Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-deploy/src/site/xdoc/security-config.xml URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-deploy/src/site/xdoc/security-config.xml?rev=1691449&view=auto ============================================================================== --- portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-deploy/src/site/xdoc/security-config.xml (added) +++ portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-deploy/src/site/xdoc/security-config.xml Thu Jul 16 21:01:09 2015 @@ -0,0 +1,378 @@ +<?xml version="1.0"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<document> + <properties> + <title>Jetspeed 2 Security Services Configuration</title> + <authors> + <person name="David Le Strat" email="[email protected]" /> + <person name="Ate Douma" email="[email protected]" /> + </authors> + </properties> + <body> + <section name='Security Deployment Configuration'> + <p>This section of the guide provides deployers with several quick deployment configuration options for Jetspeed Security.</p> + <subsection name='Authorization: Permissions vs Constraints'> + <p>Jetspeed supports two different kinds of authorization policies: + <ol> + <li>Permissions - use a standard Java Security Policy. Jetspeed stores this policy in a relational database</li> + <li>Constraints - Jetspeed specific Constraint-based Security</li> + </ol> + </p> + <p>By default, Jetspeed uses constraints as shown in the service configuration for the Security Access Controller bean shown below, from the Spring configuration file <code>administration.xml</code>. + Constraints are usually defined on the resource itself in the Jetspeed site, such as on pages or folders. See the <a href='guide-security-declarative-psml.html'>Constraints guide</a> as + well as the <a href='../adminguide/constraints.html'></a> for more information on constraints-based security. + </p> + <p>Java Security policies are a little more advanced. See the <a href='../devguide/atz-jaas.html'>JAAS Security Policy Guide</a> for more information on configuring Jetspeed's JAAS Security Policy in a relational database</p> + <source><![CDATA[ +<bean id="org.apache.jetspeed.security.SecurityAccessController" + class='org.apache.jetspeed.security.impl.SecurityAccessControllerImpl'> + <constructor-arg index='0'> + <ref bean="org.apache.jetspeed.page.PageManager"/> + </constructor-arg> + <!-- + Security Mode: + 1 = Permissions = use Jetspeed Java Security Policy + 2 = Constraints = use Jetspeed (PageManager) Constraint-based Security + --> + <constructor-arg index="1"> + <value>2</value> + </constructor-arg> +</bean> +]]></source> + + </subsection> + <subsection name='Login and Authorization Options'> +<p>Jetspeed provides some general Login and Authorization options to help you customize the behavior of your portal. The service configuration for the +Portal Authentication Configuration bean shown below, from the Spring configuration file <code>administration.xml</code> is used to customize two key behaviors of the portal. + <ol> + <li>Create New Sessions upon Login - When a user authentications (logs in) with one of the Jetspeed login portlets, by default, a new session is not created. The session + of the guest user is carried over to the authenticated user. If you want to change this behavior to create a + new session, set this value to true. The reason this setting is false, is to simulate a online store, where you buy things and then login at the end. </li> + <li>Hard Session Timeouts - For configurations where you need to set the hard session timeout limit in seconds, regardless of (in)activity. Setting to 0 turns off this feature. + Note:this feature should be used with 'create new session upon authentication' feature</li> + </ol> +</p> + <source><![CDATA[ + +<bean id='org.apache.jetspeed.administration.PortalAuthenticationConfiguration' + class='org.apache.jetspeed.administration.PortalAuthenticationConfigurationImpl'> + + <!-- create new session upon authentication --> + <constructor-arg index='0'> + <value>false</value> + </constructor-arg> + <!-- hard session timeout limit in seconds, regardless of (in)activity, setting to 0 turns off this feature + note:this feature should be used with 'create new session upon authentication' feature + --> + <constructor-arg index='1'> + <value>0</value> + </constructor-arg> + <!-- redirect location for hard session expiration --> + <constructor-arg index='2'> + <value>/login/logout</value> + </constructor-arg> +</bean> +]]></source> + + </subsection> + + </section> + <section name="Jetspeed Security Spring Configuration"> + <p> + The files that are involved when configuring Jetspeed security are located under + <i>${jetspeed-source-home}/portal/src/webapp/WEB-INF/assembly/</i>. This section introduces you to these deployment descriptor files. + In normal usage, you will not need to modify these files. This documentation is provided for advanced usage of Jetpeed security + such as replacing the default Security implementations with your own. + </p> + <subsection name="security-atn.xml"> + <p> + This configuration file provides the login module configuration. Not everyone needs this, as some application may decide to use another + login module other than the one provided. + </p> + </subsection> + <subsection name="security-atz.xml"> + <p> + This configuration file configures the authorization policy, in J2's case + <a href="../devguide/atz-jaas.html">RdbmsPolicy</a> + . + </p> + </subsection> + <subsection name="security-managers.xml"> + <p>This configuration file configures all the managers for security purpose.</p> + </subsection> + <subsection name="security-providers.xml"> + <p>This configuration file configures the various providers and weaves the SPI together.