Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-admin/src/site/xdoc/openid.xml URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-admin/src/site/xdoc/openid.xml?rev=1691449&view=auto ============================================================================== --- portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-admin/src/site/xdoc/openid.xml (added) +++ portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-admin/src/site/xdoc/openid.xml Thu Jul 16 21:01:09 2015 @@ -0,0 +1,332 @@ +<?xml version="1.0"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<document> + <properties> + <title>OpenID Configuration Guide</title> + <subtitle>OpenID Configuration Guide</subtitle> + <authors> + <person name="Randy Watler" email="[email protected]" /> + </authors> + </properties> + <body> + <section name="OpenID Configuration"> + <p> + OpenID support in Jetspeed Portal is disabled by default since it typically needs to be configured for specific OpenID providers. To enable it, the OpenID support filter and servlet need to be setup in the portal <code>web.xml</code> configuration file and the OpenID login portlet needs to be made available in the portal landing page. To utilize OpenID single sign-on, (SSO), OpenID aware portlets can then be used to access information on other sites seamlessly. + </p> + <subsection name="Enabling the OpenID Filter and Servlet"> + <p> + The OpenIDPortalFilter and OpenIDRelayingPartyServlet are required to support OpenID with the portal. A sample setup is included in the portal <code>web.xml</code> configuration file. The servlet initialization parameters configure OpenID discovery, OpenID consumer implementation, and portal user registration. Some OpenID configuration found here can also be done in the <a href="#Using_OpenID_Portlets">OpenID login portlet</a> if more than one set of configurations is needed. + </p> + <source><![CDATA[ + ... + <filter> + <filter-name>OpenIDPortalFilter</filter-name> + <filter-class>org.apache.jetspeed.openid.filter.OpenIDPortalFilter</filter-class> + </filter> + ... + <filter-mapping> + <filter-name>OpenIDPortalFilter</filter-name> + <url-pattern>/*</url-pattern> + </filter-mapping> + ... + <servlet> + <description> + OpenID Relaying Party, (RP), servlet used to return discovery + metadata at OpenID realm and to process authentication return + requests. + </description> + <display-name>OpenID Relaying Party Servlet</display-name> + <servlet-name>OpenIDRelayingPartyServlet</servlet-name> + <servlet-class>org.apache.jetspeed.openid.OpenIDRelayingPartyServlet</servlet-class> + <init-param> + <description>Discovery domain to provider URL/host mapping.</description> + <param-name>discovery.gmail.com</param-name> + <param-value>https://www.google.com/accounts/o8/id</param-value> + </init-param> + <init-param> + <description>Enable servlet init parameter registration configuration.</description> + <param-name>enableRegistrationConfig</param-name> + <param-value>false</param-value> + </init-param> + <init-param> + <description>Enable new user registration.</description> + <param-name>enableRegistration</param-name> + <param-value>true</param-value> + </init-param> + <init-param> + <description>Global new user template directory to be used for registration.</description> + <param-name>newUserTemplateDirectory</param-name> + <param-value>/_template/new-user/</param-value> + </init-param> + <init-param> + <description>Global subsite root folder to be used for registration.</description> + <param-name>subsiteRootFolder</param-name> + <param-value></param-value> + </init-param> + <init-param> + <description>Global roles to be assigned at registration.</description> + <param-name>roles</param-name> + <param-value>user</param-value> + </init-param> + <init-param> + <description>Global groups to be assigned at registration.</description> + <param-name>groups</param-name> + <param-value></param-value> + </init-param> + <init-param> + <description>Global profiling rule names to be assigned at registration.</description> + <param-name>rulesNames</param-name> + <param-value>page</param-value> + </init-param> + <init-param> + <description>Global profiling rule values to be assigned at registration.</description> + <param-name>rulesValues</param-name> + <param-value>j2</param-value> + </init-param> + <load-on-startup>2</load-on-startup> + </servlet> + ... + <servlet-mapping> + <servlet-name>OpenIDRelayingPartyServlet</servlet-name> + <url-pattern>/openid</url-pattern> + <url-pattern>/openid/*</url-pattern> + </servlet-mapping> + ... + ]]></source> + <p> + The following initialization parameters can be used to configure the OpenIDRelayingPartyServlet: + </p> + <table> + <tr> + <th>Parameter</th> + <th>Description</th> + </tr> + <tr> + <td>discovery.*</td> + <td>Discovery domain to provider URL/host mapping. A supported OpenID domain is appended to property name prefix and the mapped domain or URL is set for the domain with the property. This property is only necessary if a non-standard OpenID provider URL is used, (e.g. Google), or a domain alias mapping is necessary. Examples: discovery.gmail.com = https://www.google.com/accounts/o8/id or discovery.anotherdomain.com = mydomain.com</td> + </tr> + <tr> + <td>consumer.*</td> + <td>Discovery domain to consumer implementation mapping. A supported OpenID domain is appended to property name prefix and the mapped consumer implementation name, ('step2' or 'openid4java'), is set for the domain with the property. This property is only necessary to specify the Google Step2 library implementation used for Google hosted OpenID domains, (OpenID4Java is the default implementation). Example: consumer.mydomain.com = step2.</td> + </tr> + <tr> + <td>enableRegistrationConfig</td> + <td>Enable servlet init parameter registration configuration. If this flag is not set, registration configurations in individual <a href="#Using_OpenID_Portlets">OpenID login portlet</a> instances is used and these are ignored.</td> + </tr> + <tr> + <td>enableRegistration</td> + <td>Enable new user registration.</td> + </tr> + <tr> + <td>newUserTemplateDirectory</td> + <td>Global new user template directory to be used for registration.</td> + </tr> + <tr> + <td>subsiteRootFolder</td> + <td>Global subsite root folder to be used for registration.</td> + </tr> + <tr> + <td>roles</td> + <td>Global roles to be assigned at registration.</td> + </tr> + <tr> + <td>groups</td> + <td>Global groups to be assigned at registration.</td> + </tr> + <tr> + <td>rulesNames</td> + <td>Global profiling rule names to be assigned at registration.</td> + </tr> + <tr> + <td>rulesValues</td> + <td>Global profiling rule values to be assigned at registration.</td> + </tr> + </table> + <p> + The user's OpenID email address associated with their OpenId login is used as the username in the portal. Whenever the user is authenticated by the <a href="#Using_OpenID_Portlets">OpenID login portlet</a> and OpenIDRelayingPartyServlet, the following OpenID attribute exchange and/or simple registration data is synchronized with portal user attributes: + </p> + <table> + <tr> + <th>OpenId Data</th> + <th>Portal User Attribute</th> + </tr> + <tr> + <td> + attribute: http://axschema.org/contact/email<br/> + simple registration: email + </td> + <td>user.business-info.online.email</td> + </tr> + <tr> + <td> + attribute: http://axschema.org/namePerson<br/> + simple registration: fullname + </td> + <td>user.name</td> + </tr> + <tr> + <td> + attribute: http://axschema.org/namePerson/last<br/> + simple registration: n/a + </td> + <td>user.name.family</td> + </tr> + <tr> + <td> + attribute: http://axschema.org/namePerson/first<br/> + simple registration: n/a + </td> + <td>user.name.given</td> + </tr> + <tr> + <td> + attribute:http://axschema.org/namePerson/friendly<br/> + simple registration: nickname + </td> + <td>user.name.nickName</td> + </tr> + </table> + <p> + In addition to providing OpenID