[gatein-commits] gatein SVN: r8018 - in epp/docs/branches/5.2: Reference_Guide/en-US/extras/Authentication_Identity_SSO and 10 other directories.
do-not-reply at jboss.org
do-not-reply at jboss.org
Wed Nov 9 21:39:06 EST 2011
Author: smumford
Date: 2011-11-09 21:39:06 -0500 (Wed, 09 Nov 2011)
New Revision: 8018
Modified:
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/Authentication_Identity_SSO/default105.xml
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/Authentication_Identity_SSO/default111.xml
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/Authentication_Identity_SSO/default118.xml
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/PortalDevelopment_Skinning/default185.java
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/PortalDevelopment_Skinning/default186.xml
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/modules/AuthenticationAndIdentity/SSO.xml
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/modules/Introduction.xml
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/modules/PortalDevelopment/Skinning.xml
epp/docs/branches/5.2/Reference_Guide/en-US/Book_Info.xml
epp/docs/branches/5.2/Reference_Guide/en-US/Revision_History.xml
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default105.xml
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default111.xml
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default112.xml
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default115.xml
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default118.xml
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default122.xml
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default125.xml
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default126.xml
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_PortalLifecycle/default166.java
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_PortalLifecycle/default168.java
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_PortalLifecycle/is1.java
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default181.xml
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default182.xml
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default183.xml
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default184.java
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default185.java
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default186.xml
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default188.xml
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default190.java
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default191.xml
epp/docs/branches/5.2/Reference_Guide/en-US/modules/AuthenticationAndIdentity/BackendConfiguration.xml
epp/docs/branches/5.2/Reference_Guide/en-US/modules/AuthenticationAndIdentity/SSO.xml
epp/docs/branches/5.2/Reference_Guide/en-US/modules/Introduction.xml
epp/docs/branches/5.2/Reference_Guide/en-US/modules/PortalDevelopment/Skinning.xml
Log:
Incorporated feedback and GateIn revisions 8015, 8017 and 7919
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/Book_Info.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/en-US/Book_Info.xml 2011-11-09 21:18:17 UTC (rev 8017)
+++ epp/docs/branches/5.2/Reference_Guide/en-US/Book_Info.xml 2011-11-10 02:39:06 UTC (rev 8018)
@@ -9,7 +9,7 @@
<productname>JBoss Enterprise Portal Platform</productname>
<productnumber>5.2</productnumber>
<edition>5.2.0</edition>
- <pubsnumber>6</pubsnumber>
+ <pubsnumber>7</pubsnumber>
<abstract>
<para>
This Reference Guide is a high-level usage document. It deals with more advanced topics than the Installation and User Guides, adding new content or taking concepts discussed in the earlier documents further. It aims to provide supporting documentation for advanced users of the JBoss Enterprise Portal Platform product. Its primary focus is on advanced use of the product and it assumes an intermediate or advanced knowledge of the technology and terms.
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/Revision_History.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/en-US/Revision_History.xml 2011-11-09 21:18:17 UTC (rev 8017)
+++ epp/docs/branches/5.2/Reference_Guide/en-US/Revision_History.xml 2011-11-10 02:39:06 UTC (rev 8018)
@@ -8,6 +8,20 @@
<simpara>
<revhistory>
<revision>
+ <revnumber>5.2.0-7</revnumber>
+ <date>Wed Nov 9 2011</date>
+ <author>
+ <firstname>Scott</firstname>
+ <surname>Mumford</surname>
+ <email></email>
+ </author>
+ <revdescription>
+ <simplelist>
+ <member>Porting GateIn updates.</member>
+ </simplelist>
+ </revdescription>
+ </revision>
+ <revision>
<revnumber>5.2.0-6</revnumber>
<date>Wed Oct 5 2011</date>
<author>
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default105.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default105.xml 2011-11-09 21:18:17 UTC (rev 8017)
+++ epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default105.xml 2011-11-10 02:39:06 UTC (rev 8018)
@@ -1,5 +1,7 @@
<authentication>
<login-module code="org.gatein.sso.agent.login.SSOLoginModule" flag="required">
+ <module-option name="portalContainerName">portal</module-option>
+ <module-option name="realmName">gatein-domain</module-option>
</login-module>
<login-module code="org.exoplatform.services.security.j2ee.JbossLoginModule" flag="required">
<module-option name="portalContainerName">portal</module-option>
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default111.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default111.xml 2011-11-09 21:18:17 UTC (rev 8017)
+++ epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default111.xml 2011-11-10 02:39:06 UTC (rev 8018)
@@ -1,5 +1,7 @@
<authentication>
<login-module code="org.gatein.sso.agent.login.SSOLoginModule" flag="required">
+ <module-option name="portalContainerName">portal</module-option>
+ <module-option name="realmName">gatein-domain</module-option>
</login-module>
<login-module code="org.exoplatform.services.security.j2ee.JbossLoginModule" flag="required">
<module-option name="portalContainerName">portal</module-option>
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default112.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default112.xml 2011-11-09 21:18:17 UTC (rev 8017)
+++ epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default112.xml 2011-11-10 02:39:06 UTC (rev 8018)
@@ -1,2 +1,4 @@
-<!--<a class="Login" onclick="$signInAction"><%=_ctx.appRes("UILoginForm.label.Signin")%></a>-->
+<!--
+<a class="Login" onclick="$signInAction"><%=_ctx.appRes("UILoginForm.label.Signin")%></a>
+-->
<a class="Login" href="/portal/sso"><%=_ctx.appRes("UILoginForm.label.Signin")%></a>
\ No newline at end of file
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default115.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default115.xml 2011-11-09 21:18:17 UTC (rev 8017)
+++ epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default115.xml 2011-11-10 02:39:06 UTC (rev 8018)
@@ -1,44 +1,44 @@
- <filter>
- <filter-name>LoginRedirectFilter</filter-name>
- <filter-class>org.gatein.sso.agent.filter.LoginRedirectFilter</filter-class>
- <init-param>
- <!-- This should point to your SSO authentication server -->
- <param-name>LOGIN_URL</param-name>
- <param-value>http://localhost:8888/josso/signon/login.do?
