docs/guide/start/video.md | 7 - docs/guide/start/walkthrough/index.md | 240 --- .../walkthrough/wt-deployed-application-700.png | Bin 176494 -> 0 bytes .../walkthrough/wt-deployed-application.png | Bin 127347 -> 0 bytes .../guide/start/walkthrough/wt-starting-700.png | Bin 303892 -> 0 bytes docs/guide/start/walkthrough/wt-starting.png | Bin 332710 -> 0 bytes .../walkthrough/wt-tree-jboss-sensors-700.png | Bin 268853 -> 0 bytes .../start/walkthrough/wt-tree-jboss-sensors.png | Bin 169929 -> 0 bytes docs/guide/toc-menu.json | 20 - docs/guide/toc.json | 21 - docs/guide/use/api/index.md | 11 - docs/guide/use/contact.md | 7 - docs/guide/use/examples/before-begin.include.md | 56 - .../console-geoscaling-details-w700.png | Bin 167441 -> 0 bytes .../console-geoscaling-details.png | Bin 176651 -> 0 bytes .../global-web-fabric/console-map-w700.png | Bin 201060 -> 0 bytes .../examples/global-web-fabric/console-map.png | Bin 331520 -> 0 bytes .../geopaas-deployed-app-w700.png | Bin 153738 -> 0 bytes .../global-web-fabric/geopaas-deployed-app.png | Bin 114615 -> 0 bytes .../use/examples/global-web-fabric/index.md | 378 ---- docs/guide/use/examples/index.md | 18 - docs/guide/use/examples/messaging/index.md | 181 -- .../nosql-cassandra/cassandra.include.md | 282 --- .../guide/use/examples/nosql-cassandra/index.md | 7 - docs/guide/use/examples/simple-web-cluster.md | 9 - docs/guide/use/examples/toc.json | 13 - docs/guide/use/examples/webcluster.md | 9 - docs/guide/use/examples/webcluster/index.md | 7 - .../examples/webcluster/webcluster.include.md | 124 -- .../use/guide/defining-applications/Chef.png | Bin 36222 -> 0 bytes .../defining-applications/advanced-concepts.md | 137 -- .../guide/defining-applications/archetype.md | 64 - .../defining-applications/basic-concepts.md | 95 - ...ooklyn-flow-websequencediagrams.com-w400.png | Bin 58518 -> 0 bytes .../brooklyn-flow-websequencediagrams.com.png | Bin 106928 -> 0 bytes .../defining-applications/chef-blueprints.md | 277 --- .../guide/defining-applications/common-usage.md | 145 -- .../defining-applications/creating-yaml.md | 417 ----- .../defining-applications/deploying-yaml.md | 37 - .../example_files/tomcat_multi-location.java | 15 - .../example_files/tomcat_nginx.java | 17 - .../example_files/tomcat_simple.java | 9 - .../appserver-clustered-w-db-concise.yaml | 15 - .../example_yaml/appserver-clustered-w-db.yaml | 18 - .../appserver-configured-in-config.yaml | 6 - .../example_yaml/appserver-configured.yaml | 5 - .../appserver-w-db-other-flavor.yaml | 17 - .../example_yaml/appserver-w-db.yaml | 15 - .../example_yaml/appserver-w-policy.yaml | 26 - .../example_yaml/cluster-vm.yaml | 12 - .../example_yaml/mysql-chef-1.yaml | 24 - .../example_yaml/mysql-chef-2.yaml | 28 - .../simple-appserver-with-location-byon.yaml | 12 - .../simple-appserver-with-location.yaml | 8 - .../example_yaml/simple-appserver.yaml | 4 - .../example_yaml/simple-vm.yaml | 8 - .../example_yaml/vanilla-bash-netcat-file.yaml | 6 - .../vanilla-bash-netcat-restarter.yaml | 20 - .../vanilla-bash-netcat-w-client.yaml | 72 - .../example_yaml/vanilla-bash-netcat.yaml | 18 - .../use/guide/defining-applications/examples.md | 121 -- .../defining-applications/service-state.md | 73 - .../use/guide/defining-applications/toc.json | 19 - .../web-console-yaml-700.png | Bin 138229 -> 0 bytes .../defining-applications/web-console-yaml.png | Bin 661136 -> 0 bytes .../defining-applications/yaml-reference.md | 183 -- docs/guide/use/guide/entities/index.md | 133 -- docs/guide/use/guide/entities/toc.json | 12 - docs/guide/use/guide/extras/index.md | 160 -- docs/guide/use/guide/extras/toc.json | 11 - docs/guide/use/guide/guide_toc.json | 25 - docs/guide/use/guide/index.md | 33 - docs/guide/use/guide/locations/index.md | 104 -- docs/guide/use/guide/locations/toc.json | 1 - docs/guide/use/guide/management/entitlements.md | 49 - docs/guide/use/guide/management/index.md | 407 ----- docs/guide/use/guide/management/toc.json | 20 - .../management/webconsole-dashboard-w400.png | Bin 137463 -> 0 bytes .../guide/management/webconsole-dashboard.png | Bin 214723 -> 0 bytes .../guide/management/webconsole-detail-w400.png | Bin 111993 -> 0 bytes .../use/guide/management/webconsole-detail.png | Bin 165359 -> 0 bytes docs/guide/use/guide/persistence/index.md | 289 --- docs/guide/use/guide/persistence/toc.json | 16 - docs/guide/use/guide/policies/index.md | 129 -- docs/guide/use/guide/policies/toc.json | 8 - .../use/guide/quickstart/brooklyn.properties | 324 ---- docs/guide/use/guide/quickstart/catalog.xml | 23 - ...cation-catalog-web-cluster-with-db-large.png | Bin 131618 -> 0 bytes ...talog-web-cluster-with-db-location-large.png | Bin 152721 -> 0 bytes ...ion-catalog-web-cluster-with-db-location.png | Bin 86425 -> 0 bytes ...