authentication services, the OpenIDRelayingPartyServlet also serves OpenID Relaying Party metadata. The metadata endpoint allows the OpenID provider to validate the portal as a legitimate OpenID client. The URI associated with the metadata is computed from the metadata request itself, (e.g. <code>http[s]://portal.mydomain.com/jetspeed/openid</code>). + </p> + </subsection> + <subsection name="Using OpenID Portlets"> + <p> + The OpenIDLoginPortlet is required to support portal OpenID logins. By default, this portlet is configured to support login buttons for Google, Yahoo!, and myOpenID providers with an OpenID entry field where users can enter OpenID URLs or provider domains. New user registration is also enabled by default, (as mentioned above, the new user's OpenID email address is used as the portal user id). These and new user registration properties can be configured as portlet parameters and preferences. + </p> + <img src="images/openid-login.png"/> + <p> + Once the end user is logged in, the OpenIDLoginPortlet displays the logged in user id and allows the user to logout. + </p> + <img src="images/openid-loggedin.png"/> + <p> + The following configuration parameters and preferences are supported by the OpenIDLoginPortlet: + </p> + <table> + <tr> + <th>Parameter/Preference Name</th> + <th>Default</th> + <th>Description</th> + </tr> + <tr> + <td>providerLabels</td> + <td>Gmail, Yahoo!, myOpenID</td> + <td>Display names for OpenID provider buttons.</td> + </tr> + <tr> + <td>providerDomains</td> + <td>gmail.com, yahoo.com, myopenid.com</td> + <td>Domain names for OpenID provider buttons.</td> + </tr> + <tr> + <td>enableOpenIDEntry</td> + <td>true</td> + <td>Enable OpenID provider or URL entry.</td> + </tr> + <tr> + <td>enableRegistrationConfig</td> + <td>false</td> + <td>Enable portlet init parameter registration configuration.</td> + </tr> + <tr> + <td>enableRegistration</td> + <td>true</td> + <td>Global enable new user registration.</td> + </tr> + <tr> + <td>newUserTemplateDirectory</td> + <td>/_template/new-user/</td> + <td>Global new user template directory to be used for registration.</td> + </tr> + <tr> + <td>subsiteRootFolder</td> + <td><i>none</i></td> + <td>Global subsite root folder to be used for registration.</td> + </tr> + <tr> + <td>roles</td> + <td>user</td> + <td>Global roles to be assigned at registration.</td> + </tr> + <tr> + <td>groups</td> + <td><i>none</i></td> + <td>Global groups to be assigned at registration.</td> + </tr> + <tr> + <td>rulesNames</td> + <td>page</td> + <td>Global profiling rule names to be assigned at registration.</td> + </tr> + <tr> + <td>rulesValues</td> + <td>j2</td> + <td>Global profiling rule values to be assigned at registration.</td> + </tr> + </table> + <p> + When a portal user is authenticated using the OpenIDLoginPortlet, a session attribute that contains the login domain is set. This session attribute, (<a href="../apidocs/org/apache/jetspeed/PortalReservedParameters.html"><code>PortalReservedParameters.SESSION_OPEN_ID_PROVIDER</code></a>), can be checked by other portlets to ensure the user is logged in before referencing protected resources. The OpenIDIFramePortlet uses this technique to check an OpenID login domain before including a protected web page. The following configuration preference is supported by the OpenIDIFramePortlet in addition to the IFramePortlet preferences: + </p> + <table> + <tr> + <th>Preference Name</th> + <th>Default</th> + <th>Description</th> + </tr> + <tr> + <td>REQUIREDOPENIDPROVIDERLABEL</td> + <td><i>none</i></td> + <td>Required OpenID provider label.</td> + </tr> + <tr> + <td>REQUIREDOPENIDPROVIDER</td> + <td><i>none</i></td> + <td>Required OpenID provider domain.</td> + </tr> + </table> + <p> + The OpenIDIFramePortlet is often used when the portal uses a single specific OpenID provider to protect enterprise assets. Both the OpenIDLoginPortlet and the OpenIDIFramePortlet can be configured accordingly. + </p> + <p> + OpenIDLoginPortlet: + <ul> + <li>providerLabels = MyDomain</li> + <li>providerDomains = mydomain.com</li> + <li>enableOpenIDEntry = false</li> + </ul> + </p> + <p> + OpenIDIFramePortlet: + <ul> + <li>SRC = http://www.mydomain.com/...</li> + <li>REQUIREDOPENIDPROVIDERLABEL = MyDomain</li> + <li>REQUIREDOPENIDPROVIDER = mydomain.com</li> + </ul> + </p> + <p> + The portlet configuration above will appear like this when the user is not logged in. + </p> + <img src="images/openid-domain-login.png"/> + <p> + After logging in, the user will be able to see the protected content in the portal page. + </p> + <img src="images/openid-domain-loggedin.png"/> + </subsection> + </section> + </body> +</document>
Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-admin/src/site/xdoc/palm.xml URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-admin/src/site/xdoc/palm.xml?rev=1691449&view=auto ============================================================================== --- portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-admin/src/site/xdoc/palm.xml (added) +++ portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-admin/src/site/xdoc/palm.xml Thu Jul 16 21:01:09 2015 @@ -0,0 +1,95 @@ +<?xml version="1.0"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<document> + <properties> + <title>Portlet Application Lifecycle Administration Guide</title> + <subtitle>Guide to Administering Portlet Application Lifecycle</subtitle> + <authors> + <person name="David Sean Taylor" email="[email protected]" /> + <person name="Jody McAlister" email="[email protected]" /> + </authors> + </properties> + <body> + <section name="Portlet Application Lifecycle Administration Guide"> + <p> + The Portlet Application Lifecycle Manager can be found in the Jetspeed Administrative Portlets Tabbed Menu named PALM. This Administrative + portlet can be used to manage portlets deployed from war files that were added through RPAD or are part of the default installation. + </p> + <p> + <img src="images/palmmain.png"/> + </p> + <p> + <table> + <tr> + <th>Field</th> + <th>Description</th> + </tr> + <tr> + <td>Name</td> + <td>Corresponds to the Artifact ID from the <a href="rpad.html">RPAD portlet.</a></td> + </tr> + <tr> + <td>Version</td> + <td>Defaults to 1.0.</td> + </tr> + <tr> + <td>Path</td> + <td>The path is the location of the portlet files in relation to the webapps folder of the Application Server.</td> + </tr> + <tr> + <td>Running</td> + <td>Shows the status of the Portlet. True or False values.</td> + </tr> + <tr> + <td>Commands</td> + <td>Actions to take on the portlet listed in the same row.</td> + </tr> + <tr> + <td> </td> + <td>Start</td> + <td>Starts a portlet that has been stopped using the stop command, will not start an undeployed portlet.</td> + </tr> + <tr> + <td> </td> + <td>Stop</td> + <td>Changes the state of a running portlet from true to false. Portlet will remain on pages they were previously added.</td> + </tr> + <tr> + <td> </td> + <td>Undeploy</td> + <td>Disables the portlet. Portlet must be redployed from <a href="rpad.html">RPAD</a> before it can be started again. Portlet is still available in Add Portlets section</td> + </tr> + <tr> + <td> </td> + <td>Delete</td> + <td>Removes the portlet from the list of portlets and removes from the list of portlets in the Add Portlet section.