doc howto-deltav.xml howto-bind.xml howto-acl.xml project.xml

Oliver Zeigermann Wed, 25 Feb 2004 00:46:53 -0800

Great! I guess many people were waiting for such docs :) I will update the web with them!

Oliver

[EMAIL PROTECTED] wrote:

pnever 2004/02/23 06:00:29

Modified: src/doc project.xml Added: src/doc howto-deltav.xml howto-bind.xml howto-acl.xml Log: Added docu (Administrator's Guide) for DeltaV, ACL and binding Revision Changes Path 1.28 +4 -1 jakarta-slide/src/doc/project.xml Index: project.xml =================================================================== RCS file: /home/cvs/jakarta-slide/src/doc/project.xml,v retrieving revision 1.27 retrieving revision 1.28 diff -u -r1.27 -r1.28 --- project.xml 19 Feb 2004 13:55:33 -0000 1.27 +++ project.xml 23 Feb 2004 14:00:29 -0000 1.28 @@ -30,8 +30,11 @@ <item name="Configuration" href="conf-lib.html"/> <item name="Tomcat Bundle" href="howto-tomcat.html"/>  -  +  <item name="J2EE Integration" href="howto-j2eestore.html"/> + <item name="Security" href="howto-acl.html"/> + <item name="Version Control" href="howto-deltav.html"/> + <item name="Binding" href="howto-bind.html"/> </menu> <menu name="Programmer's Corner"> <item name="Getting Started using Eclipse" href="getting-started.html"/> 1.1 jakarta-slide/src/doc/howto-deltav.xml Index: howto-deltav.xml =================================================================== <?xml version="1.0" encoding="ISO-8859-1"?> <document> <properties> <author email="[EMAIL PROTECTED]">Peter Nevermann</author> <title>DeltaV Howto</title> </properties> <body> <section name="Introduction"> Slide supports DeltaV (version control) according to the <a href="http://webdav.org/deltav";>WebDAV DeltaV specification</a>. </section> <section name="Enabling or disabling version control"> By default, version control is enabled in Slide. To disable version control, search for a configuration file named slide.properties in the classpath (if not there, you can create a new one at e.g. $CATALINA_HOME/common/classes) and set or add: <pre>org.apache.slide.versioncontrol=false</pre> </section> <section name="Other parameters (Domain.xml)"> There are some more global parameters in the Slide configuration file Domain.xml, which influence the version control behavior of the server. IMPORTANT NOTE: Under no circumstances the values of the following three parameters should be changed while there are any stores configured or data exists for any store, as no migration of the data will take place: historypath, workspacepath, workingresourcepath. <ul> <li> historypath (xpath: <code>/slide/[EMAIL PROTECTED]"historypath"]</code>): Specifies a Slide path which determines the location where this DeltaV server stores history data. Default value is <code>/history</code>. </li> <li> workspacepath (xpath: <code>/slide/[EMAIL PROTECTED]"workspacepath"]</code>): Specifies a Slide path which determines the location where this DeltaV server allows workspaces to reside. Default value is <code>/workspace</code>. </li> <li> workingresourcepath (xpath: <code>/slide/[EMAIL PROTECTED]"workingresourcepath"]</code>): Specifies a Slide path which determines the location where this DeltaV server stores working resources. Default value is <code>/workingresource</code>. </li> <li> versioncontrol-exclude (xpath: <code>/slide/[EMAIL PROTECTED]"versioncontrol-exclude"]</code>): Specifies a Slide path which determines resources which are excluded from version-control. Default value is <code>""</code>. </li> <li> auto-version-control (xpath: <code>/slide/[EMAIL PROTECTED]"auto-version-control"]</code>): Indicates whether newly created resources are to be set under version-control automatically. Default value is <code>false</code>. </li> <li> auto-version (xpath: <code>/slide/[EMAIL PROTECTED]"auto-version"]</code>): Specifies the default initial value of the DAV:auto-version property for newly created version controlled resources. For the complete list the possible values refer to section 3.2.2 of the <a href="http://ietf.org/rfc/rfc3253.txt";>DeltaV specification</a>. Default value is <code>checkout-checkin</code>. </li> <li> checkout-fork (xpath: <code>/slide/[EMAIL PROTECTED]"checkout-fork"]</code>): Specifies the default initial value of the DAV:checkout-fork property for newly