-application-catalog-web-cluster-with-db.png | Bin 76065 -> 0 bytes .../images/add-application-modal-yaml.png | Bin 68401 -> 0 bytes .../images/jboss7-cluster-policies-large.png | Bin 157883 -> 0 bytes .../images/jboss7-cluster-policies.png | Bin 94056 -> 0 bytes .../images/my-db-activities-large.png | Bin 208313 -> 0 bytes .../quickstart/images/my-db-activities.png | Bin 130262 -> 0 bytes .../images/my-web-cluster-starting.png | Bin 32948 -> 0 bytes .../my-web-cluster-stop-confirm-large.png | Bin 148155 -> 0 bytes .../images/my-web-cluster-stop-confirm.png | Bin 79280 -> 0 bytes .../quickstart/images/my-web-summary-large.png | Bin 178785 -> 0 bytes .../guide/quickstart/images/my-web-summary.png | Bin 80583 -> 0 bytes .../use/guide/quickstart/images/my-web.png | Bin 83081 -> 0 bytes docs/guide/use/guide/quickstart/index.md | 221 --- .../use/guide/quickstart/my-web-cluster.yaml | 19 - .../guide/quickstart/policies-and-catalogs.md | 66 - docs/guide/use/guide/quickstart/toc.json | 4 - docs/guide/use/guide/toc.json | 25 - docs/guide/use/index.md | 9 - docs/guide/use/toc.json | 12 - docs/guide/yaml/chef/about-chef.md | 50 + .../yaml/chef/advanced-chef-integration.md | 48 + docs/guide/yaml/chef/chef-call-flow.png | Bin 0 -> 36222 bytes docs/guide/yaml/chef/creating-blueprints.md | 103 ++ .../yaml/chef/example_yaml/mysql-chef-1.yaml | 24 + .../yaml/chef/example_yaml/mysql-chef-2.yaml | 28 + docs/guide/yaml/chef/index.md | 18 + docs/guide/yaml/chef/writing-chef.md | 79 + docs/guide/yaml/clusters-and-policies.md | 42 + docs/guide/yaml/clusters.md | 34 + docs/guide/yaml/configuring-vms.md | 31 + docs/guide/yaml/creating-yaml.md | 78 + docs/guide/yaml/custom-entities.md | 107 ++ .../appserver-clustered-w-db-concise.yaml | 15 + .../example_yaml/appserver-clustered-w-db.yaml | 18 + .../appserver-configured-in-config.yaml | 6 + .../yaml/example_yaml/appserver-configured.yaml | 5 + .../appserver-w-db-other-flavor.yaml | 17 + .../guide/yaml/example_yaml/appserver-w-db.yaml | 15 + .../yaml/example_yaml/appserver-w-policy.yaml | 26 + docs/guide/yaml/example_yaml/cluster-vm.yaml | 12 + .../simple-appserver-with-location-byon.yaml | 12 + .../simple-appserver-with-location.yaml | 8 + .../yaml/example_yaml/simple-appserver.yaml | 4 + docs/guide/yaml/example_yaml/simple-vm.yaml | 8 + .../example_yaml/vanilla-bash-netcat-file.yaml | 6 + .../vanilla-bash-netcat-restarter.yaml | 20 + .../vanilla-bash-netcat-w-client.yaml | 76 + .../yaml/example_yaml/vanilla-bash-netcat.yaml | 18 + docs/guide/yaml/index.md | 17 + docs/guide/yaml/multiple-services.md | 97 + docs/guide/yaml/setting-locations.md | 45 + docs/guide/yaml/web-console-yaml-700.png | Bin 0 -> 138229 bytes docs/guide/yaml/web-console-yaml.png | Bin 0 -> 661136 bytes docs/guide/yaml/yaml-reference.md | 181 ++ docs/style/css/_archive_warning.scss | 31 + docs/style/css/_basic.scss | 62 + docs/style/css/_blueprint_tour.scss | 181 ++ docs/style/css/_code_blocks.scss | 98 + docs/style/css/_feature_list.scss | 60 + docs/style/css/_footer.scss | 36 + docs/style/css/_landing.scss | 26 + docs/style/css/_main_container.scss | 84 + docs/style/css/_menu.scss | 201 +++ docs/style/css/_search.scss | 29 + docs/style/css/_tooltips.scss | 14 + docs/style/css/_util.scss | 27 + docs/style/css/base.scss | 150 -- docs/style/css/guide-toc.css | 88 - docs/style/css/guide.css | 119 -- docs/style/css/javadoc.scss | 119 ++ docs/style/css/website.scss | 20 + docs/style/deps/font-awesome-4.2.0/_LICENSE | 1 + .../font-awesome-4.2.0/css/font-awesome.css | 1672 ++++++++++++++++++ .../font-awesome-4.2.0/css/font-awesome.min.css | 4 + .../font-awesome-4.2.0/fonts/FontAwesome.otf | Bin 0 -> 85908 bytes .../fonts/fontawesome-webfont.eot | Bin 0 -> 56006 bytes .../fonts/fontawesome-webfont.svg | 520 ++++++ .../fonts/fontawesome-webfont.ttf | Bin 0 -> 112160 bytes .../fonts/fontawesome-webfont.woff | Bin 0 -> 65452 bytes .../less/bordered-pulled.less | 16 + .../deps/font-awesome-4.2.0/less/core.less | 11 + .../font-awesome-4.2.0/less/fixed-width.less | 6 + .../font-awesome-4.2.0/less/font-awesome.less | 17 + .../deps/font-awesome-4.2.0/less/icons.less | 552 ++++++ .../deps/font-awesome-4.2.0/less/larger.less | 13 + .../deps/font-awesome-4.2.0/less/list.less | 19 + .../deps/font-awesome-4.2.0/less/mixins.less | 25 + .../deps/font-awesome-4.2.0/less/path.less | 14 + .../less/rotated-flipped.less | 20 + .../deps/font-awesome-4.2.0/less/spinning.less | 29 + .../deps/font-awesome-4.2.0/less/stacked.less | 20 + .../deps/font-awesome-4.2.0/less/variables.less | 561 ++++++ .../scss/_bordered-pulled.scss | 16 + .../deps/font-awesome-4.2.0/scss/_core.scss | 11 + .../font-awesome-4.2.0/scss/_fixed-width.scss | 6 + .../deps/font-awesome-4.2.0/scss/_icons.scss | 552 ++++++ .../deps/font-awesome-4.2.0/scss/_larger.scss | 13 + .../deps/font-awesome-4.2.0/scss/_list.scss | 19 + .../deps/font-awesome-4.2.0/scss/_mixins.scss | 25 + .../deps/font-awesome-4.2.0/scss/_path.scss | 14 + .../scss/_rotated-flipped.scss | 20 + .../deps/font-awesome-4.2.0/scss/_spinning.scss | 29 + .../deps/font-awesome-4.2.0/scss/_stacked.scss | 20 + .../font-awesome-4.2.0/scss/_variables.scss | 561 ++++++ .../font-awesome-4.2.0/scss/font-awesome.scss | 17 + docs/style/deps/octicons/LICENSE.txt | 9 + docs/style/deps/octicons/README.md | 1 + docs/style/deps/octicons/octicons-local.ttf | Bin 0 -> 52764 bytes docs/style/deps/octicons/octicons.css | 235 +++ docs/style/deps/octicons/octicons.eot | Bin 0 -> 31440 bytes docs/style/deps/octicons/octicons.less | 233 +++ docs/style/deps/octicons/octicons.svg | 198 +++ docs/style/deps/octicons/octicons.ttf | Bin 0 -> 31272 bytes docs/style/deps/octicons/octicons.woff | Bin 0 -> 17492 bytes .../style/deps/octicons/sprockets-octicons.scss | 230 +++ docs/style/img/feather.png | Bin 0 -> 40042 bytes docs/website/community/committers.md | 119 -- docs/website/community/fork-after.png | Bin 134377 -> 0 bytes docs/website/community/fork-before.png | Bin 131674 -> 0 bytes docs/website/community/fork-new.png | Bin 137626 -> 0 bytes .../website/community/how-to-contribute-docs.md | 6 +- docs/website/community/how-to-contribute.md | 85 - docs/website/community/index.md | 107 +- docs/website/community/irc.md | 14 + docs/website/community/mailing-lists.md | 36 + docs/website/community/migrate-to-apache.md | 117 -- docs/website/community/pull-request.png | Bin 94166 -> 0 bytes docs/website/developers/code-standards.md | 14 + docs/website/developers/committers/index.md | 10 + .../committers/merging-contributed-code.md | 118 ++ docs/website/developers/fork-after.png | Bin 0 -> 134377 bytes docs/website/developers/fork-before.png | Bin 0 -> 131674 bytes docs/website/developers/fork-new.png | Bin 0 -> 137626 bytes docs/website/developers/how-to-contribute.md | 109 ++ docs/website/developers/index.md | 42 + docs/website/developers/links.md | 22 + docs/website/developers/pull-request.png | Bin 0 -> 94166 bytes docs/website/documentation.md | 19 - docs/website/documentation/faq.md | 22 + docs/website/documentation/glossary.md | 92 + docs/website/documentation/increase-entropy.md | 2 +- docs/website/documentation/index.md | 34 + docs/website/documentation/install-on-server.md | 25 +- docs/website/documentation/other-docs.md | 11 + docs/website/documentation/passwordless-ssh.md | 29 - docs/website/documentation/ssh-key.md | 9 - docs/website/download.md | 70 - docs/website/download/index.md | 42 + docs/website/download/verify.md | 92 + docs/website/glossary.md | 92 - docs/website/index.md | 33 +- docs/website/learnmore/blueprint-tour.md | 191 ++ docs/website/learnmore/catalog/index.html | 147 -- docs/website/learnmore/catalog/index.md | 131 ++ .../learnmore/features/blueprint-compose.png | Bin 0 -> 15299 bytes .../features/blueprint-machine-specs.png | Bin 0 -> 16214 bytes docs/website/learnmore/features/blueprinting.md | 24 + docs/website/learnmore/features/index.md | 18 + .../learnmore/features/java-hierarchy.png | Bin 0 -> 106962 bytes docs/website/learnmore/features/java.md | 41 + docs/website/learnmore/features/operations.md | 75 + docs/website/learnmore/features/ops-console.png | Bin 0 -> 491417 bytes docs/website/learnmore/features/ops-rest.png | Bin 0 -> 62894 bytes .../learnmore/features/policy-based-mgmt.md | 28 + docs/website/learnmore/index.md | 23 +- docs/website/learnmore/theory.md | 27 +- docs/website/learnmore/yaml-explained.md | 8 - docs/website/meta/license.md | 205 +++ docs/website/meta/sitemap.md | 25 + docs/website/meta/versions.md | 73 + docs/website/quickstart/_my-web-cluster.yaml | 19 - docs/website/quickstart/catalog.xml | 22 - ...cation-catalog-web-cluster-with-db-large.png | Bin 131618 -> 0 bytes ...talog-web-cluster-with-db-location-large.png | Bin 152721 -> 0 bytes ...ion-catalog-web-cluster-with-db-location.png | Bin 86425 -> 0 bytes ...