- josso_back_to=http://localhost:8080/portal/initiatessologin</param-value>
- </init-param>
- </filter>
- <filter>
- <filter-name>JOSSOLogoutFilter</filter-name>
- <filter-class>org.gatein.sso.agent.filter.JOSSOLogoutFilter</filter-class>
- <init-param>
+<filter>
+ <filter-name>LoginRedirectFilter</filter-name>
+ <filter-class>org.gatein.sso.agent.filter.LoginRedirectFilter</filter-class>
+ <init-param>
+ <!-- This should point to your SSO authentication server -->
+ <param-name>LOGIN_URL</param-name>
+ <param-value>http://localhost:8888/josso/signon/login.do?josso_back_to=http://localhost:8080/portal/initiatessologin</param-value>
+ </init-param>
+</filter>
+<filter>
+ <filter-name>JOSSOLogoutFilter</filter-name>
+ <filter-class>org.gatein.sso.agent.filter.JOSSOLogoutFilter</filter-class>
+ <init-param>
<!-- This should point to your JOSSO authentication server -->
<param-name>LOGOUT_URL</param-name>
<param-value>http://localhost:8888/josso/signon/logout.do</param-value>
- </init-param>
- </filter>
- <filter>
- <filter-name>InitiateLoginFilter</filter-name>
- <filter-class>org.gatein.sso.agent.filter.InitiateLoginFilter</filter-class>
- <init-param>
- <param-name>ssoServerUrl</param-name>
- <param-value>http://localhost:8888/josso/signon/login.do</param-value>
- </init-param>
- <init-param>
- <param-name>loginUrl</param-name>
- <param-value>http://localhost:8080/portal/dologin</param-value>
- </init-param>
- </filter>
- <!-- filters should be placed at the very top of the filter chain -->
- <filter-mapping>
- <filter-name>LoginRedirectFilter</filter-name>
- <url-pattern>/*</url-pattern>
- </filter-mapping>
- <filter-mapping>
- <filter-name>JOSSOLogoutFilter</filter-name>
- <url-pattern>/*</url-pattern>
- </filter-mapping>
- <filter-mapping>
- <filter-name>InitiateLoginFilter</filter-name>
- <url-pattern>/initiatessologin</url-pattern>
- </filter-mapping>
\ No newline at end of file
+ </init-param>
+</filter>
+<filter>
+ <filter-name>InitiateLoginFilter</filter-name>
+ <filter-class>org.gatein.sso.agent.filter.InitiateLoginFilter</filter-class>
+ <init-param>
+ <param-name>ssoServerUrl</param-name>
+ <param-value>http://localhost:8888/josso/signon/login.do</param-value>
+ </init-param>
+ <init-param>
+ <param-name>loginUrl</param-name>
+ <param-value>http://localhost:8080/portal/dologin</param-value>
+ </init-param>
+</filter>
+
+<!-- Mapping the filters at the very top of the filter chain -->
+<filter-mapping>
+ <filter-name>LoginRedirectFilter</filter-name>
+ <url-pattern>/*</url-pattern>
+</filter-mapping>
+<filter-mapping>
+ <filter-name>JOSSOLogoutFilter</filter-name>
+ <url-pattern>/*</url-pattern>
+</filter-mapping>
+<filter-mapping>
+ <filter-name>InitiateLoginFilter</filter-name>
+ <url-pattern>/initiatessologin</url-pattern>
+</filter-mapping>
\ No newline at end of file
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default118.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default118.xml 2011-11-09 21:18:17 UTC (rev 8017)
+++ epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default118.xml 2011-11-10 02:39:06 UTC (rev 8018)
@@ -1,5 +1,7 @@
<authentication>
<login-module code="org.gatein.sso.agent.login.SSOLoginModule" flag="required">
+ <module-option name="portalContainerName">portal</module-option>
+ <module-option name="realmName">gatein-domain</module-option>
</login-module>
<login-module code="org.exoplatform.services.security.j2ee.JbossLoginModule" flag="required">
<module-option name="portalContainerName">portal</module-option>
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default122.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default122.xml 2011-11-09 21:18:17 UTC (rev 8017)
+++ epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default122.xml 2011-11-10 02:39:06 UTC (rev 8018)
@@ -1,49 +1,48 @@
- <filter>
- <filter-name>LoginRedirectFilter</filter-name>
- <filter-class>org.gatein.sso.agent.filter.LoginRedirectFilter</filter-class>
- <init-param>
- <!-- This should point to your SSO authentication server -->
- <param-name>LOGIN_URL</param-name>
- <param-value>http://localhost:8888/opensso/UI/Login?