</td> + </tr> + </table> + </p> + <p> + Each of the commands start, stop, undeploy and delete will display a warning message in a drop down window that will ask you to confirm your action. + </p> + <p> + <img src="images/palmmessage.png"/> + </p> + <p> + Required portlets will have their Commands section without clickable links to prevent disabling Jetspeed. + </p> + </section> + </body> +</document> \ No newline at end of file Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-admin/src/site/xdoc/pam.xml URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-admin/src/site/xdoc/pam.xml?rev=1691449&view=auto ============================================================================== --- portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-admin/src/site/xdoc/pam.xml (added) +++ portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-admin/src/site/xdoc/pam.xml Thu Jul 16 21:01:09 2015 @@ -0,0 +1,309 @@ +<?xml version="1.0"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<document> + <properties> + <title>Portlet Application Administration Guide</title> + <subtitle>Guide to Administering Portlet Application</subtitle> + <authors> + <person name="David Sean Taylor" email="[email protected]" /> + <person name="Jody McAlister" email="[email protected]" /> + <person name="Niels van Kampenhout" email="[email protected]" /> + </authors> + </properties> + <body> + <section name="Portlet Application Administration Guide"> + <p> + <img src="images/pam_main.png" /> + </p> + <subsection name="Portlet Application Browser"> + <p> + The Portlet Application Manager window defaults to displaying J2_ROOT and it's sub APP_ROOT. Click on the switch icon next to APP_ROOT + to display the list of available applications. Each of the applications has a switch icon to display one or more portlets associated with + each application. + </p> + <p> + Clicking on any application link will populate the Portlet Application Detail window to the right. Clicking on any Portlet Link will populate + the same window with the application details and the portlet details. + </p> + <table> + <tr> + <th>Field</th> + <th>Description</th> + </tr> + <tr> + <td>Search</td> + <td>Search will locate any applications, portlets or keywords that match your search parameter and display them in the search section.</td> + </tr> + <tr> + <td>Application Tree View</td> + <td>Hierarchical view with clickable link for applications and their associated portlets.</td> + </tr> + </table> + </subsection> + <subsection name="Portlet Application Detail - Application Details"> + <h4>Details Tab</h4> + <img src="images/pam_pa_details.png"/> + <table> + <tr> + <th>Field</th> + <th>Description</th> + </tr> + <tr> + <td>Name</td> + <td>Name of the application war file.</td> + </tr> + <tr> + <td>Version</td> + <td>Version number of the application.</td> + </tr> + <tr> + <td>Description</td> + <td>Optional field for describing the application.</td> + </tr> + <tr> + <td>Type</td> + <td>The application type.</td> + </tr> + <tr> + <td>ID</td> + <td>Generally the same as the application name.</td> + </tr> + <tr> + <td>Security Constraint</td> + <td>The dropdown menu contains the following options : No Constraints, admin, manager, users, public-view, public-edit, AEUV, dev, devmgr and delegated.</td> + </tr> + </table> + <h4>Metadata Tab</h4> + <img src="images/pam_pa_metadata.png"/> + <table> + <tr> + <th>Field</th> + <th>Description</th> + </tr> + <tr> + <td>Name</td> + <td>Name of the Metadata field.</td> + </tr> + <tr> + <td>Value</td> + <td>The value to associate with the Metadata field name.</td> + </tr> + <tr> + <td>Locale</td> + <td>A valid 2 letter country code.</td> + </tr> + </table> + <h4>Portlets Tab</h4> + <img src="images/pam_pa_portlets.png"/> + <table> + <tr> + <th>Field</th> + <th>Description</th> + </tr> + <tr> + <td>Drop Down Menu</td> + <td>A dropdown menu to select any portlets contained within the application you are viewing. Selecting a portlet will refresh the window with portlet details.</td> + </tr> + </table> + <h4>User Attributes Tab</h4> + <img src="images/pam_pa_userattr.png"/> + <table> + <tr> + <th>Field</th> + <th>Description</th> + </tr> + <tr> + <td>Name</td> + <td>A field name for any attribute to associate with the user. ie, phone number, last name, etc... </td> + </tr> + <tr> + <td>Value</td> + <td>The value of the associated attribute.</td> + </tr> + </table> + </subsection> + <subsection name="Portlet Application Detail - Portlet Details"> + <h4>Details Tab</h4> + <img src="images/pam_portlet_details.png"/> + <table> + <tr> + <th>Field</th> + <th>Description</th> + </tr> + <tr> + <td>Expiration Cache</td> + <td>A value of -1 sets the Expiration to never expire. 0 to not use Expiration. Any other value will be time for Expiration in seconds.</td> + </tr> + <tr> + <td>ID</td> + <td>The id of the portlet.</td> + </tr> + <tr> + <td>Unique Name</td> + <td>This field is formatted as application::ID.</td> + </tr> + <tr> + <td>Preferences Validator</td> + <td>A class implementing the PreferencesValidator interface can be associated with the + preferences definition in the deployment descriptor.</td> + </tr> + <tr> + <td>Class Name</td> + <td>Contains the fully qualified class name of the portlet.</td> + </tr> + <tr> + <td>Display Name</td> + <td>Multiple entries are allowed. A valid 2 letter country code for the Locale and a Name that will display for that Portlet in that Locale can be added in the section below.</td> + </tr> + </table> + <h4>Metadata Tab</h4> + <img src="images/pam_portlet_metadata.png"/> + <table> + <tr> + <th>Field</th> + <th>Description</th> + </tr> + <tr> + <td>Name</td> + <td>Name of the Metadata field.</td> + </tr> + <tr> + <td>Locale</td> + <td>A valid 2 letter country code.The value to associate the Metadata field name.</td> + </tr> + <tr> + <td>Value</td> + <td>A valid 2 letter country code.</td> + </tr> + </table> + <h4>Preferences Tab</h4> + <img src="images/pam_portlet_prefs.png"/> + <table> + <tr> + <th>Field</th> + <th>Description</th> + </tr> + <tr> + <td>Name</td> + <td>Name of the preference you wish to create.</td> + </tr> + <tr> + <td>Value</td> + <td>The value of the preference to be associate with the preference.</td> + </tr> + </table> + <h4>Languages Tab</h4> + <img src="images/pam_portlet_lang.png"/> + <table> + <tr> + <th>Field</th> + <th>Description</th> + </tr> + <tr> + <td>Title</td> + <td>Title to appear in title bar of the portlet.</td> + </tr> + <tr> + <td>Short Title</td> + <td>A short descriptive title.</td> + </tr> + <tr> + <td>Keyword</td> + <td>Comma delimited list of keywords to associate with the portlet.</td> + </tr> + <tr> + <td>Locale</td> + <td>A valid 2 letter country code.</td> + </tr> + </table> + <h4>Parameters Tab</h4> + <img src="images/pam_portlet_params.png"/> + <table> + <tr> + <th>Field</th> + <th>Description</th> + </tr> + <tr> + <td>Name</td> + <td>Name of Parameters to be associated with the portlet.</td> + </tr> + <tr> + <td>Value</td> + <td>The value to be associated with the Parameter name.</td> + </tr> + <tr> + <td>Description</td> + <td>Optional description of the portlet.</td> + </tr> + <tr> + <td>Locale</td> + <td>Optional valid 2 letter country code.</td> + </tr> + </table> + <h4>Security Tab</h4> + <img src="images/pam_portlet_security.png"/> + <table> + <tr> + <th>Field</th> + <th>Description</th> + </tr> + <tr> + <td>Role Name</td> + <td>The name of the role.</td> + </tr> + <tr> + <td>Role Link</td> + <td>The id of the role link.</td> + </tr> + <tr> + <td>Description</td> + <td>A descriptive phrase for this item.</td> + </tr> + <tr> + <td>Locale</td> + <td>A valid 2 letter country code.</td> + </tr> + <tr> + <td>Security Constraint</td> + <td>The dropdown menu contains the following options : No Constraints, admin, manager, users, public-view, public-edit, AEUV, dev, devmgr and delegated.</td> + </tr> + </table> + <h4>Content Type Tab</h4> + <img src="images/pam_portlet_contenttype.png"/> + <table> + <tr> + <th>Field</th> + <th>Description</th> + </tr> + <tr> + <td>Content Type</td> + <td>MimeType like text/html. Wildcards are allowed.</td> + </tr> + <tr> + <td>Portlet Mode</td> + <td>Standard portlet modes that the portlet supports. Shift-click to select multiple.</td> + </tr> + <tr> + <td>Custom Modes</td> + <td>Custom Modes that the portlet supports. Custom Modes are added directly to the modes list after any Standard Modes.