-application-catalog-web-cluster-with-db.png | Bin 76065 -> 0 bytes .../images/add-application-modal-yaml.png | Bin 68401 -> 0 bytes .../images/jboss7-cluster-policies-large.png | Bin 157883 -> 0 bytes .../images/jboss7-cluster-policies.png | Bin 94056 -> 0 bytes .../images/my-db-activities-large.png | Bin 208313 -> 0 bytes .../quickstart/images/my-db-activities.png | Bin 130262 -> 0 bytes .../images/my-web-cluster-starting.png | Bin 32948 -> 0 bytes .../my-web-cluster-stop-confirm-large.png | Bin 148155 -> 0 bytes .../images/my-web-cluster-stop-confirm.png | Bin 79280 -> 0 bytes .../quickstart/images/my-web-summary-large.png | Bin 178785 -> 0 bytes .../quickstart/images/my-web-summary.png | Bin 80583 -> 0 bytes docs/website/quickstart/images/my-web.png | Bin 83081 -> 0 bytes docs/website/quickstart/index.md | 218 --- .../website/quickstart/policies-and-catalogs.md | 67 - .../demo/StandaloneQpidBrokerExample.java | 10 +- .../brooklyn/demo/CumulusRDFApplication.java | 9 +- .../brooklyn/demo/ha-cassandra-cluster.yaml | 45 + .../brooklyn/demo/simple-cassandra-cluster.yaml | 28 + .../demo/wide-area-cassandra-cluster.yaml | 41 + examples/webapps/hello-world-sql/.gitignore | 1 + examples/webapps/hello-world-webapp/.gitignore | 1 + .../resources/sample/script/setup-server.sh | 2 +- pom.xml | 25 +- .../basic/AbstractSoftwareProcessDriver.java | 26 +- .../basic/AbstractSoftwareProcessSshDriver.java | 12 + .../brooklyn/entity/basic/SoftwareProcess.java | 23 +- ...wareProcessDriverLifecycleEffectorTasks.java | 7 + .../entity/basic/SoftwareProcessImpl.java | 5 +- .../entity/brooklynnode/BrooklynNodeImpl.java | 131 +- .../brooklynnode/EntityHttpClientImpl.java | 2 +- .../BrooklynClusterUpgradeEffectorBody.java | 2 +- .../BrooklynNodeUpgradeEffectorBody.java | 7 +- .../effector/SelectMasterEffectorBody.java | 2 +- .../SetHighAvailabilityModeEffectorBody.java | 2 +- ...SetHighAvailabilityPriorityEffectorBody.java | 2 +- .../java/JavaSoftwareProcessSshDriver.java | 7 +- .../software/MachineLifecycleEffectorTasks.java | 98 +- .../entity/basic/SoftwareProcessEntityTest.java | 86 +- .../basic/lifecycle/ScriptHelperTest.java | 9 +- .../entity/machine/MachineEntityRebindTest.java | 45 + .../MachineLifecycleEffectorTasksTest.java | 51 + .../entity/network/bind/BindDnsServer.java | 28 +- .../network/bind/BindDnsServerDriver.java | 10 +- .../entity/network/bind/BindDnsServerImpl.java | 98 +- .../network/bind/BindDnsServerSshDriver.java | 107 +- .../entity/network/bind/BindOsSupport.java | 113 ++ .../brooklyn/entity/network/bind/named.conf | 27 +- .../brooklyn/entity/network/bind/named.empty | 30 + .../entity/network/bind/named.localhost | 32 + .../brooklyn/entity/network/bind/named.loopback | 31 + .../brooklyn/entity/network/bind/rfc1912.zone | 52 + .../network/bind/BindDnsServerByonLiveTest.java | 44 + .../network/bind/BindDnsServerEc2LiveTest.java | 63 + .../bind/BindDnsServerIntegrationTest.java | 101 +- .../network/bind/BindDnsServerLiveTest.java | 108 +- .../bind/BindDnsServerSoftlayerLiveTest.java | 33 + .../network/bind/TestBindDnsServerImpl.java | 32 + software/nosql/pom.xml | 3 +- .../nosql/mongodb/AbstractMongoDBServer.java | 2 +- .../nosql/mongodb/AbstractMongoDBSshDriver.java | 2 +- .../nosql/mongodb/MongoDBClientSshDriver.java | 5 +- .../nosql/mongodb/MongoDBClientSupport.java | 9 +- .../entity/nosql/mongodb/MongoDBReplicaSet.java | 5 +- .../entity/nosql/mongodb/MongoDBServer.java | 7 +- .../entity/nosql/mongodb/MongoDBServerImpl.java | 21 +- .../entity/nosql/mongodb/ReplicaSetConfig.java | 11 +- .../sharding/CoLocatedMongoDBRouter.java | 14 +- .../MongoDBConfigServerClusterImpl.java | 4 +- .../mongodb/sharding/MongoDBRouterImpl.java | 2 +- .../brooklyn/entity/nosql/riak/RiakNode.java | 11 +- .../entity/nosql/mongodb/default-mongod.conf | 7 + .../entity/nosql/mongodb/default-mongodb.conf | 10 - .../brooklyn/entity/nosql/mongodb/default.conf | 2 + .../entity/nosql/mongodb/MongoDBTestHelper.java | 6 +- .../webapp/nodejs/NodeJsWebAppSshDriver.java | 2 + usage/all/start-mgmt-web.sh | 2 +- .../src/main/assembly/files/README.txt | 6 +- .../camp/brooklyn/YamlLauncherAbstract.java | 22 +- .../brooklyn/catalog/CatalogYamlEntityTest.java | 42 +- .../resources/vanilla-bash-netcat-w-client.yaml | 2 + usage/dist/src/main/dist/bin/brooklyn | 2 +- usage/jsgui/.gitignore | 1 + usage/jsgui/src/main/webapp/assets/css/base.css | 5 +- .../assets/images/main-menu-tab-active.png | Bin 974 -> 1051 bytes .../assets/img/magnifying-glass-right-icon.png | Bin 0 -> 958 bytes .../src/main/webapp/assets/js/libs/bootstrap.js | 36 +- .../main/webapp/assets/js/model/task-summary.js | 2 +- .../webapp/assets/js/view/activity-details.js | 26 +- .../assets/js/view/application-add-wizard.js | 27 +- .../src/main/webapp/assets/js/view/catalog.js | 13 +- .../webapp/assets/js/view/effector-invoke.js | 2 +- .../webapp/assets/js/view/entity-summary.js | 8 +- .../tpl/app-add-wizard/deploy-location-row.html | 4 +- .../main/webapp/assets/tpl/apps/summary.html | 2 +- usage/jsgui/src/main/webapp/index.html | 2 +- .../specs/view/effector-invoke-spec.js | 2 +- usage/launcher/pom.xml | 19 + .../brooklyn/launcher/BrooklynWebServer.java | 6 +- .../blueprints/MongoDbBlueprintTest.java | 6 +- .../src/test/resources/mongo-blueprint.yaml | 3 +- .../src/test/resources/mongo-scripts.yaml | 1 - .../src/test/resources/mongo-sharded.yaml | 5 +- .../java/brooklyn/rest/api/ActivityApi.java | 54 +- .../java/brooklyn/rest/api/ApplicationApi.java | 316 ++-- .../main/java/brooklyn/rest/api/CatalogApi.java | 41 +- .../java/brooklyn/rest/api/EffectorApi.java | 89 +- .../main/java/brooklyn/rest/api/EntityApi.java | 392 ++-- .../java/brooklyn/rest/api/EntityConfigApi.java | 187 +- .../java/brooklyn/rest/api/LocationApi.java | 66 +- .../main/java/brooklyn/rest/api/PolicyApi.java | 226 ++- .../java/brooklyn/rest/api/PolicyConfigApi.java | 159 +- .../main/java/brooklyn/rest/api/ScriptApi.java | 6 +- .../main/java/brooklyn/rest/api/SensorApi.java | 198 +-- .../main/java/brooklyn/rest/api/ServerApi.java | 37 +- .../main/java/brooklyn/rest/api/VersionApi.java | 6 +- .../brooklyn/rest/domain/ApplicationSpec.java | 243 +-- .../brooklyn/rest/domain/ConfigSummary.java | 257 ++- .../brooklyn/rest/domain/EffectorSummary.java | 252 ++- .../rest/domain/EntityConfigSummary.java | 62 +- .../java/brooklyn/rest/domain/EntitySpec.java | 135 +- .../brooklyn/rest/domain/EntitySummary.java | 111 +- .../rest/domain/HighAvailabilitySummary.java | 134 +- .../java/brooklyn/rest/domain/LocationSpec.java | 113 +- .../brooklyn/rest/domain/LocationSummary.java | 101 +- .../rest/domain/PolicyConfigSummary.java | 49 +- .../brooklyn/rest/domain/PolicySummary.java | 152 +- .../rest/domain/ScriptExecutionSummary.java | 13 +- .../brooklyn/rest/domain/SensorSummary.java | 146 +- .../java/brooklyn/rest/domain/TaskSummary.java | 335 ++-- .../brooklyn/rest/domain/UsageStatistic.java | 12 +- .../brooklyn/rest/domain/UsageStatistics.java | 31 +- .../rest/domain/ApplicationSpecTest.java | 39 +- .../rest/domain/EffectorSummaryTest.java | 36 +- .../brooklyn/rest/domain/EntitySpecTest.java | 36 +- .../brooklyn/rest/domain/EntitySummaryTest.java | 48 +- .../brooklyn/rest/domain/LocationSpecTest.java | 36 +- .../brooklyn/rest/util/RestApiTestUtils.java | 1 - .../java/brooklyn/rest/client/BrooklynApi.java | 87 +- .../rest/client/BrooklynApiRestClientTest.java | 7 +- .../brooklyn/rest/filter/NoCacheFilter.java | 40 + .../rest/resources/ActivityResource.java | 53 +- .../rest/resources/CatalogResource.java | 2 +- .../rest/resources/EntityConfigResource.java | 142 +- .../brooklyn/rest/resources/EntityResource.java | 216 +-- .../rest/resources/PolicyConfigResource.java | 121 +- .../brooklyn/rest/resources/PolicyResource.java | 5 +- .../brooklyn/rest/resources/ScriptResource.java | 5 +- .../rest/resources/VersionResource.java | 9 +- .../provider/AbstractSecurityProvider.java | 2 - .../provider/AnyoneSecurityProvider.java | 1 - .../provider/BlackholeSecurityProvider.java | 1 - ...nUserWithRandomPasswordSecurityProvider.java | 1 - .../provider/DelegatingSecurityProvider.java | 1 - .../provider/ExplicitUsersSecurityProvider.java | 1 - .../security/provider/LdapSecurityProvider.java | 1 - .../rest/transform/CatalogTransformer.java | 1 - .../rest/transform/EntityTransformer.java | 8 +- .../rest/transform/LocationTransformer.java | 1 - .../rest/transform/PolicyTransformer.java | 1 - .../rest/transform/TaskTransformer.java | 1 - .../rest/util/BrooklynRestResourceUtils.java | 43 +- .../rest/util/DefaultExceptionMapper.java | 1 - .../brooklyn/rest/util/EntityLocationUtils.java | 1 - .../brooklyn/rest/util/FormMapProvider.java | 1 - .../brooklyn/rest/util/WebResourceUtils.java | 11 + .../util/json/BrooklynJacksonJsonProvider.java | 1 - .../json/ConfigurableSerializerProvider.java | 3 +- .../ErrorAndToStringUnknownTypeSerializer.java | 1 - .../rest/util/json/MultimapSerializer.java | 3 +- ...StrictPreferringFieldsVisibilityChecker.java | 2 +- .../brooklyn/rest/BrooklynRestApiLauncher.java | 11 +- .../brooklyn/rest/domain/ApplicationTest.java | 87 +- .../rest/domain/LocationSummaryTest.java | 35 +- .../brooklyn/rest/domain/SensorSummaryTest.java | 108 +- .../rest/resources/ApplicationResourceTest.java | 877 +++++---- .../rest/resources/CatalogResourceTest.java | 420 +++-- .../rest/resources/LocationResourceTest.java | 103 +- .../rest/resources/VersionResourceTest.java | 33 +- .../util/BrooklynRestResourceUtilsTest.java | 94 + usage/scripts/change-version.sh | 2 +- usage/scripts/grep-in-poms.sh | 2 +- .../java/brooklyn/test/EntityTestUtils.java | 18 +- .../java/brooklyn/util/ssh/BashCommands.java | 10 +- .../main/java/brooklyn/util/time/Duration.java | 9 +- .../brooklyn/util/stream/StreamGobblerTest.java | 90 + 667 files changed, 22756 insertions(+), 13493 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/c53e4e34/docs/guide/java/entitlements.md ---------------------------------------------------------------------- diff --cc docs/guide/java/entitlements.md index 0000000,0000000..a1dd544 new file mode 100644 --- /dev/null +++ b/docs/guide/java/entitlements.md @@@ -1,0 -1,0 +1,42 @@@ ++--- ++title: Entitlements ++layout: website-normal ++--- ++ ++Brooklyn supports a plug-in system for defining "entitlements" -- ++essentially permissions. ++ ++Any entitlement scheme can be implemented by supplying a class which implements one method on one class: ++ ++ public interface EntitlementManager { ++ public <T> boolean isEntitled(@Nullable EntitlementContext context, @Nonnull EntitlementClass<T> entitlementClass, @Nullable T entitlementClassArgument); ++ } ++ ++This answers the question who is allowed do what to whom, looking at the following fields: ++ ++* `context`: the user who is logged in and is attempting an action ++ (extensions can contain additional metadata) ++* `entitlementClass`: the type of action being queried, e.g. `DEPLOY_APPLICATION` or `SEE_SENSOR` ++ (declared in the class `Entitlements`) ++* `entitlementClassArgument`: details of the action being queried, ++ such as the blueprint in the case of `DEPLOY_APPLICATION` or the entity and sensor name in the case ++ of `SEE_SENSOR` ++ ++To set a custom entitlements manager to apply across the board, simply use: ++ ++ brooklyn.entitlements.global=brooklyn.management.entitlement.AcmeEntitlementManager ++ ++The example above refers to a sample manager which is included in the test JARs of Brooklyn, ++which you can see [here]({{ site.brooklyn.url.git }}/core/src/test/java/brooklyn/management/entitlement/AcmeEntitlementManagerTest.java), ++and include in your project by adding the core tests JAR to your `dropins` folder. ++ ++There are some entitlements schemes which exist out of the box, so for a simpler setup, ++see [Operations: Entitlements]({{ site.path.guide }}/ops/brooklyn_properties.html#entitlements). ++ ++There are also more complex schemes which some users have developed, including LDAP extensions ++which re-use the LDAP authorization support in Brooklyn, ++allowing permissions objects to be declared in LDAP leveraging regular expressions. ++For more information on this, ask on IRC or the mailing list, ++and see ++{% include java_link.html class_name="EntitlementManager" package_path="brooklyn/management/entitlement" project_subpath="api" %}. ++ http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/c53e4e34/docs/guide/java/index.md ---------------------------------------------------------------------- diff --cc docs/guide/java/index.md index 0000000,eb58e8a..c2bd407 mode 000000,100644..100644 --- a/docs/guide/java/index.md +++ b/docs/guide/java/index.md @@@ -1,0 -1,22 +1,23 @@@ + --- + title: Java Blueprints + title_in_menu: Java Blueprints + layout: website-normal + children: + - archetype.md + - defining-and-deploying.md + - topology-dependencies-management-policies.md + - common-usage.md + - entity.md + - entities.md + - policy.md + - policies.md + - service-state.md ++- entitlements.md + --- + + Java blueprints are much more powerful than YAML but is also rather more difficult. + Advanced Java skills are required. + + {% include list-children.html %} + + Brooklyn makes it easy to describe the structure