- realm=gatein&goto=http://localhost:8080/portal/initiatessologin</param-value>
- </init-param>
- </filter>
- <filter>
- <filter-name>OpenSSOLogoutFilter</filter-name>
- <filter-class>org.gatein.sso.agent.filter.OpenSSOLogoutFilter</filter-class>
- <init-param>
- <!-- This should point to your OpenSSO authentication server -->
- <param-name>LOGOUT_URL</param-name>
- <param-value>http://localhost:8888/opensso/UI/Logout</param-value>
- </init-param>
- </filter>
- <filter>
- <filter-name>InitiateLoginFilter</filter-name>
- <filter-class>org.gatein.sso.agent.filter.InitiateLoginFilter</filter-class>
- <init-param>
- <param-name>ssoServerUrl</param-name>
- <param-value>hhttp://localhost:8888/opensso</param-value>
- </init-param>
- <init-param>
- <param-name>loginUrl</param-name>
- <param-value>http://localhost:8080/portal/dologin</param-value>
- </init-param>
- <init-param>
+<filter>
+ <filter-name>LoginRedirectFilter</filter-name>
+ <filter-class>org.gatein.sso.agent.filter.LoginRedirectFilter</filter-class>
+ <init-param>
+ <!-- This should point to your SSO authentication server -->
+ <param-name>LOGIN_URL</param-name>
+ <param-value>http://localhost:8888/opensso/UI/Login?realm=gatein&goto=http://localhost:8080/portal/initiatessologin</param-value>
+ </init-param>
+</filter>
+<filter>
+ <filter-name>OpenSSOLogoutFilter</filter-name>
+ <filter-class>org.gatein.sso.agent.filter.OpenSSOLogoutFilter</filter-class>
+ <init-param>
+ <!-- This should point to your SSO authentication server -->
+ <param-name>LOGOUT_URL</param-name>
+ <param-value>http://localhost:8888/opensso/UI/Logout</param-value>
+ </init-param>
+</filter>
+<filter>
+ <filter-name>InitiateLoginFilter</filter-name>
+ <filter-class>org.gatein.sso.agent.filter.InitiateLoginFilter</filter-class>
+ <init-param>
+ <param-name>ssoServerUrl</param-name>
+ <param-value>http://localhost:8888/opensso</param-value>
+ </init-param>
+ <init-param>
+ <param-name>loginUrl</param-name>
+ <param-value>http://localhost:8080/portal/dologin</param-value>
+ </init-param>
+ <init-param>
<param-name>ssoCookieName</param-name>
<param-value>iPlanetDirectoryPro</param-value>
- </init-param>
- </filter>
+ </init-param>
+</filter>
- <!-- place the filters at the top of the filter chain -->
- <filter-mapping>
- <filter-name>LoginRedirectFilter</filter-name>
- <url-pattern>/*</url-pattern>
- </filter-mapping>
- <filter-mapping>
- <filter-name>OpenSSOLogoutFilter</filter-name>
- <url-pattern>/*</url-pattern>
- </filter-mapping>
- <filter-mapping>
- <filter-name>InitiateLoginFilter</filter-name>
- <url-pattern>/initiatessologin</url-pattern>
- </filter-mapping>
\ No newline at end of file
+<!-- Mapping the filters at the very top of the filter chain -->
+<filter-mapping>
+ <filter-name>LoginRedirectFilter</filter-name>
+ <url-pattern>/*</url-pattern>
+</filter-mapping>
+<filter-mapping>
+ <filter-name>OpenSSOLogoutFilter</filter-name>
+ <url-pattern>/*</url-pattern>
+</filter-mapping>
+<filter-mapping>
+ <filter-name>InitiateLoginFilter</filter-name>
+ <url-pattern>/initiatessologin</url-pattern>
+</filter-mapping>
\ No newline at end of file
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default125.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default125.xml 2011-11-09 21:18:17 UTC (rev 8017)
+++ epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default125.xml 2011-11-10 02:39:06 UTC (rev 8018)
@@ -1,5 +1,6 @@
+<deployment xmlns="urn:jboss:bean-deployer:2.0">
<property name="authenticators">
- <map keyClass="java.lang.String" valueClass="java.lang.String">
+ <map class="java.util.Properties" keyClass="java.lang.String" valueClass="java.lang.String">
<entry>
<key>BASIC</key>
<value>org.apache.catalina.authenticator.BasicAuthenticator</value>
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default126.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default126.xml 2011-11-09 21:18:17 UTC (rev 8017)
+++ epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default126.xml 2011-11-10 02:39:06 UTC (rev 8018)
@@ -1,20 +1,9 @@
-<deployment xmlns="urn:jboss:bean-deployer:2.0">
- <application-policy xmlns="urn:jboss:security-beans:1.0" name="gatein-domain">
- <!-- Uncomment this for Kerberos based SSO integration -->
- <authentication>
- <login-module
- code="org.gatein.sso.spnego.SPNEGOLoginModule"
- flag="requisite">
- <module-option name="password-stacking">useFirstPass</module-option>
- <module-option name="serverSecurityDomain">host</module-option>
- </login-module>
- <login-module
- code="org.gatein.sso.agent.login.SPNEGORolesModule"
- flag="required">
- <module-option name="password-stacking">useFirstPass</module-option>
- <module-option name="portalContainerName">portal</module-option>
- <module-option name="realmName">gatein-domain</module-option>
- </login-module>
- </authentication>
- </application-policy>
-</deployment>
+<login-module code="org.gatein.sso.spnego.SPNEGOLoginModule" flag="required">
+ <module-option name="password-stacking">useFirstPass</module-option>
+ <module-option name="serverSecurityDomain">host</module-option>
+</login-module>
+<login-module code="org.gatein.sso.agent.login.SPNEGORolesModule" flag="required">
+ <module-option name="password-stacking">useFirstPass</module-option>
+ <module-option name="portalContainerName">portal</module-option>
+ <module-option name="realmName">gatein-domain</module-option>
+</login-module>
\ No newline at end of file
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_PortalLifecycle/default166.java
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_PortalLifecycle/default166.java 2011-11-09 21:18:17 UTC (rev 8017)
+++ epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_PortalLifecycle/default166.java 2011-11-10 02:39:06 UTC (rev 8018)
@@ -18,7 +18,7 @@
try {
PortalContainer.setInstance(null) ;
} catch (Exception e) {
- log.warn("An error occured while cleaning the ThreadLocal", e);
+ log.warn("An error occurred while cleaning the ThreadLocal", e);
}
}
...