</td> + </tr> + </table> + </subsection> + </section> + </body> +</document> \ No newline at end of file Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-admin/src/site/xdoc/permissions.xml URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-admin/src/site/xdoc/permissions.xml?rev=1691449&view=auto ============================================================================== --- portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-admin/src/site/xdoc/permissions.xml (added) +++ portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-admin/src/site/xdoc/permissions.xml Thu Jul 16 21:01:09 2015 @@ -0,0 +1,183 @@ +<?xml version="1.0"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<document> + <properties> + <title>Permissions Administration Guide</title> + <subtitle>Guide to Administering Security Permissions</subtitle> + <authors> + <person name="David Sean Taylor" email="[email protected]"/> + <person name="Jody McAlister" email="[email protected]"/> + <person name="Niels van Kampenhout" email="[email protected]"/> + </authors> + </properties> + <body> + <section name="Security Permissions Administration Guide"> + <p> + Security permissions restrict access to resources in the portal. Portal resources (folders, links, + pages, portlets) can be secured with either: + <ul> + <li>Security Constraints (based on Jetspeed-specific security constraints)</li> + <li>Security Permissions (based on a Java Security Policy)</li> + </ul> + The default security is Constraints as they are easier to configure by a portal administrator. The + advantage of Permissions is that they are stored in a central repository in the Jetspeed database, and + they adhere to the Java Security Standard. Both constraints and permissions inherit. Meaning that if you + set a permission or constraint on a folder, it is inherited by all subfolders and pages. Permissions are + an implementation of a Java Security Policy stored in a database. + </p> + <p> A permission grants a permission to a security principal, either: + <ul> + <li>a role</li> + <li>a group</li> + <li>a user</li> + <li>or * for all users</li> + </ul> + A permission defines the action, which can be standard portlet modes: + <ul> + <li>view</li> + <li>edit</li> + <li>help</li> + </ul> + Or Jetspeed extended portlet modes: <ul> + <li>edit_defaults</li> + <li>about </li> + <li>config </li> + <li>print</li> + </ul> + </p> + <subsection name="Permission Management"> + <p> + Permission Management is located on the fourth tab from the left on the Jetspeed Administrative Portlets page. + It contains one portlet, Security Permissions, which allows you to set permissions for a role on three + different resource types: portlets, folders, and pages. + </p> + <p><img src="images/perms-portlets.png" /></p> + <h4>The Permissions User Interface</h4> + <p> + The UI of the Permissions portlet is devided into the following sections: + </p> + <table> + <tr> + <th>UI section</th> + <th>Description</th> + </tr> + <tr> + <td>Resource type tabs</td> + <td> + <p> + Select the resource type you want to define permissions for by + clicking on the corresponding tab. + </p> + <p> + The resource types are: + </p> + <ul> + <li>Portlets</li> + <li>Folders</li> + <li>Pages</li> + </ul> + <p><img src="images/perm-tabs.png" /></p> + </td> + </tr> + <tr> + <td>Permissions listing</td> + <td> + <p> + The list of permissions defined for the selected resource type. Each permission displays + the resource name, the permitted actions, and the roles to which this permission applies. + </p> + <p><img src="images/perm-resources.png" /></p> + </td> + </tr> + <tr> + <td>Permission form</td> + <td> + <p> + This form allows you to edit the permission selected in the list, or create a new permission. + </p> + <p> + "Roles" display a list of roles in which you can select the roles to which this permission applies, + by checking the corresponding checkboxes. + </p> + <p> + "Actions" displays a list of actions in which you can select the actions that are permitted + to the selected roles, on the selected resource, by checking the corresponding checkboxes. + Available actions are: + </p> + <ul> + <li>View</li> + <li>Edit</li> + <li>Help</li> + <li>About</li> + <li>Config</li> + <li>Edit Defaults</li> + <li>Print</li> + </ul> + <p> + Finally, in the top right corner of the form are four buttons to create a new permission, or + to save, revert or delete the selected permission. + </p> + <p><img src="images/perms-buttons.png" /></p> + </td> + </tr> + </table> + <h4>Editing a Permission</h4> + <p> + To edit a permission, select one in the permission listing. The permission settings will be loaded in the + form. Select the roles this permission should apply to by checking the appropriate checkboxes. Check the actions + that you want to permit by checking the appropriate checkboxes. Save the permission by clicking on the + "Save" button. As long as you have not saved, you can revert your changes by clicking on the "Revert" button. + </p> + <h4>Deleting a permission</h4> + <p> + To delete a permission, select on in the permission listing, and then click on the "Delete" button. + </p> + <h4>Creating a New Permission</h4> + <p> + To create a new permission, click on the "New" button. The "Resource" text field will be enabled for editing, enter + the resource name here. The new permission will show up immediately in the listing. Select the roles and actions as + described above for editing an existing permission. Click on "Save" to store the permission. If you decide you + do not want to create the new permission after all, click on "Delete" to remove it. + </p> + </subsection> + <subsection name="Permission Usage"> + <p> + A security definition is referenced by portal resources to secure that particular resource. The + following resources can be secured: + <ul> + <li>Folder: in the folder metadata</li> + <li>Page: in a PSML file </li> + <li>Link: in a .link file </li> + <li>Portlet Window: one instance of a portlet on a page</li> + <li>Portlet Definition: all instances of a portlet on all pages</li> + <li>Portlet Application: all portlets in a portlet application</li> + </ul> + Securing a resource is as simple as defining a permission definition using the administrative + portlet defined above. You can do this from several areas of the portal: + <ul> + <li>1. The Site Manager to secure a folder, page or link</li> + <li>2. Portlet Application Manager, to secure a Portlet Application or Portlet Definition</li> + <li>3. Config Mode, if available for a portlet, you can secure a portlet instance</li> + </ul> + Additionally, portlets can be secured in the deployment descriptors. See the + <a href="../deployguide/index.html">deployment</a> guide for more details. + </p> + </subsection> + </section> + </body> +</document> Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-admin/src/site/xdoc/portlet-selector.xml URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-admin/src/site/xdoc/portlet-selector.xml?rev=1691449&view=auto ============================================================================== --- portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-admin/src/site/xdoc/portlet-selector.xml (added) +++ portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-admin/src/site/xdoc/portlet-selector.xml Thu Jul 16 21:01:09 2015 @@ -0,0 +1,80 @@ +<?xml version="1.0"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<document> + <properties> + <title>Portlet Selector Administration Guide</title> + <subtitle>Guide to Portlet Selector</subtitle> + <authors> + <person name="David Sean Taylor" email="[email protected]" /> + <person name="Jody McAlister" email="[email protected]" /> + </authors> + </properties> + <body> + <section name="Portlet Selector Administration Guide"> + <subsection name="Adding Portlets"> + <p> + Enter edit mode of the portlet window and click on Add Portlet in the upper right. The Portlet Selector windows shows + the portlets that are available for you to add. + </p> + <p> + <img align="top" src="images/portletselector.png"/> + </p> + <p> + There are three main ways to locate a portlet. + </p> + <p> + <table> + <tr> + <th>Method</th> + <th>Description</th> + </tr> + <tr> + <td>Navigate</td> + <td>You may navigate through multiple pages by using the numbered links.