and management of sophisticated distributed applications, and then it makes it easy to launch them in a cloud, with on-going automated management. http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/c53e4e34/docs/guide/ops/brooklyn_properties.md ---------------------------------------------------------------------- diff --cc docs/guide/ops/brooklyn_properties.md index 0000000,da8b848..a7cbbf3 mode 000000,100644..100644 --- a/docs/guide/ops/brooklyn_properties.md +++ b/docs/guide/ops/brooklyn_properties.md @@@ -1,0 -1,175 +1,189 @@@ + --- + title: brooklyn.properties + layout: website-normal + children: + - { section: Quick Setup } + - { section: Locations } + - { section: Java } + - { section: Authentication } + - { section: Entitlements } + - { section: HTTPS Configuration } + --- + + {% include fields.md %} + + The file `~/.brooklyn/brooklyn.properties` is read when Brooklyn starts + to load server configuration values. + A different properties file can be specified either additionally or instead + through [CLI options](cli.html#configuration). + + A template [brooklyn.properties]({{brooklyn_properties_url_path}}) file is available, + with abundant comments. + + + ## Quick Setup + + The most common properties set in this file are for access control. + Without this, Brooklyn will bind only to localhost or will create a random + password written to the log for use on other networks. + The simplest way to specify users and passwords is: + + {% highlight properties %} + brooklyn.webconsole.security.users=admin,bob + brooklyn.webconsole.security.user.admin.password=AdminPassw0rd + brooklyn.webconsole.security.user.bob.password=BobPassw0rd + {% endhighlight %} + + The properties file *must* have permissions 600 + (i.e. readable and writable only by the file's owner), + for some security. + + In many cases, it is preferable instead to use an external credentials store such as LDAP + or at least to have passwords in this file. + Information on configuring these is [below](#authentication). + + If coming over a network it is highly recommended additionally to use `https`. + This can be configured with: + + {% highlight properties %} + brooklyn.webconsole.security.https.required=true + {% endhighlight %} + + More information, including setting up a certificate, is described [further below](#https-configuration). + + + ## Locations + + Information on defining locations in the `brooklyn.properties` file is available [here](locations/). + + + ## Java + + Arbitrary data can be set in the `brooklyn.properties`. + This can be accessed in java using `ManagementContext.getConfig(KEY)`. + + + ## Authentication + + **Security Providers** are the mechanism by which different authentication authorities are plugged in to Brooklyn. + These can be configured by specifying `brooklyn.webconsole.security.provider` equal + to the name of a class implementing `SecurityProvider`. + An implementation of this could point to Spring, LDAP, OpenID or another identity management system. + + The default implementation, `ExplicitUsersSecurityProvider`, reads from a list of users and passwords + which should be specified as configuration parameters e.g. in `brooklyn.properties`. + This configuration could look like: + + {% highlight properties %} + brooklyn.webconsole.security.users=admin + brooklyn.webconsole.security.user.admin.salt=OHDf + brooklyn.webconsole.security.user.admin.sha256=91e16f94509fa8e3dd21c43d69cadfd7da6e7384051b18f168390fe378bb36f9 + {% endhighlight %} + + The `users` line should contain a comma-separated list. The special value `*` is accepted to permit all users. + + To generate this, the brooklyn CLI can be used: + {% highlight bash %} + brooklyn generate-password --user admin + + Enter password: + Re-enter password: + + Please add the following to your brooklyn.properies: + + brooklyn.webconsole.security.users=admin + brooklyn.webconsole.security.user.admin.salt=OHDf + brooklyn.webconsole.security.user.admin.sha256=91e16f94509fa8e3dd21c43d69cadfd7da6e7384051b18f168390fe378bb36f9 + {% endhighlight %} + + Alternatively, in dev/test environments where a lower level of security is required, + the syntax `brooklyn.webconsole.security.user.