</p> + <ul> + <li> + <code>AuthenticationProviderProxy</code> + : Configures the list of + <code>AuthenticationProvider</code> + and the default authenticator. + <source> + <![CDATA[ +<bean id="org.apache.jetspeed.security.AuthenticationProviderProxy" + class="org.apache.jetspeed.security.impl.AuthenticationProviderProxyImpl"> + <constructor-arg > + <list> + <ref bean="org.apache.jetspeed.security.AuthenticationProvider"/> + </list> + </constructor-arg> + <constructor-arg><value>DefaultAuthenticator</value></constructor-arg> +</bean>]]> + </source> + </li> + <li> + <code>AuthenticationProvider</code> + : Configures the authentication providers for the current portal implementation. The example below configures the default authenticator + that uses the RDBMS to manage/store user information. + <source> + <![CDATA[ +<bean id="org.apache.jetspeed.security.AuthenticationProvider" + class="org.apache.jetspeed.security.impl.AuthenticationProviderImpl"> + <constructor-arg index="0"><value>DefaultAuthenticator</value></constructor-arg> + <constructor-arg index="1"><value>The default authenticator</value></constructor-arg> + <constructor-arg index="2"><value>login.conf</value></constructor-arg> + <constructor-arg index="3"> + <ref bean="org.apache.jetspeed.security.spi.CredentialHandler"/> + </constructor-arg> + <constructor-arg index="4"> + <ref bean="org.apache.jetspeed.security.spi.UserSecurityHandler"/> + </constructor-arg> +</bean>]]> + </source> + </li> + <li> + <code>AuthorizationProvider</code> + : Configures the policies and instantiates the + <code>SecurityPolicies</code> + that are used for enforcing permissions. By default, Jetspeed 2 does not load any other + security policies that may have been configured. In order to use default policies, set + <code>useDefaultPolicy</code> to <code>true</code> + <source> + <![CDATA[ +<bean id="org.apache.jetspeed.security.AuthorizationProvider" + class="org.apache.jetspeed.security.impl.AuthorizationProviderImpl"> + <constructor-arg index="0"> + <ref bean="org.apache.jetspeed.security.impl.RdbmsPolicy"/> + </constructor-arg> + <!-- Does not use the default policy as a default behavior --> + <constructor-arg index="1"><value>false</value></constructor-arg> +</bean>]]> + </source> + </li> + </ul> + </subsection> + <subsection name="security-spi.xml"> + <p>This configuration file contains configuration that are common to the authentication and authorization SPIs.</p> + <table> + <tr> + <th>Bean</th> + <th>Description</th> + </tr> + <tr> + <td>org.apache.jetspeed.security.spi.SecurityAccess</td> + <td> + Used internally by the default OJB based SPI. Provide access to common action/methods for the various SPI implementations. The + <i>SecurityAccess</i> + bean is used by both the Authentication and Authorization SPIs. + </td> + </tr> + </table> + </subsection> + <subsection name="security-spi-atn.xml"> + <p>This configuration file contains all the configurations for configuring the authentication SPI.</p> + <table> + <tr> + <th>Bean</th> + <th>Description</th> + </tr> + <tr> + <td>org.apache.jetspeed.security.spi.CredentialHandler</td> + <td> + The + <i>CredentialHandler</i> + encapsulates the operations involving manipulation of credentials. The default implementation provides support for password + protection as defined by the + <i>PasswordCredentialProvider</i> + ; as well as lifecycle management of credentials through + <i>InternalPasswordCredentialInterceptor</i> + which can be configured to manages parameters such as maximum number of authentication + failures, maximum life span of a credential in days and how much history to retain for a + given credential. + </td> + </tr> + <tr> + <td>org.apache.jetspeed.security.spi.UserSecurityHandler</td> + <td> + The + <i>UserSecurityHandler</i> + encapuslated all the operations around the user principals. + </td> + </tr> + </table> + <p> + The following simple <code>CredentialHandler</code> configuration is currently provided + by default with Jetspeed:</p> + <source><![CDATA[ +<!-- require a non-empty password --> +<bean id="org.apache.jetspeed.security.spi.CredentialPasswordValidator" + class="org.apache.jetspeed.security.spi.impl.DefaultCredentialPasswordValidator"/> + +<!-- MessageDigest encode passwords using SHA-1 --> +<bean id="org.apache.jetspeed.security.spi.CredentialPasswordEncoder" + class="org.apache.jetspeed.security.spi.impl.MessageDigestCredentialPasswordEncoder"> + <constructor-arg index="0"><value>SHA-1</value></constructor-arg> +</bean> + +<!-- allow multiple InternalPasswordCredentialInterceptors to be used for DefaultCredentialHandler --> +<bean id="org.apache.jetspeed.security.spi.InternalPasswordCredentialInterceptor" + class="org.apache.jetspeed.security.spi.impl.InternalPasswordCredentialInterceptorsProxy"> + <constructor-arg index="0"> + <list> + <!-- enforce an invalid preset password value in the persisent store is required to be changed --> + <bean class="org.apache.jetspeed.security.spi.impl.ValidatePasswordOnLoadInterceptor"/> + + <!-- ensure preset cleartext passwords in the persistent store will be encoded on first use --> + <bean class="org.apache.jetspeed.security.spi.impl.EncodePasswordOnFirstLoadInterceptor"/> + </list> + </constructor-arg> +</bean> + +<bean id="org.apache.jetspeed.security.spi.PasswordCredentialProvider" + class="org.apache.jetspeed.security.spi.impl.DefaultPasswordCredentialProvider"> + <constructor-arg index="0"> + <ref bean="org.apache.jetspeed.security.spi.CredentialPasswordValidator"/> + </constructor-arg> + <constructor-arg index="1"> + <ref bean="org.apache.jetspeed.security.spi.CredentialPasswordEncoder"/> + </constructor-arg> +</bean> + +<bean id="org.apache.jetspeed.security.spi.CredentialHandler" + class="org.apache.jetspeed.security.spi.impl.DefaultCredentialHandler"> + <constructor-arg index="0"> + <ref bean="org.apache.jetspeed.security.spi.SecurityAccess"/> + </constructor-arg> + <constructor-arg index="1"> + <ref bean="org.apache.jetspeed.security.spi.PasswordCredentialProvider"/> + </constructor-arg> + <constructor-arg index="2"> + <ref bean="org.apache.jetspeed.security.spi.InternalPasswordCredentialInterceptor"/> + </constructor-arg> +</bean>]]> + </source> + <p> + The above configuration requires not much more than that a password should not be + empty and MessageDigest encode it using SHA-1.</p> + <p> + And, make sure something like the following configuration is set for the security related valves in + pipelines.xml:</p> + <source><![CDATA[ +<bean id="passwordCredentialValve" + class="org.apache.jetspeed.security.impl.PasswordCredentialValveImpl" + init-method="initialize"> + <constructor-arg> + <!-- expirationWarningDays --> + <list> + <value>2</value> + <value>3</value> + <value>7</value> + </list> + </constructor-arg> +</bean> + +<bean id="loginValidationValve" + class="org.apache.jetspeed.security.impl.LoginValidationValveImpl" + init-method="initialize"> + <!