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_PortalLifecycle/default168.java
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_PortalLifecycle/default168.java 2011-11-09 21:18:17 UTC (rev 8017)
+++ epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_PortalLifecycle/default168.java 2011-11-10 02:39:06 UTC (rev 8018)
@@ -33,7 +33,7 @@
try {
component.endRequest(portalContainer);
} catch (Exception e) {
- log.warn("An error occured while calling the endRequest method", e);
+ log.warn("An error occurred while calling the endRequest method", e);
}
}
}
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_PortalLifecycle/is1.java
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_PortalLifecycle/is1.java 2011-11-09 21:18:17 UTC (rev 8017)
+++ epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_PortalLifecycle/is1.java 2011-11-10 02:39:06 UTC (rev 8018)
@@ -44,7 +44,7 @@
try {
PortalContainer.setInstance(null) ;
} catch (Exception e) {
- log.warn("An error occured while cleaning the ThreadLocal", e);
+ log.warn("An error occurred while cleaning the ThreadLocal", e);
}
}
log.info("Init of PortalController Servlet successful");
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default181.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default181.xml 2011-11-09 21:18:17 UTC (rev 8017)
+++ epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default181.xml 2011-11-10 02:39:06 UTC (rev 8018)
@@ -1,12 +1,12 @@
<head>
...
<!-- The portal skin -->
-<link id="CoreSkin" rel="stylesheet" type="text/CSS" href="/eXoResources/skin/Stylesheet.CSS" />
+<link id="CoreSkin" rel="stylesheet" type="text/css" href="/eXoResources/skin/Stylesheet.css" />
<!-- The portlet skins -->
-<link id="web_FooterPortlet" rel="stylesheet" type="text/CSS" href= "/web/skin/portal/webui/component/UIFooterPortlet/DefaultStylesheet.CSS" />
-<link id="web_NavigationPortlet" rel="stylesheet" type="text/CSS" href= "/web/skin/portal/webui/component/UINavigationPortlet/DefaultStylesheet.CSS" />
-<link id="web_HomePagePortlet" rel="stylesheet" type="text/CSS" href= "/portal/templates/skin/webui/component/UIHomePagePortlet/DefaultStylesheet.CSS" />
-<link id="web_BannerPortlet" rel="stylesheet" type="text/CSS" href= "/web/skin/portal/webui/component/UIBannerPortlet/DefaultStylesheet.CSS" />
+<link id="web_FooterPortlet" rel="stylesheet" type="text/css" href= "/web/skin/portal/webui/component/UIFooterPortlet/DefaultStylesheet.css" />
+<link id="web_NavigationPortlet" rel="stylesheet" type="text/css" href= "/web/skin/portal/webui/component/UINavigationPortlet/DefaultStylesheet.css" />
+<link id="web_HomePagePortlet" rel="stylesheet" type="text/css" href= "/portal/templates/skin/webui/component/UIHomePagePortlet/DefaultStylesheet.css" />
+<link id="web_BannerPortlet" rel="stylesheet" type="text/css" href= "/web/skin/portal/webui/component/UIBannerPortlet/DefaultStylesheet.css" />
...
-</head>
+</head>
\ No newline at end of file
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default182.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default182.xml 2011-11-09 21:18:17 UTC (rev 8017)
+++ epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default182.xml 2011-11-10 02:39:06 UTC (rev 8018)
@@ -1,7 +1,7 @@
<gatein-resources>
<portal-skin>
<skin-name>MySkin</skin-name>
- <CSS-path>/skin/myskin.CSS</CSS-path>
+ <css-path>/skin/myskin.css</css-path>
<overwrite>false</overwrite>
</portal-skin>
</gatein-resources>
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default183.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default183.xml 2011-11-09 21:18:17 UTC (rev 8017)
+++ epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default183.xml 2011-11-10 02:39:06 UTC (rev 8018)
@@ -5,5 +5,5 @@
<filter-mapping>
<filter-name>ResourceRequestFilter</filter-name>
- <url-pattern>*.CSS</url-pattern>
+ <url-pattern>*.css</url-pattern>
</filter-mapping>
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default184.java
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default184.java 2011-11-09 21:18:17 UTC (rev 8017)
+++ epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default184.java 2011-11-10 02:39:06 UTC (rev 8018)
@@ -1,4 +1,4 @@
- at import url(DefaultSkin/portal/webui/component/UIPortalApplicationSkin.CSS);
- at import url(DefaultSkin/webui/component/Stylesheet.CSS);
- at import url(PortletThemes/Stylesheet.CSS);
- at import url(Portlet/Stylesheet.CSS);
+ at import url(DefaultSkin/portal/webui/component/UIPortalApplicationSkin.css);
+ at import url(DefaultSkin/webui/component/Stylesheet.css);
+ at import url(PortletThemes/Stylesheet.css);
+ at import url(Portlet/Stylesheet.css);
\ No newline at end of file
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default185.java
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default185.java 2011-11-09 21:18:17 UTC (rev 8017)
+++ epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default185.java 2011-11-10 02:39:06 UTC (rev 8018)
@@ -1 +1 @@
- at import url(/eXoResources/skin/Portlet/Stylesheet.CSS);