created version resources. For the complete list the possible values refer to section 4.1.1 of the <a href="http://ietf.org/rfc/rfc3253.txt";>DeltaV specification</a>. Default value is <code>forbidden</code>. </li> <li> checkin-fork (xpath: <code>/slide/[EMAIL PROTECTED]"checkin-fork"]</code>): Specifies the default initial value of the DAV:checkin-fork property for newly created version resources. For the complete list the possible values refer to section 4.1.2 of the <a href="http://ietf.org/rfc/rfc3253.txt";>DeltaV specification</a>. Default value is <code>forbidden</code>. </li> </ul> </section> <section name="More parameters (web.xml)"> There exist some servlet init parameters in the webapp deployment descriptor, i.e. <code>WEB-INF/web.xml</code> in the webapp directory, which influence the version control behavior of the server at the WebDAV level. <ul> <li> extendedAllprop (xpath: <code>/web-app/servlet/init-param[param-name="extendedAllprop"]</code>): According to WebDAV DeltaV, ACL and Binding specifications, a DAV:allprop PROPFIND should not return any of the properties defined in any of those documents. For testing purposes, the specified behaviour can be disabled by setting this parameter "true". </li> </ul> </section> </body> </document> 1.1 jakarta-slide/src/doc/howto-bind.xml Index: howto-bind.xml =================================================================== <?xml version="1.0" encoding="ISO-8859-1"?> <document> <properties> <author email="[EMAIL PROTECTED]">Peter Nevermann</author> <title>Binding Howto</title> </properties> <body> <section name="Introduction"> Slide supports binding according to draft 2.1 of the <a href="http://webdav.org/bind";>WebDAV BIND specification</a>. It allows multiple URIs to be mapped to the same resource. </section> <section name="Enabling binding"> Enabling binding for a store is simple. It is done by referencing the BindingStore implementation through the classname attribute of the store element when configuring the store in Domain.xml: <pre> <store name="mystore" classname="org.apache.slide.store.BindingStore"> <nodestore classname=...> ... </nodestore> ... </store> </pre> IMPORTANT NOTE: Under no circumstances the binding configuration of a store should be changed from disabled to enabled, or vice-versa, while the store contains data, as no migration of the data will take place! </section> <section name="Some parameters (web.xml)"> There exist some servlet init parameters in the webapp deployment descriptor, i.e. <code>WEB-INF/web.xml</code> in the webapp directory, which influence the binding behavior of the server at the WebDAV level. <ul> <li> extendedAllprop (xpath: <code>/web-app/servlet/init-param[param-name="extendedAllprop"]</code>): According to WebDAV DeltaV, ACL and Binding specifications, a DAV:allprop PROPFIND should not return any of the properties defined in any of those documents. For testing purposes, the specified behaviour can be disabled by setting this parameter "true". </li> </ul> </section> </body> </document> 1.1 jakarta-slide/src/doc/howto-acl.xml Index: howto-acl.xml =================================================================== <?xml version="1.0" encoding="ISO-8859-1"?> <document> <properties> <author email="[EMAIL PROTECTED]">Peter Nevermann</author> <title>Security Howto</title> </properties> <body> <section name="Introduction"> Slide supports ACL (access control) according to draft 12 of the <a href="http://webdav.org/acl";>WebDAV ACL specification</a>. By default, when running inside Tomcat, authentication for the WebDAV servlet is controlled by the realm <code>wrappers.catalina.SlideRealm</code> which accesses user names and passwords directly from the Slide namespace at <code>/slide/users</code>. In Slide, authentication and authorization (access control) can be en- or disabled independently from each other. </section> <section name="Enabling or disabling authentication "> By default, authentication is enabled in Slide. To disable authentication, open the webapp deployment descriptor, i.e. <code>WEB-INF/web.xml</code> in the webapp directory, and uncomment the two elements given by the xpath expressions <code>/web-app/security-constraint</code> and <code>/web-app/login-config</code>: <pre> </pre> </section> <section