-- maxNumberOfAuthenticationFailures + This value should be in sync with the value for + org.apache.jetspeed.security.spi.impl.MaxPasswordAuthenticationFailuresInterceptor + (if used) to make sense. + Any value < 2 will suppress the LoginConststants.ERROR_FINAL_LOGIN_ATTEMPT + error code when only one last attempt is possible before the credential + will be disabled after the next authentication failure. + --> + <constructor-arg index="0"><value>3</value></constructor-arg> +</bean>]]> + </source> + <p> + Also, make sure the above valves are configured in the <code>jetspeed-pipeline</code> bean.</p> + <p> + See the <a href="credentials.html">Credentials Management</a> document for a description of these valves and their relation to the + interceptors configuration.</p> + </subsection> + <subsection name="security-spi-atz.xml"> + <p>This configuration file contains all the configurations for configuring the authorization SPI.</p> + <table> + <tr> + <th>Bean</th> + <th>Description</th> + </tr> + <tr> + <td>org.apache.jetspeed.security.spi.RoleSecurityHandler</td> + <td> + The + <i>RoleSecurityHandler</i> + encapsulates all the operations around the role principals. + </td> + </tr> + <tr> + <td>org.apache.jetspeed.security.spi.GroupSecurityHandler</td> + <td> + The + <i>GroupSecurityHandler</i> + encapsulates all the operations around the group principals. + </td> + </tr> + <tr> + <td>org.apache.jetspeed.security.spi.SecurityMappingHandler</td> + <td> + The + <i>SecurityMappingHandler</i> + encapsulates all the operations involving mapping between principals. It contains the logic managing hierarchy resolution for + hierarchical principals (roles or groups). The default hierarchy resolution provided is a hierarchy by generalization (see overview + for definitions). A + <i>contructor-arg</i> + can be added to the + <i>SecurityMappingHandler</i> + to change the hierarchy resolution strategy. Jetspeed 2 also support a hierarchy resolution by aggregation. + </td> + </tr> + </table> + <p> + A sample + <code>SecurityMappingHandler</code> + configuration could be: + <source><![CDATA[ +<!-- Security SPI: SecurityMappingHandler --> +<bean id="org.apache.jetspeed.security.spi.SecurityMappingHandler" + class="org.apache.jetspeed.security.spi.impl.DefaultSecurityMappingHandler"> + <constructor-arg > + <ref bean="org.apache.jetspeed.security.spi.SecurityAccess"/> + </constructor-arg> + <!-- Default role hierarchy strategy is by generalization. + Add contructor-arg to change the strategy. --> + <!-- Default group hierarchy strategy is by generalization. + Add contructor-arg to change the strategy. --> +</bean>]]> + </source> + </p> + </subsection> + </section> + </body> +</document>
Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/pom.xml URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/pom.xml?rev=1691449&view=auto ============================================================================== --- portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/pom.xml (added) +++ portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/pom.xml Thu Jul 16 21:01:09 2015 @@ -0,0 +1,65 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + + $Id: pom.xml 775034 2009-05-15 06:50:03Z taylor $ +--> +<project xmlns="http://maven.apache.org/POM/4.0.0"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd";> + + <modelVersion>4.0.0</modelVersion> + <prerequisites> + <maven>2.0.9</maven> + </prerequisites> + + <artifactId>jetspeed-guide-dev</artifactId> + <name>Jetspeed Developers Guide</name> + <description>Jetspeed 2.2 Developers Guide</description> + <packaging>pom</packaging> + <parent> + <artifactId>jetspeed-site-docs</artifactId> + <groupId>org.apache.portals.site</groupId> + <version>2.2</version> + </parent> + + <!-- this is for a bug Maven, see http://jira.codehaus.org/browse/MSHARED-18 + should be removed once Maven incorporates this bug in an official release--> + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-site-plugin</artifactId> + <version>2.0</version> + </plugin> + </plugins> + </build> + + <reporting> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-project-info-reports-plugin</artifactId> + <reportSets> + <reportSet> + <reports> + </reports> + </reportSet> + </reportSets> + </plugin> + </plugins> + </reporting> + +</project> Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/aggregatestatistics-c.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/aggregatestatistics-c.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/aggregatestatistics-c.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/app-server-mgr-c.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/app-server-mgr-c.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/app-server-mgr-c.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/arch-overview.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/arch-overview.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/arch-overview.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/atn-arch-c.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/atn-arch-c.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/atn-arch-c.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/atn-provider-c.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/atn-provider-c.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/atn-provider-c.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/atn-spi-arch-c.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/atn-spi-arch-c.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/atn-spi-arch-c.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/atz-provider-c.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/atz-provider-c.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/atz-provider-c.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/batchedstatistics-c.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/batchedstatistics-c.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/batchedstatistics-c.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/capabilities-c.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/capabilities-c.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/capabilities-c.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/capabilities-db.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/capabilities-db.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/capabilities-db.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/components.jpg URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/components.jpg?