+ at import url(/eXoResources/skin/Portlet/Stylesheet.css);
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default186.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default186.xml 2011-11-09 21:18:17 UTC (rev 8017)
+++ epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default186.xml 2011-11-10 02:39:06 UTC (rev 8018)
@@ -1,7 +1,7 @@
<gatein-resources>
<portal-skin>
<skin-name>MySkin</skin-name>
- <CSS-path>/skin/myskin.CSS</CSS-path>
+ <CSS-path>/skin/myskin.css</CSS-path>
<overwrite>false</overwrite>
</portal-skin>
</gatein-resources>
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default188.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default188.xml 2011-11-09 21:18:17 UTC (rev 8017)
+++ epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default188.xml 2011-11-10 02:39:06 UTC (rev 8018)
@@ -1,4 +1,4 @@
-.UIChangeSkinForm .UIItemSelector .TemplateContainer .MySkinImage
+.UIChangeSkinForm .UIItemSelector .TemplateContainer .MySkinImage {
margin: auto;
width: 329px; height:204px;
background: url('background/MySkin.jpg') no-repeat top;
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default190.java
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default190.java 2011-11-09 21:18:17 UTC (rev 8017)
+++ epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default190.java 2011-11-10 02:39:06 UTC (rev 8018)
@@ -1,126 +1,136 @@
/*---- MyTheme ----*/
.MyTheme .WindowBarCenter .WindowPortletInfo {
- margin-right: 80px; /* orientation=lt */
- margin-left: 80px; /* orientation=rt */
+ margin-right: 80px; /* orientation=lt */
+ margin-left: 80px; /* orientation=rt */
}
+
.MyTheme .WindowBarCenter .ControlIcon {
- float: right;/* orientation=lt */
- float: left;/* orientation=rt */
- width: 24px;
- height: 17px;
- cursor: pointer;
- background-image: url('background/MyTheme.png');
+ float: right; /* orientation=lt */
+ float: left; /* orientation=rt */
+ width: 24px;
+ height: 17px;
+ cursor: pointer;
+ background-image: url('background/MyTheme.png');
}
+
.MyTheme .ArrowDownIcon {
- background-position: center 20px;
+ background-position: center 20px;
}
+
.MyTheme .OverArrowDownIcon {
- background-position: center 116px;
+ background-position: center 116px;
}
+
.MyTheme .MinimizedIcon {
- background-position: center 44px;
+ background-position: center 44px;
}
+
.MyTheme .OverMinimizedIcon {
- background-position: center 140px;
+ background-position: center 140px;
}
+
.MyTheme .MaximizedIcon {
- background-position: center 68px;
+ background-position: center 68px;
}
+
.MyTheme .OverMaximizedIcon {
- background-position: center 164px;
+ background-position: center 164px;
}
+
.MyTheme .RestoreIcon {
- background-position: center 92px;
+ background-position: center 92px;
}
+
.MyTheme .OverRestoreIcon {
- background-position: center 188px;
+ background-position: center 188px;
}
+
.MyTheme .NormalIcon {
- background-position: center 92px;
+ background-position: center 92px;
}
+
.MyTheme .OverNormalIcon {
- background-position: center 188px;
+ background-position: center 188px;
}
-.UIPageDesktop .MyTheme .ResizeArea {
- float: right;/* orientation=lt */
- float: left;/* orientation=rt */
- width: 18px; height: 18px;
- cursor: nw-resize;
- background: url('background/ResizeArea18x18.gif') no-repeat left top; /* orientation=lt */
- background: url('background/ResizeArea18x18-rt.gif') no-repeat right top; /* orientation=rt */
-}
+
.MyTheme .Information {
- height: 18px; line-height: 18px;
- vertical-align: middle; font-size: 10px;
- padding-left: 5px;/* orientation=lt */
- padding-right: 5px;/* orientation=rt */
- margin-right: 18px;/* orientation=lt */
- margin-left: 18px;/* orientation=rt */
+ height: 18px; line-height: 18px;
+ vertical-align: middle; font-size: 10px;
+ padding-left: 5px; /* orientation=lt */
+ padding-right: 5px; /* orientation=rt */
+ margin-right: 18px; /* orientation=lt */
+ margin-left: 18px; /* orientation=rt */
}
+
.MyTheme .WindowBarCenter .WindowPortletIcon {
- background-position: left top; /* orientation=lt */
- background-position: right top; /* orientation=rt */
- padding-left: 20px; /* orientation=lt */
- padding-right: 20px; /* orientation=rt */
- height: 16px;
- line-height: 16px;
+ background-position: left top; /* orientation=lt */
+ background-position: right top; /* orientation=rt */
+ padding-left: 20px; /* orientation=lt */
+ padding-right: 20px; /* orientation=rt */
+ height: 16px;
+ line-height: 16px;
}
+
.MyTheme .WindowBarCenter .PortletName {
- font-weight: bold;
- color: #333333;
- overflow: hidden;
- white-space: nowrap;
- width: 100%;
+ font-weight: bold;
+ color: #333333;
+ overflow: hidden;
+ white-space: nowrap;
}
+
.MyTheme .WindowBarLeft {
- padding-left: 12px;
- background-image: url('background/MyTheme.png');
- background-repeat: no-repeat;
- background-position: left -148px;
+ padding-left: 12px;
+ background-image: url('background/MyTheme.png');
+ background-repeat: no-repeat;
+ background-position: left -148px;
}
+
.MyTheme .WindowBarRight {
- padding-right: 11px;