<username>=<password>` can be used for + each `<username>` specified in the `brooklyn.webconsole.security.users` list. + + Other security providers available include: + + * **No one**: `brooklyn.webconsole.security.provider=brooklyn.rest.security.provider.BlackholeSecurityProvider` + will block all logins (e.g. if not using the web console) + * **No security**: `brooklyn.webconsole.security.provider=brooklyn.rest.security.provider.AnyoneSecurityProvider` + will allow logins with no credentials (e.g. in secure dev/test environments) + * **LDAP**: `brooklyn.webconsole.security.provider=brooklyn.rest.security.provider.LdapSecurityProvider` + will cause Brooklyn to call to an LDAP server to authenticate users; + `brooklyn.webconsole.security.ldap.{url,realm}` must also be set as `brooklyn.properties` + + + ## Entitlements + -In addition to login access, fine-grained permissions including -seeing entities, creating applications, seeing sensors, and invoking effectors ++In addition to login access, fine-grained permissions -- including ++seeing entities, creating applications, seeing sensors, and invoking effectors -- + can be defined on a per-user *and* per-target (e.g. which entity/effector) basis -using an **Entitlement Manager**. ++using a plug-in **Entitlement Manager**. + + This can be set globally with the property: + + {% highlight properties %} + brooklyn.entitlements.global=<class> + {% endhighlight %} + + The default entitlement manager is one which responds to per-user entitlement rules, + and understands: + + * `root`: full access, including to the Groovy console + * `readonly`: read-only access to almost all information + * `minimal`: access only to server stats, for use by monitoring systems + -{% comment %} -TODO in Entitlements - + These keywords are also understood at the `global` level, so to grant full access to `admin` -but read-only access to any other authenticated users, you can write: ++but limited access to other authenticated users and `readonly, ++you can write: + + {% highlight properties %} + brooklyn.entitlements.global=readonly -brooklyn.entitlements.user.admin=root ++brooklyn.entitlements.perUser.admin=root ++brooklyn.entitlements.perUser.support=readonly ++brooklyn.entitlements.perUser.metrics=minimal ++{% endhighlight %} ++ ++Under the covers this invokes the `PerUserEntitlementManager`, ++with a `default` set (and if not specified `default` defaults to `minimal`); ++so the above can equivalently be written: ++ ++{% highlight properties %} ++brooklyn.entitlements.global=brooklyn.management.entitlement.PerUserEntitlementManager ++brooklyn.entitlements.perUser.default=readonly ++brooklyn.entitlements.perUser.admin=root ++brooklyn.entitlements.perUser.support=readonly ++brooklyn.entitlements.perUser.metrics=minimal + {% endhighlight %} + -{% endcomment %} ++For more information, see ++[Java: Entitlements]({{ site.path.guide }}/java/entitlements.html). ++or ++{% include java_link.html class_name="EntitlementManager" package_path="brooklyn/management/entitlement" project_subpath="api" %}. + -For more information, see {% include java_link.html class_name="EntitlementManager" package_path="brooklyn/management/entitlement" project_subpath="api" %}. + + + ## HTTPS Configuration + + To enable https, you will need a server certificate in a java keystore. To create a self-signed certificate, you can use the + following command: + + {% highlight bash %} + % keytool -genkey -keyalg RSA -alias brooklyn -keystore <path-to-keystore-directory>/server.key -storepass mypassword -validity 360 -keysize 2048 + {% endhighlight %} + + You will then be prompted to enter you name and organization details. This will create a keystore with the password `mypassword` + - you should use your own secure password, which will be the same password used in your brooklyn.properties (below). + You will also need to replace `<path-to-keystore-directory>` with the full path of the folder where you wish to store your + keystore. + + The certificate generated will be a self-signed certificate and will not have a CN field identifying the website server + name, which will cause a warning to be displayed by the browser when viewing the page. For production servers, a valid signed + certificate from a trusted certifying authority should be used instead + + To enable HTTPS in Brooklyn, add the following to your brooklyn.properties: + + {% highlight properties %} + brooklyn.webconsole.security.https.required=true + brooklyn.webconsole.security.keystore.url=<path-to-keystore-directory>/server.key + brooklyn.webconsole.security.keystore.password=mypassword + brooklyn.webconsole.security.keystore.certificate.alias=brooklyn + {% endhighlight %}