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/components.jpg ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/connection-repository-c.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/connection-repository-c.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/connection-repository-c.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/create-patch.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/create-patch.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/create-patch.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/credential-handler-c.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/credential-handler-c.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/credential-handler-c.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/default-login-module-c.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/default-login-module-c.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/default-login-module-c.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/deployment-event-listener-c.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/deployment-event-listener-c.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/deployment-event-listener-c.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/deployment-mgr-assembly.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/deployment-mgr-assembly.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/deployment-mgr-assembly.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/deployment-mgr-c.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/deployment-mgr-c.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/deployment-mgr-c.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/dev-guide.png URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/dev-guide.png?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/dev-guide.png ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/group-security-handler-c.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/group-security-handler-c.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/group-security-handler-c.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/j2-overview.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/j2-overview.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/j2-overview.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/jetspeedservlet-c.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/jetspeedservlet-c.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/jetspeedservlet-c.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/layouts-overview.png URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/layouts-overview.png?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/layouts-overview.png ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/logrecord-c.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/logrecord-c.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/logrecord-c.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/pages.jpg URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/pages.jpg?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/pages.jpg ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/parameter-resolution-2.jpg URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/parameter-resolution-2.jpg?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/parameter-resolution-2.jpg ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/parameter-resolution.jpg URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/parameter-resolution.jpg?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/parameter-resolution.jpg ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/permission-mgr-c.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/permission-mgr-c.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/permission-mgr-c.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/permissions-principals-om-c.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/permissions-principals-om-c.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/permissions-principals-om-c.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/permissions-principals-schema.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/permissions-principals-schema.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/permissions-principals-schema.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/persistence-broker-dao-c.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/persistence-broker-dao-c.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/persistence-broker-dao-c.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/pipeline-assembly.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/pipeline-assembly.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/pipeline-assembly.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/pipeline-c.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/pipeline-c.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/pipeline-c.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/portalstatistics-c.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/portalstatistics-c.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/portalstatistics-c.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/preferences-c.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/preferences-c.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/preferences-c.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/preferences-schema.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/preferences-schema.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/preferences-schema.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/principals-credentials-schema.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/principals-credentials-schema.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/principals-credentials-schema.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/profiler-pipeline.jpg URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/profiler-pipeline.jpg?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/profiler-pipeline.jpg ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/rdbms-policy-c.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/rdbms-policy-c.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/rdbms-policy-c.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/rdbms-policy-overview-c.