- background-image: url('background/MyTheme.png');
- background-repeat: no-repeat;
- background-position: right -119px;
+ padding-right: 11px;
+ background-image: url('background/MyTheme.png');
+ background-repeat: no-repeat;
+ background-position: right -119px;
}
+
.MyTheme .WindowBarCenter {
- background-image: url('background/MyTheme.png');
- background-repeat: repeat-x;
- background-position: left -90px;
+ background-image: url('background/MyTheme.png');
+ background-repeat: repeat-x;
+ background-position: left -90px;
+ height: 21px;
+ padding-top: 8px;
}
-.MyTheme .WindowBarCenter .FixHeight {
- height: 21px;
- padding-top: 8px;
-}
+
.MyTheme .MiddleDecoratorLeft {
- padding-left: 12px;
- background: url('background/MyTheme.png') repeat-y left;
+ padding-left: 12px;
+ background: url('background/MMyTheme.png') repeat-y left;
}
+
.MyTheme .MiddleDecoratorRight {
- padding-right: 11px;
- background: url('background/MyTheme.png') repeat-y right;
+ padding-right: 11px;
+ background: url('background/MMyTheme.png') repeat-y right;
}
+
.MyTheme .MiddleDecoratorCenter {
- background: #ffffff;
+ background: #ffffff;
}
+
.MyTheme .BottomDecoratorLeft {
- MyTheme: 12px;
- background-image: url('background/MyTheme.png');
- background-repeat: no-repeat;
- background-position: left -60px;
+ padding-left: 12px;
+ background-image: url('background/MyTheme.png');
+ background-repeat: no-repeat;
+ background-position: left -60px;
}
+
.MyTheme .BottomDecoratorRight {
- padding-right: 11px;
- background-image: url('background/MyTheme.png');
- background-repeat: no-repeat;
- background-position: right -30px;
+ padding-right: 11px;
+ background-image: url('background/MyTheme.png');
+ background-repeat: no-repeat;
+ background-position: right -30px;
}
+
.MyTheme .BottomDecoratorCenter {
- background-image: url('background/MyTheme.png');
- background-repeat: repeat-x;
- background-position: left top;
-}
-.MyTheme .BottomDecoratorCenter .FixHeight {
- height: 30px;
-}
+ background-image: url('background/MyTheme.png');
+ background-repeat: repeat-x;
+ background-position: left top;
+ height: 30px;
+}
\ No newline at end of file
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default191.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default191.xml 2011-11-09 21:18:17 UTC (rev 8017)
+++ epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default191.xml 2011-11-10 02:39:06 UTC (rev 8018)
@@ -2,12 +2,12 @@
<application-name>portletAppName</application-name>
<portlet-name>PortletName</portlet-name>
<skin-name>Default</skin-name>
- <CSS-path>/skin/DefaultStylesheet.CSS</CSS-path>
+ <css-path>/skin/DefaultStylesheet.css</css-path>
</portlet-skin>
<portlet-skin>
<application-name>portletAppName</application-name>
<portlet-name>PortletName</portlet-name>
<skin-name>OtherSkin</skin-name>
- <CSS-path>/skin/OtherSkinStylesheet.CSS</CSS-path>
+ <css-path>/skin/OtherSkinStylesheet.css</css-path>
</portlet-skin>
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/modules/AuthenticationAndIdentity/BackendConfiguration.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/en-US/modules/AuthenticationAndIdentity/BackendConfiguration.xml 2011-11-09 21:18:17 UTC (rev 8017)
+++ epp/docs/branches/5.2/Reference_Guide/en-US/modules/AuthenticationAndIdentity/BackendConfiguration.xml 2011-11-10 02:39:06 UTC (rev 8018)
@@ -3,7 +3,7 @@
<!ENTITY % BOOK_ENTITIES SYSTEM "Reference_Guide_eXo_JCR_1.14.ent">
%BOOK_ENTITIES;
]>
-<section id="sect-Reference_Guide_eXo_JCR_1.14-PicketLink_IDM_integration">
+<section id="sect-Reference_Guide-PicketLink_IDM_integration">
<title>PicketLink IDM integration</title>
<para>
JBoss Enterprise Portal Platform uses the <literal>PicketLink IDM</literal> component to store necessary identity information about users, groups and memberships. While legacy interfaces are still used (<literal>org.exoplatform.services.organization</literal>) for identity management, there is a wrapper implementation that delegates to PicketLink IDM framework.
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/modules/AuthenticationAndIdentity/SSO.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/en-US/modules/AuthenticationAndIdentity/SSO.xml 2011-11-09 21:18:17 UTC (rev 8017)
+++ epp/docs/branches/5.2/Reference_Guide/en-US/modules/AuthenticationAndIdentity/SSO.xml 2011-11-10 02:39:06 UTC (rev 8018)
@@ -57,9 +57,10 @@
<para>
Users are advised to not run any portal extensions that could override the data when manipulating the <filename>gatein.ear</filename> file directly.
</para>
+<!-- Removed in GateIn reference-guide
<para>
- Remove <filename>JBOSS_HOME/server/PROFILE/deploy/gatein-sample-extension.ear</filename> and <filename>JBOSS_HOME/server/PROFILE/deploy/gatein-sample-portal.ear</filename> which are packaged by default with &PRODUCT;.
- </para>
+ Remove <filename>JBOSS_HOME/server/PROFILE/deploy/gatein-sample-extension.ear</filename> and <filename>JBOSS_HOME/server/PROFILE/deploy/gatein-sample-portal.ear</filename> which are packaged by default with JBoss Enterprise Portal Platform.