</td> + </tr> + <tr> + <td>Search</td> + <td>A search field is provided for searching for a portlet by name.</td> + </tr> + <tr> + <td>Categories</td> + <td>Portlets are separated into clickable categories.</td> + </tr> + </table> + </p> + <p> + The portlet selector displays the name of the portlet, a brief description, an Add option and a counter of how many instances + of this portlet are currently running. Clicking on the Add link will increase the counter by 1, but no other visible changes will + occur at this time. + </p> + <p> + <img align="top" src="../usersguide/images/portletdetails.png"/> + </p> + <p> + Clicking on the [GoBack] option or arrow will bring you to the original customization window where you can see your portlets have been added + to your portlet window. If you have changed your decorator from the default decorator, you may find that your new portlets are using a + different decorator rather than the decorator you are now using. + </p> + <p> + You will need to return at one point to the original customization window before you see the restore option to leave the configuration + area. + </p> + </subsection> + </section> + </body> +</document> \ No newline at end of file Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-admin/src/site/xdoc/profiler.xml URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-admin/src/site/xdoc/profiler.xml?rev=1691449&view=auto ============================================================================== --- portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-admin/src/site/xdoc/profiler.xml (added) +++ portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-admin/src/site/xdoc/profiler.xml Thu Jul 16 21:01:09 2015 @@ -0,0 +1,576 @@ +<?xml version="1.0"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<document> + <properties> + <title>Profiler Administration Guide</title> + <subtitle>Guide to Administering Profiler</subtitle> + <authors> + <person name="David Sean Taylor" email="[email protected]" /> + <person name="Jody McAlister" email="[email protected]" /> + </authors> + </properties> + <body> +<section name="Profiler Overview"> +<p> + +The Jetspeed Profiler is a portal resource location rule-based engine. +The profiler locates the following kinds of portal resources: +<ul> + <li>PSML pages</li> + <li>Folders</li> + <li>Menus</li> + <li>Links</li> +</ul> +</p> +<p> + <img src="images/profadmin1.png" /> +</p> +<p> +When a request is received by the portal, the profiler will compute a normalized instruction set, known +as a profile locator. The locator is then added to the request context, from which subsequent components on the +Jetspeed pipeline, most notably the Page Manager and Portal Site components, can take the profile locator +and use it to find a requested resource. For example, the Page Manager uses the locator to find a page or folder. +The Portal Site component uses the locator build the options on a menu. +</p> +<p> +The profile locator is the output from the profiler. The input is a normalized set of runtime parameters and state. +The profiler input is defined in profiling rules, and can be made of any Java class available on the pipeline. +Jetspeed comes with quite a few predefined rules for taking criteria from request parameters, HTTP headers, +security information, language and session attributes. The profiler is invoked during the Jetspeed request +processing pipeline in the profiler valve. +</p> +<p> +<img src="../devguide/images/profiler-pipeline.jpg" border="1"/> +</p> +<p> +All of these runtime parameters are called the <i>profile criterion</i>, which the profiler uses to locate +portal resources. +</p> +</section> +<section name="Located Portal Resources: Pages"> +<p> +The Profiler searches over a directory tree of PSML pages trying to locate a +PSML page to be displayed. By default, this directory structure is found under WEB-INF/pages. +The pages directory can also be stored in the database. This directory structure, comprised of +portal resources (pages, folders, menus, links), is a <i>physical</i> representation of the portal site. +The Jetspeed team plans to also support <i>logical</i> views of the portal site in future releases. +</p> +<p> +Analogous to a file system, there is one physical root to the portal site. However, using the concept of <i>subsites</i>, +the Jetspeed site can support entire subsites that are not visible to other subsites, or the main site. +There are several reserved (system) directories standardized by the profiler: +<table> + <tr> + <th>Reserved Folder</th> + <th>Description</th> + </tr> + <tr> + <td>_user</td> + <td>holds all user-specific folders and pages</td> + </tr> + <tr> + <td>_role</td> + <td>holds all role-organized folders and pages</td> + </tr> + <tr> + <td>_group</td> + <td>holds all group-organized folders and pages</td> + </tr> + <tr> + <td>_subsite-root</td> + <td>contains complete subsite trees, exactly like root tree</td> + </tr> +</table> +<img src="../devguide/images/pages.jpg" border="1"/> +</p> +<p>By applying profiling rules, the profiler locates pages in the portal site directory.</p> +</section> +<section name="Profiling Rules"> +<p> + +A ProfilingRule defines a list of criteria used when evaluating a request +to determine the location of a specific resource. Profiling rules are +used by the profiler to locate portal resources +based on the decoupled criteria for known portlet request data. +A rule consists of an ordered list of criteria which should be applied +in a given order. Following this rule's order, the profiling engine applies +each criteria of the rule using a less-specific algorithm until the least +specific resource criterion is considered. When all criteria are exhausted, +the rule will fail and a fallback resource will be required. +</p> +<subsection name='Rule Criteria'> +<p> + <img src="images/profadmin3.png" /> +</p> +<p> +A Rule Criterion specifies one criterion in a list of profiling rule criteria. +The rule is used to build a normalized profiling locator and then +locate a portal resource based on the current user request. +Rule Criteria are templates for locating profile properties. +Criteria consist of: +<table> + <tr><td>Type</td> + <td>The type of criterion. Types are configured in the profiler spring configuraiton. + Each type maps to a <i>rule criterion resolver</i>. A resolver is a Java class which maps request input + to a normalized location instruction. Valid resolvers are provided in the table below. + </td> + </tr> + <tr> + <td>Fallback Order</td> + <td>The sequential in which to apply this criterion within the profiling rule.</td> + </tr> + <tr> + <td>Fallback Type</td> + <td>After evaluation this criterion, the rule can either continue processing the remaining + criteria, or stop processing. The fallback type determines how to continue processing. + Valid values are: + <table> + <tr> + <td>FALLBACK_CONTINUE</td> + <td>evaluate this criterion and if it fails continue to the next criterion</td> + </tr> + <tr> + <td>FALLBACK_STOP</td> + <td>evaluate this criterion and if it fails stop evaluation criteria for this rule</td> + </tr> + <tr> + <td>FALLBACK_LOOP</td> + <td>evaluate this criterion and if it fails continue evaluating</td> + </tr> + </table> + </td> + </tr> + <tr> + <td>Name</td> + <td>The unique name (per rule) of this criterion. Upon matches, the name is mapped to the profile locator property name.</td> + </tr> + <tr> + <td>Value</td> + <td>The default value (not required) to use for this criterion when resolution fails.