name="Enabling or disabling authorization (access control)"> By default, access control is enabled in Slide. If authentication is disabled (see above), the current user is "unauthenticated" and he/she has all permissions granted to DAV:unauthenticated. To disable access control, search for a configuration file named slide.properties in the classpath (if not there, you can create a new one at e.g. $CATALINA_HOME/common/classes) and set or add: <pre>org.apache.slide.security=false</pre> </section> <section name="Other parameters (Domain.xml)"> There are some other namespace-specific parameters in the Slide configuration file Domain.xml, which influence the access control behavior of the server. <ul> <li> acl_semantics (xpath: <code>/slide/namespace/configuration/[EMAIL PROTECTED]"acl_semantics"]</code>): Class name of the access control implementation. Default value is org.apache.slide.security.ACLSecurityImpl. Allows to plug-in a customized security implementation. </li> <li> acl_inheritance_type (xpath: <code>/slide/namespace/configuration/[EMAIL PROTECTED]"acl_inheritance_type"]</code>): Controls inheritance of ACEs over the namespace hierarchy. Can be one of none (no inheritance takes place), root (ACEs are inherited only from the root node), path (ACEs are inherited over the URI path) or full (ACEs are inherited over all available parent bindings). Default value is path, full is not yet implemented. </li> <li> nested_roles_maxdepth (xpath: <code>/slide/namespace/configuration/[EMAIL PROTECTED]"nested_roles_maxdepth"]</code>): Defines the max. depth of nested roles/groups hierarchies. Default value is 0 (meaning no nesting). Value 1 means one sublevel, and so forth. </li> </ul> </section> <section name="More parameters (web.xml)"> There exist some servlet init parameters in the webapp deployment descriptor, i.e. <code>WEB-INF/web.xml</code> in the webapp directory, which influence the access control behavior of the server at the WebDAV level. <ul> <li> extendedAllprop (xpath: <code>/web-app/servlet/init-param[param-name="extendedAllprop"]</code>): According to WebDAV DeltaV, ACL and Binding specifications, a DAV:allprop PROPFIND should not return any of the properties defined in any of those documents. For testing purposes, the specified behaviour can be disabled by setting this parameter "true". </li> <li> lockdiscoveryIncludesPrincipalURL (xpath: <code>/web-app/servlet/init-param[param-name="lockdiscoveryIncludesPrincipalURL"]</code>): As proposed on February 08, 2003 by Lisa Dusseault in [EMAIL PROTECTED], the DAV:lockdiscovery property should include an element DAV:principal-URL with the semantics of the WebDAV/ACL specification. This feature can be switched-off in case of interoperability problems. </li> </ul> </section> <section name="Creation and maintenance principal resources (users, roles/groups) through WebDAV"> Although the creation and maintenance of principal resources (users, roles/groups) is out of scope of the WebDAV/ACL specification, in Slide it is currently possible through a proprietary extension to the MKCOL method, provided the SlideRealm (<code>wrappers.catalina.SlideRealm</code>) is active. Resources created by MKCOL at the locations specified by the parameters: <li>userspath (xpath: <code>/slide/namespace/configuration/userspath</code>,</li> <li>groupspath (xpath: <code>/slide/namespace/configuration/groupspath</code>), or</li> <li>rolespath (xpath: <code>/slide/namespace/configuration/rolespath</code>)</li> automatically become principals, i.e. the property DAV:resourcetype automatically will contain the DAV:principal element. To set the password of a user, issue a PROPPATCH request setting the password property (namespace of the property: http://jakarta.apache.org/slide/). To associate users to a role/group, issue a PROPPATCH request setting the DAV:group-member-set property. NOTE: to add a user(s) to a role/group, the value of the DAV:group-member-set property must list all members of the role/group, not just the user(s) being added. </section> </body> </document>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
.

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: cvs commit: jakarta-slide/src/doc howto-deltav.xml howto-bind.xml howto-acl.xml project.xml

Reply via email to