+ </para> -->
</warning>
</section>
@@ -88,7 +89,7 @@
<para>
To successfully implement SSO integration, do the following:
</para>
- <procedure>
+ <procedure id="proc-Reference_Guide-Enabling_SSO_using_JBoss_SSO_Valve-SSO_Integration">
<title>SSO Integration</title>
<step>
<para>
@@ -166,7 +167,7 @@
</procedure>
</listitem>
<listitem>
- <procedure>
+ <procedure id="proc-Reference_Guide-SSO_Integration-Switch_to_BASIC_authentication">
<title>Switch to <emphasis role="bold">BASIC</emphasis> authentication</title>
<step>
<para>
@@ -224,7 +225,7 @@
</para>
</step>
</procedure>
- <formalpara>
+ <formalpara id="form-Reference_Guide-Enabling_SSO_using_JBoss_SSO_Valve-Enabling_SSO_in_a_physical_cluster">
<title>Enabling SSO in a physical cluster</title>
<para>
If you require SSO to work across a physical cluster of separate machines you will need to use the <parameter>cookieDomain</parameter> attribute of the SSO valve.
@@ -265,7 +266,7 @@
<para>
This will ensure the <literal>JSESSIONIDSSO</literal> cookie is used in the correct domain, allowing the SSO authentication to occur.
</para>
- <formalpara>
+ <formalpara id="form-Reference_Guide-Enabling_SSO_using_JBoss_SSO_Valve-Enabling_SSO_with_Other_Web_Applications">
<title>Enabling SSO with Other Web Applications</title>
<para>
As mentioned earlier, in order to use SSO authentication between JBoss Enterprise Portal Platform instances and other web applications, the roles defined in the web application must match those used in the portal instance.
@@ -374,7 +375,11 @@
<para>
This Single Sign On plugin enables seamless integration between JBoss Enterprise Portal Platform and the Central Authentication Service (<emphasis role="bold">CAS</emphasis>) Single Sign On Framework. Details about CAS can be found <ulink url="http://www.ja-sig.org/products/cas/">here</ulink>.
</para>
- <procedure id="proc-Reference_Guide-CAS_Central_Authentication_Service-CAS_server">
+ <para>
+ The integration consists of two parts; the first part consists of installing or configuring a CAS server, the second part consists of setting up the portal to use the CAS server.
+ </para>
+
+ <procedure id="proc-Reference_Guide_eXo_JCR_1.14-CAS_Central_Authentication_Service-CAS_server">
<title>CAS server</title>
<step>
<para>
@@ -385,6 +390,9 @@
<para>
Downloaded CAS from <ulink type="http" url="http://www.jasig.org/cas/download">http://www.jasig.org/cas/download</ulink>.
</para>
+ <para>
+ The version, tested with these instructions is <emphasis role="bold">CAS 3.3.5</emphasis>. Other versions may work.
+ </para>
</step>
<step>
<para>
@@ -428,9 +436,6 @@
</para>
<programlisting language="XML" role="XML"><xi:include href="../../extras/Authentication_Identity_SSO/default103.xml" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
- <para>
- Make sure to set the <emphasis>host</emphasis>, <emphasis>port</emphasis> and <emphasis>context</emphasis> with the values corresponding to your portal (also available in <filename><replaceable>PORTAL_SSO</replaceable>/cas/plugin/WEB-INF/deployerConfigContext.xml</filename>).
- </para>
</step>
<step>
<para>
@@ -467,13 +472,12 @@
<para>
Tomcat should start without issue and should be accessible at <ulink type="http" url="http://localhost:8888/cas">http://localhost:8888/cas</ulink>.
</para>
- <!--Removed in gatein commit r7620:
<note>
<para>
At this stage the login functionality will not be available.
</para>
+ </note>
- </note>-->
<mediaobject>
<imageobject>
<imagedata fileref="images/AuthenticationAndIdentity/SSO/cas.png" format="PNG" scale="100" width="444" />
@@ -483,10 +487,9 @@
</step>
</procedure>
- <!--Added in gatein commit r7620 -->
+
<note>
- <remark>Added in gatein commit r7620</remark>
- <para>
+ <para>
On logout, the CAS server will display the CAS logout page with a link to return to the portal. To make the CAS server redirect to the portal page after a logout, modify the <filename>cas.war/WEB-INF/cas-servlet.xml</filename> to include the follow line :
</para>
<programlisting>
@@ -576,17 +579,9 @@
<para>
Add the following Filters at the top of the filter chain in <filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename>:
</para>
-<remark>DOC NOTE: Please check code sample as updated according to gatein r7620</remark>
+
<programlisting language="XML" role="XML"><xi:include href="../../extras/Authentication_Identity_SSO/default109.xml" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
</step>
- <step>
- <remark> This step removed in gatein r7620. Should it be removed here?</remark>
- <para>
- Replace the <literal>InitiateLoginServlet</literal> declaration in <filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename> with:
- </para>
-<programlisting language="XML" role="XML"><xi:include href="../../extras/Authentication_Identity_SSO/default110.xml" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
-
- </step>
</procedure>
<para>
@@ -619,13 +614,6 @@
<para>
Extract the package into what will be called <filename>JOSSO_HOME</filename> in this example.
</para>
- <warning>
- <title>JOSSO Versions</title>
-
- <para>
- The steps described later are only correct in case of JOSSO v.1.8.1.
- </para>
- </warning>
</step>
</procedure>
@@ -669,11 +657,7 @@
</step>
<step>
<para>
- Tomcat will start and allow access to
- <ulink type="http" url="http://localhost:8888/josso/signon/login.do">
- http://localhost:8888/josso/signon/login.do
- </ulink>
- but at this stage login will not be available.
+ Tomcat will start and allow access to <ulink type="http" url="http://localhost:8888/josso/signon/login.do"> http://localhost:8888/josso/signon/login.do </ulink> but at this stage login will not be available.