</td> + </tr> +</table> +More complex implementations will need to use other inputs in mapping to resources such as Cookies, IP Address Ranges, Statistical Resource Usage Analysis, or Business Rules. +</p> +</subsection> +<subsection name='Rule Criterion Resolvers'> +<p> +The table below displays all default rule criterion resolvers available with Jetspeed out of the box. +Resolvers are Java classes, implementing the interface from the Jetspeed API <i>org.apache.jetspeed.profiler.rules.RuleCriterionResolver</i>. +You may use this default set of resolvers to build your own profiling rules. Rules are currently stored in the +Jetspeed database. Portal administrators may edit the rules using an administrative portlet. In the demo system, +login as the user "admin" to see an example of the Jetspeed Profiler Administration portlet. +</p> +<p>Additionally, you may add your own resolvers to Jetspeed. You will need to create a jar file + holding your custom resolvers, and then drop them into the Jetspeed webapp's class path. Resolvers + will need to be given a unique name. This is done by modifying the profiler.xml in the Spring assembly. + See the section below on configuration to see where to add a resolver to the Spring configuration. +<table> + <tr> + <th>Resolver</th> + <th>Description</th> + </tr> + <tr> + <td>request</td> + <td>resolve by matching a request parameter by name, returning the request parameter value for a locator property taking the name of the criterion</td> + </tr> + <tr> + <td>session</td> + <td>resolve by matching a session attribute by name, returning the session attribute value for a locator property taking the name of the criterion</td> + </tr> + <tr> + <td>request.session</td> + <td>resolve by first matching a request parameter by name. If not matched, try matching a session attribute name, returning the request parameter or session attribute value for a locator property taking the name of the criterion</td> + </tr> + <tr> + <td>path</td> + <td>resolve by matching the PSML page <i>path</i> value of the current request. The path is typically the path and name of a page, such as <i>default-page</i> for a locator property named <quote>path</quote></td> + </tr> + <tr> + <td>path.session</td> + <td>resolve by matching the PSML page <i>path</i> value of the current request. The path is typically the path and name of a page, such as <i>default-page</i>. If fails to find a valid path in the request, will then look in the session for the page value. The locator property will be named <quote>path</quote></td> + </tr> + <tr> + <td>hard.coded</td> + <td>resolve to a hard.coded default value, for example, set a locator property named page to <quote>/my-account.psml</quote></td> + </tr> + <tr> + <td>user</td> + <td>resolve by matching the name of the current authenticated user. The username is mapped to a locator property named <quote>user</quote></td> + </tr> + <tr> + <td>role</td> + <td>resolve by matching all of the security roles of the current authenticated user (in the JAAS Subject of the request context) and putting them in a comma-separated list. The locator property should be named <quote>role</quote>. The role criterion is often used in combination with path criteria, to create a role-fallback rule that searches over all security roles for a given user.</td> + </tr> + <tr> + <td>group</td> + <td>resolve by matching all of the groups of the current authenticated user (in the JAAS Subject of the request context) and putting them in a comma-separated list. The locator property should be named <quote>group</quote>. The group criteion is often used in combination with path criteria, to create a group-fallback rule that searches over all security groups for a given user.</td> + </tr> + <tr> + <td>rolecombo</td> + <td>resolve by matching all of the security roles of the current authenticated user (in the JAAS Subject of the request context) and putting them in a dash-separated string, for example: (role1-role2-role3). The locator property should be named <quote>role</quote>. The role criterion is often used in combination with path criteria, to create a role-fallback rule that searches over all security roles for a given user.</td> + </tr> + <tr> + <td>mediatype</td> + <td>resolve by matching the media type (HTML,XHTML,WML...) from the request context. Sets a locator property named <quote>mediatype</quote></td> + </tr> + <tr> + <td>language</td> + <td>resolve by matching the browser's language from the request context locale (originating from the HTML headers). Sets a locator property named <quote>language</quote></td> + </tr> + <tr> + <td>country</td> + <td>resolve by matching the browser's country code from the request context locale (originating from the HTML headers). Sets a locator property named <quote>country</quote></td> + </tr> + <tr> + <td>group.role.user</td> + <td>resolve by first matching on a request parameter named <quote>group</quote>. If that fails, resolve on a request parameter named <quote>role</quote>. If that fails, resolve by matching the name of the current authenticated user. The username is mapped to a locator property named <quote>user</quote></td> + </tr> + <tr> + <td>user.attribute</td> + <td>resolve by matching a Portlet API User Attribute by name, returning the user attribute value for a locator property taking the name of the criterion</td> + </tr> + <tr> + <td>user.agent</td> + <td>resolve by matching the browser's (client) user agent from the request context device capabilities (originating from the HTML headers)</td> + </tr> + <tr> + <td>hostname</td> + <td>resolve by matching the host name from the server name in the request, returning the host name</td> + </tr> + <tr> + <td>domain</td> + <td>resolve by matching the domain from the server name in the request, returning the domain</td> + </tr> + <tr> + <td>navigation</td> + <td>A directive to changes the current navigation path during a profile location resolution performed by the page manager. The value can be the location of a folder, for example <quote>/pages/freecontent</quote></td> + </tr> +</table> +<i>Note that all criteria will fall back to the default value when no match is made. Locator property expects a criterion named <quote>navigation</quote></i> +</p> +</subsection> +<subsection name='Default Rules'> +<p> +Several rules are provided by default with the Jetspeed system. +The rules in the table below display the criterion in a most-specific to least-specific ordering. +</p> +<table> + <tr> + <th>Rule</th> + <th>Description</th> + </tr> + <tr> + <td>j1</td> + <td> + <p>Implements the Jetspeed-1 hard-coded profiler fallback algorithm, resolving in a most-specific to least-specific algorithm:</p> + <table> + <tr> + <th>criterion</th> + <th>name</th> + <th>value</th> + <th>fallback</th> + </tr> + <tr> + <td>country</td> + <td>country</td> + <td></td> + <td>continue</td> + </tr> + <tr> + <td>language</td> + <td>language</td> + <td></td> + <td>continue</td> + </tr> + <tr> + <td>mediatype</td> + <td>mediatype</td> + <td></td> + <td>continue</td> + </tr> + <tr> + <td>group.role.user</td> + <td>user|group|role</td> + <td></td> + <td>stop</td> + </tr> + <tr> + <td>path.session</td> + <td>page</td> + <td>default-page</td> + <td>stop</td> + </tr> + </table> + </td> + </tr> + <tr> + <td>role-fallback</td> + <td> + <p>A role based fallback algorithm, trying to find the most-specific resource by searching over all security roles for the current authenticated user.</p> + <table> + <tr> + <th>criterion</th> + <th>name</th> + <th>value</th> + <th>fallback</th> + </tr> + <tr> + <td>path.session</td> + <td>page</td> + <td>default-page</td> + <td>stop</td> + </tr> + <tr> + <td>role</td> + <td>role</td> + <td></td> + <td>continue</td> + </tr> + </table> + </td> + </tr> + <tr> + <td>group-fallback</td> + <td> + <p>A group based fallback algorithm, trying to find the most-specific resource by searching over all security groups for the current authenticated user.