Punky Tse wrote:
>
> Rob,
> Please see below for rephrased version of Introduction and
> Administrator Guide.
>
> I combined the Introduction and Administrator's Guide to Administrator
> Guide. Actually this is my proposed TOC. And I believe that we need
> separate document for different Tomcat servers. e.g. 3.3 and 4.0.
>
<snip>
> II. Server Administration
>
> 6. Configuring Server
>
> 7. Configuring Web Applications
>
> 8. Security
How about
8.1 Concepts - Explanation of J2EE and Java 2 security models
8.2 Authentication with Realms
8.2.1 Simple realm
8.2.2 JDBC Realm
8.2.3 Custom realms
8.3 Authorization
8.3.1 J2EE role based
In particular, it should try to explain in simpler terms than the API
spec how J2EE roles are designed to work, covering the mapping from
developer roles to deployment roles.
8.3.2 Java 2 security policy
>
> III. Advanced Topics
>
> 9. Web Servers and HTTP Connectors
> 9.1 Apache
> 9.1.1 mod_jk
> 9.1.2 mod_jserv
> 9.1.3 mod_webapp (for Tomcat 4.0)
> 9.2 IIS
> 9.3 iPlanet
> 9.4 Netware
> 9.5 Lotus Domino
>
> 10. Performance Tuning
>
> 11. Load-balancing
> <No idea how to do load-balancing in Tomcat, what I know is that it can be
> done through mod_jserv and mod_jk>
>
> 12. Using SSL
> <May be under Section 6: Configuring Server?>
>
> 13. Realms
> <No idea: or should it be under Security?>
Don't think realms should be 'advanced'. It should be convered in
security. However, maybe there should be an advanced security section
covering
13. Security
13.1 Using Tomcat authentication with Webservers
13.1.1 Apache
13.1.2 IIS
13.1.3 iPlanet
13.1.4 Netware
13.1.5 Lotus Domino
Antony