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/rdbms-policy-overview-c.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/rdbms-policy-overview-c.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/role-security-handler-c.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/role-security-handler-c.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/role-security-handler-c.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/searchengine-c.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/searchengine-c.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/searchengine-c.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/searchhandlers-c.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/searchhandlers-c.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/searchhandlers-c.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/security-mapping-c.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/security-mapping-c.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/security-mapping-c.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/security-provider-c.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/security-provider-c.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/security-provider-c.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/spring-component-manager-c.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/spring-component-manager-c.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/spring-component-manager-c.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/statistics-db.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/statistics-db.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/statistics-db.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/valve-c.gif URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/valve-c.gif?rev=1691449&view=auto ============================================================================== Binary file - no diff available. Propchange: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/resources/images/valve-c.gif ------------------------------------------------------------------------------ svn:mime-type = application/octet-stream Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/site.xml URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/site.xml?rev=1691449&view=auto ============================================================================== --- portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/site.xml (added) +++ portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/site.xml Thu Jul 16 21:01:09 2015 @@ -0,0 +1,117 @@ +<?xml version="1.0" encoding="ISO-8859-1"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<project name="Jetspeed Developers Guide"> + <publishDate format="d MMMM yyyy"/> + <bannerLeft> + <name>Jetspeed Developers Guide</name> + <src>images/jetspeed-logo.gif</src> + <href>http://portals.apache.org/jetspeed-2/</href> + </bannerLeft> + <bannerRight> + <name>Jetspeed Developers Guide</name> + <href>http://portals.apache.org/jetspeed-2/devguide/</href> + <src>images/dev-guide.png</src> + </bannerRight> + <skin> + <groupId>org.apache.portals.jetspeed-2</groupId> + <artifactId>jetspeed-maven-skin</artifactId> + <version>2.2.2</version> + </skin> + <body> + + <links> + <item name="Home" href="../index.html"/> + <item name="Admin Guide" href="../adminguide/index.html"/> + <item name="Build Guide" href="../buildguide/index.html"/> + <item name="Deployers Guide" href="../deployguide/index.html"/> + <item name="Users Guide" href="../usersguide/index.html" /> + </links> + + <menu name="Developers Guide"> + <item name="Developing Jetspeed" href='index.html'/> + <item name="Sending Patches" href='patches.html'/> + <item name="Coding Standards" href="http://portals.apache.org/development/code-standards.html"/> + </menu> + + <menu name="Building Jetspeed"> + <item name="Build Guide" href="../buildguide/index.html" /> + <item name="Conditional Spring" href='spring-config.html' /> + </menu> + + <menu name="Jetspeed Components"> + <item name="Security Architecture" collapse='true' href="guide-security.html"> + <item name="Security Concepts" href="dev-security.html" /> + <item name="Security 2.2 Framework" href="new-security.html" /> + <item name="Architecture Overview" href="arch.html" /> + <item name="Authentication" href="atn.html" collapse="true"> + <item name="Login Module" href="login-module.html" /> + <item name="Authentication SPI" href="atn-spi.html" /> + <item name="Credentials Management" href="credentials.html" /> + </item> + <item name="Authorization" href="atz.html" collapse="true"> + <item name="JAAS Authorization" href="atz-jaas.html" /> + <item name="PermissionManager Overview" href="permission.html" /> + <item name="Authorization/Security Mapping SPI" href="atz-spi.html" /> + <item name="Hierarchy Management" href="hierarchy.html" /> + </item> + <item name="High Level Security Services" href="high-level-services.html" /> + <item name="Security Services Configuration" href="../deployguide/security-config.html" /> + <item name="LDAP Configuration" href="../deployguide/ldap.html" /> + </item> + <item name="Core Components" collapse='true' href="dev-cm.html"> + <item name="Capabilities" href="dev-capabilities.html" /> + <item name="Deployment" href="dev-deploy.html" /> + <item name="Search" href="dev-search.html" /> + <item name="Statistics" href="dev-statistics.html" /> + <item name="Localization" href="guide-l10n.html" /> + <item name="Pipeline" href="guide-pipeline.html" /> + <item name="Preferences" href="dev-prefs.html"/> + <item name="Profiler" href="guide-profiler.html" /> + <item name="Profiler IP" href="guide-profiling-ip.html" /> + <item name="PSML" href="guide-psml.html" /> + <item name="PSML DTD" href="guide-psml-dtd.html" /> + </item> + </menu> + <menu name="Database" collapse='true' > + <item name="Database Guide" href="guide-database.html" /> + <item name="Data Access" href="dao.html" /> + <item name="RDBMS" href="dev-rdbms.html" /> + </menu> + <menu name="APIs" > + <item name="Jetspeed Java API" href="../apidocs/index.html" /> + <item name="Jetspeed AJAX API" href="guide-ajax-api.html" /> + <item name="Jetspeed REST API" href="guide-rest-api.html" /> + </menu> + + <menu name="Portlet Programming" > + <item name="Eclipse" href="jetspeed-eclipse.html" /> + <item name="Portlet Bridges" href="guide-portlet-bridges.html" /> + <item name="Simple Portlet" href="guide-simple-portlet.html" /> + <item