</p> + <table> + <tr> + <th>criterion</th> + <th>name</th> + <th>value</th> + <th>fallback</th> + </tr> + <tr> + <td>path.session</td> + <td>page</td> + <td>default-page</td> + <td>stop</td> + </tr> + <tr> + <td>group</td> + <td>group</td> + <td></td> + <td>continue</td> + </tr> + </table> + </td> + </tr> + <tr> + <td>j2</td> + <td> + <p>The default profiling rule for users and mediatype minus language and country.</p> + <table> + <tr> + <th>criterion</th> + <th>name</th> + <th>value</th> + <th>fallback</th> + </tr> + <tr> + <td>mediatype</td> + <td>mediatype</td> + <td></td> + <td>continue</td> + </tr> + <tr> + <td>group.role.user</td> + <td>user|group|role</td> + <td></td> + <td>stop</td> + </tr> + <tr> + <td>path.session</td> + <td>page</td> + <td>default-page</td> + <td>stop</td> + </tr> + </table> + </td> + </tr> + <tr> + <td>security</td> + <td> + <p>The security profiling rule needed to force credential change requirements.</p> + <table> + <tr> + <th>criterion</th> + <th>name</th> + <th>value</th> + <th>fallback</th> + </tr> + <tr> + <td>hard.coded</td> + <td>page</td> + <td>/my-account.psml</td> + <td>stop</td> + </tr> + </table> + </td> + </tr> + <tr> + <td>path</td> + <td> + <p>Only criterion applied is the path portion of the portal URL.</p> + <table> + <tr> + <th>criterion</th> + <th>name</th> + <th>value</th> + <th>fallback</th> + </tr> + <tr> + <td>path</td> + <td>page</td> + <td>/</td> + <td>stop</td> + </tr> + </table> + </td> + </tr> + <tr> + <td>user-role-fallback</td> + <td> + <p>Rule will first look for the resource in the user's home folder. If not found there, a role based fallback algorithm is applied, trying to find the most-specific resource by searching over all security roles for the current authenticated user.</p> + <table> + <tr> + <th>criterion</th> + <th>name</th> + <th>value</th> + <th>fallback</th> + </tr> + <tr> + <td>path.session</td> + <td>page</td> + <td>default-page</td> + <td>continue</td> + </tr> + <tr> + <td>role</td> + <td>role</td> + <td></td> + <td>continue</td> + </tr> + <tr> + <td>navigation</td> + <td>navigation</td> + <td>/</td> + <td>loop</td> + </tr> + <tr> + <td>user</td> + <td>user</td> + <td></td> + <td>continue</td> + </tr> + + </table> + </td> + </tr> + <tr> + <td>user-rolecombo-fallback</td> + <td> + <p>Rule will first look for the resource in the user's home folder. If not found there, a role based fallback algorithm is applied, trying to find the most-specific resource by searching over all security roles for the current authenticated user. Creates a locater property named <quote>role</quote> that is the concatenation of all roles into one string, such as <i>role1-role2-role3</i>. This combined string is used as the role name in the locator.</p> + <table> + <tr> + <th>criterion</th> + <th>name</th> + <th>value</th> + <th>fallback</th> + </tr> + <tr> + <td>path.session</td> + <td>page</td> + <td>default-page</td> + <td>continue</td> + </tr> + <tr> + <td>rolecombo</td> + <td>role</td> + <td></td> + <td>continue</td> + </tr> + <tr> + <td>navigation</td> + <td>navigation</td> + <td>/</td> + <td>loop</td> + </tr> + <tr> + <td>user</td> + <td>user</td> + <td></td> + <td>continue</td> + </tr> + + </table> + </td> + </tr> + <tr> + <td>subsite-role-fallback-home</td> + <td> + <p>A rule based on role fallback algorithm with specified subsite and home page</p> + <table> + <tr> + <th>criterion</th> + <th>name</th> + <th>value</th> + <th>fallback</th> + </tr> + <tr> + <td>path</td> + <td>path</td> + <td>subsite-default-page</td> + <td>stop</td> + </tr> + <tr> + <td>role</td> + <td>role</td> + <td></td> + <td>continue</td> + </tr> + <tr> + <td>navigation</td> + <td>navigation</td> + <td>subsite-root</td> + <td>loop</td> + </tr> + </table> + </td> + </tr> + + </table> +</subsection> +</section> +<section name="Profile Locators"> +<p> +Profile Locators are used to locate profiled portal resources such as +pages, folders, menus and links. A locator contains a collection of properties +(name value pairs) describing the actual resource to be located. +</p> +<img src="../devguide/images/parameter-resolution.jpg" border="1"/> +<p> +The profiler takes runtime information as input, generalized into +generalized profile locators that are passed on to the page manager to locate a page or menu. +The profile locators are normalized and not coupled to the profiler or page manager implementation. +</p> +<img src="../devguide/images/parameter-resolution-2.jpg" border="1"/> +</section> + + +</body> +</document> \ No newline at end of file Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-admin/src/site/xdoc/roles.xml URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-admin/src/site/xdoc/roles.xml?rev=1691449&view=auto ============================================================================== --- portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-admin/src/site/xdoc/roles.xml (added) +++ portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-admin/src/site/xdoc/roles.xml Thu Jul 16 21:01:09 2015 @@ -0,0 +1,136 @@ +<?xml version="1.0"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<document> + <properties> + <title>Role Administration Guide</title> + <subtitle>Guide to Administering Roles</subtitle> + <authors> + <person name="David Sean Taylor" email="[email protected]" /> + <person name="Jody McAlister" email="[email protected]" /> + <person name="Jeff Maddux" email="[email protected]" /> + </authors> + </properties> + <body> + <section name="Role Administration Guide"> + <p> + Role Management is where you manage individual portal roles. You can create new roles and remove existing roles. + You can assign users to roles. The Role Management page is located inside the Jetspeed Administrative Portlets section. + The Role Management page is the second tab on the administrative menu across the top. The Role management section is comprised + of two portlets, Role Admin and Role Detail Information. + </p> + </section> + <section name="Role Admin"> + <p> + The Role Admin portlet lists all portal roles and allows you to search for a particular role. + </p> + <p> + <img src="images/roles.png"/> + </p> + <subsection name="Searching"> + <p> + You can search for a particular role by entering the role name or part of the role name in the search text box. + After clicking on the "Search" button, the role listing will show the search results, starting with the user that best matched your + search query, followed by the users that normally appear after the matched user in alphabetical order. + </p> + </subsection> + <subsection name="Filtering"> + <p> + To get only exact matches when searching for (or part of) a particular role name, check the "filter" checkbox below the + search text box. + </p> + </subsection> + </section> + <section name="Adding and Deleting Roles"> + <p> + The Role Detail Information portlet allows you to add and/or remove roles. Select a role in the Role admin portlet and the Role + Detail Information portlet will update with members of that role. The selected role in the Role admin porlet will now have an + arrow marking it. + </p> + <p> + <img src="images/roledetail.png"/> + </p> + <subsection name="Adding a Role"> + <p> + To add a role, depending on the Role Detail Information portlets state, you either need to... + <ul> + <li>select "Add New Role", enter a role name and press "Save" (screenshot above), or</li> + <li>enter a role name and press "Save" (screenshot below).