name="JSF" href="guide-simple-jsf-portlet.html" /> + <item name="Velocity" href="guide-simple-velocity-portlet.html" /> + </menu> + + <menu name="Portal Design" > + <item name="Intro to Portal Design" href="guide-portal-design.html"/> + <item name="Layouts" href="guide-layouts.html"/> + <item name="Decorators" href="guide-decorators.html"/> + <item name="Jetspeed Power Tool" href="guide-jpt.html"/> + </menu> + + </body> +</project> Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/xdoc/arch.xml URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/xdoc/arch.xml?rev=1691449&view=auto ============================================================================== --- portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/xdoc/arch.xml (added) +++ portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/xdoc/arch.xml Thu Jul 16 21:01:09 2015 @@ -0,0 +1,59 @@ +<?xml version="1.0"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<document> + <properties> + <title>Jetspeed 2 Security - Architecture Overview</title> + <authors> + <person name="David Le Strat" email="[email protected]" /> + </authors> + </properties> + <body> + <section name="Architecture Overview"> + <p> + Jetspeed 2 security leverages J2EE authentication and authorization standards for both authentication + and authorization through the implementation of a default <code>LoginModule</code> and a default authorization + <code>Policy</code>. + </p> + <p> + Authentication establishes the identity of the user and populates the <code>Subject</code> with all + the user principals. In a portal context, the populated <code>Subject</code> is added to the session + in the <code>org.apache.jetspeed.security.SecurityValve</code> implementation. The <code>Subject</code> + principals are then used to authorize the user's access to a given resource. It leverages JAAS authorization + by checking the user's permission with the + <a href="http://java.sun.com/j2se/1.4.2/docs/api/java/security/AccessController.html";>AccessController</a>. More details + on authorization are provided in the <a href="atz-jaas.html">JAAS authorization section</a> of this documentation. + </p> + <p> + The following diagram describes the high level security architecture: + </p> + <p align="center"> + <img src="images/arch-overview.gif" border="0" /> + </p> + <p> + Configuration files for each component areas are specified. For more information, see the + <a href="../deployguide/security-config.html">Security Configuration section</a> in the Deployment Guide. + </p> + <p> + Jetspeed security architecture is fully JAAS compliant. Developers can replace Jetspeed security + architecture with their own <code>LoginModule</code> and <code>Policy</code> implementation. Jetspeed + implementation provides management programming and user interfaces as well as an SPI model to facilitate + its extension. + </p> + </section> + </body> +</document> \ No newline at end of file Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/xdoc/atn-spi.xml URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/xdoc/atn-spi.xml?rev=1691449&view=auto ============================================================================== --- portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/xdoc/atn-spi.xml (added) +++ portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/xdoc/atn-spi.xml Thu Jul 16 21:01:09 2015 @@ -0,0 +1,93 @@ +<?xml version="1.0"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<document> + <properties> + <title>Jetspeed 2 Security - Authentication SPI</title> + <authors> + <person name="David Le Strat" email="[email protected]" /> + </authors> + </properties> + <body> + <section name="Authentication SPI Overview"> + <p> + The authentication SPI provides the implementation for managing user principals and their credentials and provides the underlying + <code>UserManager</code> + coarsed service implementation. + </p> + <p> + The authentication SPI also provides a mechanism for managing users across multiple datastore. The class diagram below describes how the + authentication SPI relates to the + <code>UserManager</code> + . + </p> + <p> + <img src="images/atn-spi-arch-c.gif" border="0" /> + </p> + </section> + <section name="Authentication SPI Components"> + <p>The authentication SPI implements the following components:</p> + <table> + <tr> + <th>Component</th> + <th>Description</th> + </tr> + <tr> + <td> + <code>AuthenticationProviderProxy</code> + </td> + <td> + A proxy to the various + <code>AuthenticationProvider</code> + implementations. The + <code>AuthenticationProviderProxy</code> + is responsible of invoking the correct + <code>AuthenticationProvider</code> + to authenticate or manage a specific user against a specific data store. + </td> + </tr> + <tr> + <td> + <code>AuthenticationProvider</code> + </td> + <td> + Exposes a specific authentication and user management services implementation. Jetspeed 2 + provides 2 implementations: RDBMS and LDAP. Multiple authentication providers + can be provided through configuration. For more information, + see the <a href="../deployguide/security-config.html#security-providers_xml">security providers</a> configuration. + </td> + </tr> + <tr> + <td> + <code>CredentialHandler</code> + </td> + <td> + See <a href="../deployguide/security-config.html#security-spi-atn_xml">security-spi-atn.xml</a> configuration. + </td> + </tr> + <tr> + <td> + <code>UserSecurityHandler</code> + </td> + <td> + See <a href="../deployguide/security-config.html#security-spi-atn_xml">security-spi-atn.xml</a> configuration. + </td> + </tr> + </table> + </section> + </body> +</document> \ No newline at end of file Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/xdoc/atn.xml URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/xdoc/atn.xml?rev=1691449&view=auto ============================================================================== --- portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/xdoc/atn.xml (added) +++ portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/xdoc/atn.xml Thu Jul 16 21:01:09 2015 @@ -0,0 +1,78 @@ +<?xml version="1.0"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<document> + <properties> + <title>Jetspeed 2 Security - Login Module</title> + <authors> + <person name="David Le Strat" email="[email protected]" /> + </authors> + </properties> + <body> + <section name="Authentication Architecture Overview"> + <p> + For authentication, Jetspeed 2 leverages Java + <a href="http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/spi/LoginModule.html";>LoginModule</a> + architecture. It provides a <a href="login-module.html">DefaultLoginModule</a> implementation and a + flexible architecture to be able to authenticate user against multiple user repositories and provide user + management capabilities across those repository. A <code>UserManager</code> provides a set of coarsed + services for authenticating and managing users. The class diagram below illustrates how the + <code>UserManager</code> provides authentication to the <code>DefaultLoginModule</code> and leverages + the <a href="atn-spi.html">Authentication SPI</a> to interact with various implementation and user stores. + </p> + <p> + <img src="images/atn-arch-c.gif" border="0" /> + </p> + <p> + The various components described above fulfill the following functions: + <table> + <tr> + <th>Component</th> + <th>Description</th> + </tr> + <tr> + <td><code>DefaultLoginModule</code></td> + <td>Jetspeed 2 default <a href="login-module.html">LoginModule</a> implementation which + leverages the <code>authenticate()</code> method of the <code>UserManager</code> to provide + authentication against the various <code>AuthenticationProvider</code> implementation currently + configured.</td> + </tr> + <tr> + <td><code>UserManager</code></td> + <td>Coarsed service providing authentication and user management. The <code>UserManager</code>code> + leverages the various <code>AuthenticationProvider</code> implementations exposed to it through + the <code>AuthenticationProviderProxy</code> through the <code>SecurityProvider</code>. + </td> + </tr> + <tr> + <td><code>SecurityProvider</code></td> + <td>Provides access to the security providers exposing SPI implementation to the coarsed security + services. + </td> + </tr> + <tr> + <td><code>AuthenticationProviderProxy</code></td> + <td>A proxy to the various <code>AuthenticationProvider</code> implementations. The <code>AuthenticationProviderProxy</code> + is responsible of invoking the correct <code>AuthenticationProvider</code> to authenticate or manage + a specific user against a specific data store.</td> + </tr> + </table> + </p> + </section> + + </body> +</document> \ No newline at end of file Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/xdoc/atz-jaas.xml URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/xdoc/atz-jaas.xml?rev=1691449&view=auto ============================================================================== --- portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/xdoc/atz-jaas.xml (added) +++ portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/xdoc/atz-jaas.xml Thu Jul 16 21:01:09 2015 @@ -0,0 +1,177 @@ +<?xml version="1.0"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<document> + <properties> + <title>Jetspeed 2 Security - Login Module</title> + <authors> + <person name="David Le Strat" email="[email protected]" /> + </authors> + </properties> + <body> + <section name="Overview of JAAS Authorization"> + <p> + A good overview of JAAS authorization is provided on + <a href="http://java.sun.com/j2se/1.4.2/docs/guide/security/spec/security-spec.doc2.html";>Sun's web site</a> + . At a high level, JAAS authorization leverages: + <ul> + <li> + <a href="http://java.sun.com/j2se/1.4.2/docs/api/java/security/Permission.html";>Permission</a> + that associates actions to resources. + </li> + <li> + <a href="http://java.sun.com/j2se/1.4.2/docs/api/java/security/Principal.html";>Principal</a> + that represents an entity in the system. In Jetspeed 2, 3 principals are used to represent users, roles and groups. + </li> + <li> + <a href="http://java.sun.com/j2se/1.4.2/docs/api/java/security/Policy.html";>Policy</a> + that associates principals to permissions. + </li> + </ul> + </p> + <p> + Jetspeed 2 provides a custom policy implemention that allow the portal to secure resources as follow: + <source> + <![CDATA[ +grant principal o.a.j.security.UserPrincipal "theUserPrincipal" { + permission o.a.j.security.PagePermission "mypage", "view"; + permission o.a.j.security.PortletPermission "myportlet", "view,edit,minimize,maximize"; + permission o.a.j.security.TabPermission "mytab", "view"; +}; + +grant principal o.a.j.security.RolePrincipal "theRolePrincipal" { + permission o.a.j.security.PagePermission "mypage", "view"; + permission o.a.j.security.PortletPermission "myportlet", "view,edit,minimize,maximize"; + permission o.a.j.security.TabPermission "mytab", "view"; +}; + +grant principal o.a.j.security.GroupPrincipal "theGroupPrincipal" { + permission o.a.j.security.PagePermission "mypage", "view"; + permission o.a.j.security.PortletPermission "myportlet", "view,edit,minimize,maximize"; + permission o.a.j.security.TabPermission "mytab", "view"; +};]]> + </source> + </p> + <p> + The custom security policy provides a + <code>java.security.Policy</code> + implementation that stores the association between principals and permissions in a relational database as opposed to leveraging the default JDK + policy. In the case of Sun's JDK, the default policy is + <a href="http://java.sun.com/j2se/1.4.2/docs/guide/security/PolicyFiles.html#DefaultImpl";>sun.security.provider.PolicyFile</a> + a file based policy. + </p> + <p> + In the code sample above, the + <code>UserPrincipal</code> + identify with the + <code>Principal.getName()</code> + "theUserPrincipal" has permission to "view" the page called "mypage", to "view,edit,minimize,maximize" + the portlet portlet called "myportlet" + </p> + <p> + The + <a href="http://java.sun.com/j2se/1.4.2/docs/api/java/security/AccessController.html";>AccessController</a> + validates a + <code>Subject</code> + permissions. For instance, a page permission check would perform the following check: + <source> + <![CDATA[ +PagePermission permission = new PagePermission(path, actions); +AccessController.checkPermission(permission); + ]]> + </source> + </p> + </section> + <section name="Jetspeed JAAS Policy"> + <p> + The + <code>RdbmsPolicy</code> + implements + <code>java.security.Policy</code> + . It leverages the + <code>PermissionManager</code> + to get the permissions associated with a given + <code>Subject</code> + principals. + <source> + <![CDATA[ +pms.getPermissions(user.getPrincipals()); + ]]> + </source> + The class diagram below illustrate the association between