</li> + </ul> + </p> + <p> + <img src="images/roledetailsimple.png"/> + </p> + </subsection> + <subsection name="Removing a Role"> + <p> + To remove a role from the system, click on the desired role in the Role Admin portlet. A small arrow will appear in front of the + role name to indicate it is currently selected, and the role's existing users will be loaded in the Role Details Information portlet. + Click the "Remove Role" button. This action is permanent. + </p> + </subsection> + </section> + <section name="Adding Users to Roles"> + <p> + To add or remove users assigned to a role, click on the role name in the Role Admin portlet. A small arrow will appear in front of the + role name to indicate it is currently selected, and the role's existing users will be loaded in the Role Details Information portlet. + </p> + <subsection name="Paging"> + <p> + If there are more than ten users assigned to a role in the system, the role listing is spread over several pages + each displaying ten users. You can navigate through the pages using the buttons right below the listing. + Clicking on the "Refresh" button will reset the user listing to the first page. + </p> + <p> + <img src="images/roledetailpaging.png"/> + </p> + </subsection> + <subsection name="Add Users to Role"> + <p> + The Role Detail Information portlet allows you to add users to a role. Select "Add Users to Role". + A pop-up window will appear. Check the users you wish to add and click "Add Users". The Role Detail Information portlet + will be populated with the selected users. + </p> + <p> + <img src="images/roleuserchooser.png"/> + </p> + </subsection> + <subsection name="Remove Checked Users"> + <p> + To remove a user from a role, select the user(s) you wish to remove and click on the "Remove Checked Users" button. + Be aware that this action is permanent! + </p> + <p> + <img src="images/roleremove.png"/> + </p> + </subsection> + <subsection name="Search Users in Role"> + <p> + You can search for a particular user by entering the users name or part of the users name in the search text box. + After clicking on the "Search" button, the "Users in Role" listing will show the search results, starting with the user that best matched your + search query, followed by the users that normally appear after the matched user in alphabetical order. + </p> + </subsection> + <subsection name="Filter Users in Role"> + <p> + To get only exact matches when searching for (or part of) a particular user name, check the "filter" checkbox below the + search text box. Clicking on the "Refresh" button will reset the group listing to the first page. + </p> + </subsection> + </section> + </body> +</document> \ No newline at end of file Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-admin/src/site/xdoc/rpad.xml URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-admin/src/site/xdoc/rpad.xml?rev=1691449&view=auto ============================================================================== --- portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-admin/src/site/xdoc/rpad.xml (added) +++ portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-admin/src/site/xdoc/rpad.xml Thu Jul 16 21:01:09 2015 @@ -0,0 +1,111 @@ +<?xml version="1.0"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<document> + <properties> + <title>Remote Portlet Application Deployment Administration Guide</title> + <subtitle>Guide to Administering Remote Portlet Application Deployment</subtitle> + <authors> + <person name="David Sean Taylor" email="[email protected]" /> + <person name="Jody McAlister" email="[email protected]" /> + </authors> + </properties> + <body> + <section name="Remote Portlet Application Deployment Administration Guide"> + <p> + The Remote Portlet Application Deployer can be found in the Jetspeed Administrative Portlets Tabbed Menu named RPAD. You may use + this portlet to deploy War files containing portlets that are not available by default. Once the the War has been deployed, you will find + any new portlets by going to <a href="../usersguide/portletmodes.html">edit mode</a> and the <a href="../usersguide/portlets.html#adding_portlets">Add Portlet</a> area. + </p> + <p> + <img src="images/rpadmain.png"/> + </p> + <p> + <table> + <tr> + <th>Field</th> + <th>Description</th> + </tr> + <tr> + <td>Group ID</td> + <td>Name of the organization or company distributing the war file.</td> + </tr> + <tr> + <td>Artifact ID</td> + <td>The common way of naming a distributable file.</td> + </tr> + <tr> + <td>Name</td> + <td>Name of the portlet application, usually the same as the Artifact ID.</td> + </tr> + <tr> + <td>Version</td> + <td>The version of the portlet application.</td> + </tr> + <tr> + <td>Type</td> + <td>Portlet applications only, currently always distributed as war artifacts.</td> + </tr> + <tr> + <td>Action</td> + <td>Deploy the portlet application within Jetspeed. You can manage the portlet application with the <a href="palm.html">PALM</a> (Portlet Application Lifecycle Manager).</td> + </tr> + </table> + </p> + <p> + The repository drop down menu has a listing of all currently included repositories. By default, all repository items are displayed + in groups of 10. Paging at the bottom of the portlet will allow you to navigate through the pages. Choosing one of the repositories + in the drop down menu and clicking Select will change the display so that only items from that repository are displayed. Selecting the + blank menu option will result in items from all repositories being displayed. + </p> + <p> + <img src="images/rpadselect.png"/> + </p> + <p> + The Refresh button is used to redraw the contents of the window. Refreshing is needed after clicking the deploy link as the deploy action will + change all deploy links to a non-clickable state. These deploy links will remain unclickable for the duration of the deployment process, regardless + of pressing the Refresh Button. The deploy links will return to their normal state after the deployment process has completed and the screen is + redrawn through the Refresh Button or any other action requiring the portlet to redraw the window contents. + </p> + <subsection name="Managing Repositories"> + <p> + Repositories may be managed by entering into <a href="../usersguide/portletmodes.html">edit mode</a> from the portlet action bar. + </p> + <p> + <img src="images/rpadmanage.png"/> + </p> + <p> + The Edit action link will allow you to change existing information such as repository name and the location of the configuration file for the repository. + The window will change similar to the screenshot pictured below for Add Repository. + </p> + <p> + The Delete action link remove the repository located in the same row as the link. + </p> + <p> + The Reload Repositories button will refresh the configuration xml files for each repository. + </p> + <p> + The Add Repository button will take you to another window which will allow you to enter a name for the repository and a Configuration + Path to an xml file with the Repository information. + </p> + <p> + <img src="images/rpadadd.png"/> + </p> + </subsection> + </section> + </body> +</document> \ No newline at end of file Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-admin/src/site/xdoc/search.xml URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-admin/src/site/xdoc/search.xml?rev=1691449&view=auto ============================================================================== --- portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-admin/src/site/xdoc/search.xml (added) +++ portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-admin/src/site/xdoc/search.xml Thu Jul 16 21:01:09 2015 @@ -0,0 +1,45 @@ +<?xml version="1.0" ?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<document> + <properties> + <title>Jetspeed-2 Search</title> + <authors> + <person name="David Le Strat" email="[email protected]" /> + </authors> + </properties> + <body> + <section name="Using Jetspeed Search Engine"> + <p> + Jetspeed-2 <code>SearchEngine</code> exposes a <code>search</code> operation returning <code>SearchResults</code>. + The <code>SearchResult</code> can be iterated through to display the result of the search. + </p> + <subsection name="Portlet Search"> + <p> + Jetspeed-2 <code>SearchEngine</code> is used by the <code>PortletApplicationBrowser</code> portlet to search + and retrieve portlet according to a given criteria. + <br/> + <img src="images/portlet-search.gif" border="0" /> + </p> + <p> + Performing a search for "security" returns all the matching portlets and portlet definitions. + </p> + </subsection> + </section> + </body> +</document> +