the + <code>RdbmsPolicy</code> + and the + <code>PermissionManager</code> + . + </p> + <p> + A good article on custom policies implementation is available on + <a href="http://www-106.ibm.com/developerworks/library/j-jaas/?n-j-442";>IBM web site</a> + . + </p> + <p> + <img src="images/rdbms-policy-c.gif" border="0" /> + </p> + <p> + To get more detail about the implementation of the + <code>PermissionManager</code> + , see + <a href="permission.html">PermissionManager Overview</a> + . + </p> + <p> + <u>Note:</u> + The current + <code>RdbmsPolicy</code> + manages the policies to apply. It applies + <code>RdbmsPolicy</code> + in conjunction with the default policy configured in the runtime environment. Jetspeed 2 should explore providing + <a href="http://java.sun.com/j2ee/javaacc/index.html";>JACC</a> + adapters for its custom policy for specific application servers. + </p> + </section> + <section name="Authorization Provider and Policy Configuration"> + <p> + The + <code>AuthorizationProvider</code> + configures the authorization policies to be used by Jetspeed 2 and keeps the list of such policies in the + <code>SecurityPolicies</code> + singleton. The + <code>RdbmsPolicy</code> + when getting the permissions for access control will execute its policy as well as all the policies configured in + <code>SecurityPolicies</code> + . If the + <code>AuthorizationProvider</code> + was constructed with + <code>useDefaultPolicy</code> + set to true, the default JDK or application server policy will be applied when getting the permissions. + </p> + <p> + <u>Note:</u> + The + <code>RbmsPolicy</code> + permission check is concerned about the principals associated to the + <code>Subject</code>, therefore where performing an access control check, + the check should be performed with the following call: + <code>doAsPrivileged(theSubject, anAction, null)</code>. By passing a null + <code>AccessContolContext</code>, the caller is essentially saying: + "I don't care who called me, the only important thing is whether I have permission when associated with the + given subject". + </p> + </section> + </body> +</document> \ No newline at end of file Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/xdoc/atz-spi.xml URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/xdoc/atz-spi.xml?rev=1691449&view=auto ============================================================================== --- portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/xdoc/atz-spi.xml (added) +++ portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/xdoc/atz-spi.xml Thu Jul 16 21:01:09 2015 @@ -0,0 +1,88 @@ +<?xml version="1.0"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<document> + <properties> + <title>Jetspeed 2 Security - Authorization/Security Mapping SPI</title> + <authors> + <person name="David Le Strat" email="[email protected]" /> + </authors> + </properties> + <body> + <section name="Authorization/Security Mapping SPI Overview"> + <p> + The authorization SPI provides the implementation to support Jetspeed 2 users, roles and groups associations and the roles/groups hierarchy + policy. It provides the underlying mechanism to support the implementation of the + <code>RoleManager</code> + and + <code>GroupManager</code> + . + </p> + <p> + As described in the + <a href="index.html">security overview</a> + , Jetspeed support hierarchical role based access control with configurable hierarchy policies. + </p> + <p>First, let's have a look at a class diagram of the authorization SPI:</p> + <p> + <img src="images/security-mapping-c.gif" border="0" /> + <br /> + <br /> + <img src="images/role-security-handler-c.gif" border="0" /> + <br /> + <br /> + <img src="images/group-security-handler-c.gif" border="0" /> + <br /> + <br /> + </p> + </section> + <section name="Authorization SPI Components"> + <p>The authorization SPI implements the following components:</p> + <table> + <tr> + <th>Component</th> + <th>Description</th> + </tr> + <tr> + <td>org.apache.jetspeed.security.spi.SecurityMappingHandler</td> + <td> + See <a href="../deployguide/security-config.html#security-spi-atz_xml">security-spi-atz.xml</a> configuration. + </td> + </tr> + <tr> + <td>org.apache.jetspeed.security.HierarchyResolver</td> + <td> + See <a href="hierarchy.html">hierarchy management</a>. + </td> + </tr> + <tr> + <td>org.apache.jetspeed.security.spi.RoleSecurityHandler</td> + <td> + See <a href="../deployguide/security-config.html#security-spi-atz_xml">security-spi-atz.xml</a> configuration. + </td> + </tr> + <tr> + <td>org.apache.jetspeed.security.spi.GroupSecurityHandler</td> + <td> + See <a href="../deployguide/security-config.html#security-spi-atz_xml">security-spi-atz.xml</a> configuration. + </td> + </tr> + + </table> + </section> + </body> +</document> \ No newline at end of file Added: portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/xdoc/atz.xml URL: http://svn.apache.org/viewvc/portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/xdoc/atz.xml?rev=1691449&view=auto ============================================================================== --- portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/xdoc/atz.xml (added) +++ portals/site/jetspeed/jetspeed-2.3/jetspeed-guide-dev/src/site/xdoc/atz.xml Thu Jul 16 21:01:09 2015 @@ -0,0 +1,47 @@ +<?xml version="1.0"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<document> + <properties> + <title>Jetspeed 2 Security - Login Module</title> + <authors> + <person name="David Le Strat" email="[email protected]" /> + </authors> + </properties> + <body> + <section name="Authorization Overview"> + <p> + For auhorization, Jetspeed 2 implements its own + <a href="http://java.sun.com/j2se/1.4.2/docs/api/java/security/Policy.html";>java.security.Policy</a> using + a relation database store to manage associations between principals and permissions. + </p> + <p align="center"> + <img src="images/rdbms-policy-overview-c.gif" border="0" /> + </p> + <p> + The <code>PermissionManager</code> provides access to the permissions associated to given principals. + </p> + <p> + <ul> + <li>The <a href="atz-jaas.html">JAAS Authorization</a> provides an overview of the authorization aspect of JAAS.</li> + <li>The <a href="permission.html">PermissionManager Overview</a> documents the <code>PermissionManager</code> implementation.</li> + </ul> + </p> + </section> + + </body> +</document> \ No newline at end of file