</para>
<mediaobject>
<imageobject>
@@ -687,12 +671,12 @@
<title>Setup the JOSSO client</title>
<step>
<para>
- Copy the library files from <filename><replaceable>PORTAL_SSO</replaceable>/josso/gatein.ear/lib</filename> into <filename>gatein.ear/lib</filename>
+ Copy the library files from <filename><replaceable>PORTAL_SSO</replaceable>/josso/gatein.ear/lib</filename> into <filename>gatein.ear/lib</filename> (or into <filename>GATEIN_HOME/lib</filename> if the product is running in Tomcat).
</para>
</step>
<step>
<para>
- Copy the <filename><replaceable>PORTAL_SSO</replaceable>/josso/gatein.ear/02portal.war/WEB-INF/classes/josso-agent-config.xml</filename> file into the <filename>gatein.ear/02portal.war/WEB-INF/classes</filename> directory.
+ Copy the <filename><replaceable>PORTAL_SSO</replaceable>/josso/gatein.ear/portal.war/WEB-INF/classes/josso-agent-config.xml</filename> file into the <filename>gatein.ear/02portal.war/WEB-INF/classes</filename> directory (or into <filename>JBOSS_HOME/webapps/portal.war/WEB-INF/classes</filename>, or <filename>GATEIN_HOME/conf</filename> if the product is running in Tomcat).
</para>
</step>
<step>
@@ -704,9 +688,19 @@
</step>
<step>
<para>
+ In Tomcat, edit <filename>JBOSS_HOME/conf/jaas.conf</filename> and uncomment this section:
+ </para>
+<programlisting>org.gatein.sso.agent.login.SSOLoginModule required;
+org.exoplatform.services.security.j2ee.TomcatLoginModule requiredtm
+portalContainerName=portal
+realmName=gatein-domain;
+</programlisting>
+ </step>
+ <step>
+ <para>
The installation can be tested at this point.
</para>
- <procedure>
+ <substeps>
<step>
<para>
Start (or restart) JBoss Enterprise Portal Platform, and (assuming the JOSSO server on Tomcat is running) direct your browser to <ulink type="http" url="http://localhost:8888/josso/signon/login.do">http://localhost:8888/josso/signon/login.do</ulink>.
@@ -717,7 +711,7 @@
Login with the username <literal>root</literal> and the password <literal>gtn</literal> or any account created through the portal.
</para>
</step>
- </procedure>
+ </substeps>
</step>
</procedure>
@@ -754,22 +748,8 @@
<para>
Add the following Filters to the top of the filter chain in <filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename>:
</para>
-<remark>DOC NOTE: Please check code sample as updated according to gatein r7647</remark>
<programlisting language="XML" role="XML"><xi:include href="../../extras/Authentication_Identity_SSO/default115.xml" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
</step>
- <step>
- <remark> This step removed in gatein r7647. Should it be removed here?</remark>
- <para>
- Replace the <literal>InitiateLoginServlet</literal> declaration in <filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename> with:
- </para>
-
-<programlisting language="XML" role="XML"><xi:include href="../../extras/Authentication_Identity_SSO/default116.xml" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
- </step>
- <step>
- <para>
- Remove the <literal>PortalLoginController</literal> servlet declaration and mapping in <filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename>
- </para>
- </step>
</procedure>
<para>
@@ -789,7 +769,10 @@
<para>
OpenSSO must be purchased from <ulink type="http" url="http://www.oracle.com/technetwork/middleware/id-mgmt/overview/index.html">Oracle</ulink>.
</para>
-
+ <para>
+ For testing purpose, use OpenSSO_80U2, which can be downloaded from <ulink type="http" url="http://download.oracle.com/otn/nt/middleware/11g/oracle_opensso_80U2.zip"> Oracle </ulink> .
+ </para>
+ </step>
<step>
<para>
Extract the package into a suitable location. This location will be referred to as <filename>OPENSSO_HOME</filename> in this example.
@@ -797,6 +780,15 @@
</step>
</procedure>
+ <note>
+ <para>
+ It is also possible to use OpenAM instead of OpenSSO server. OpenAM is free and the integration steps between Enterprise Portal Platform and OpenAM are very similar as with OpenSSO. More info is available <ulink type="http" url="http://community.jboss.org/wiki/GateInAndOpenAMIntegration"> here </ulink> .
+ </para>
+ </note>
+ </section>
+
+ <section id="sect-Reference_Guide_eXo_JCR-1.14-OpenSSO_server-Modifying_OpenSSO_server">
+ <title>Modifying the OpenSSO server</title>
<para>
To configure the web server as required, it is simpler to directly modify the source files.
</para>
@@ -898,10 +890,10 @@
</para>
<important>
<para>
- Go to the "<emphasis role="bold">Configuration</emphasis>" tab then to "<emphasis role="bold">Authentication</emphasis>".
+ Go to <menuchoice><guimenu>Configuration</guimenu><guimenuitem>Authentication</guimenuitem></menuchoice> and follow the link to <guilabel>Core</guilabel>
</para>
<para>
- Follow the link to "<emphasis role="bold">Core</emphasis>" and add a new value with the class name "<literal>org.gatein.sso.opensso.plugin.AuthenticationPlugin</literal>".
+ Add a new value with the class name <literal>org.gatein.sso.opensso.plugin.AuthenticationPlugin</literal>.
</para>
<para>
If this is not done <literal>AuthenticationPlugin</literal> is not available among other OpenSSO authentication modules.
@@ -910,35 +902,35 @@
</step>
<step>
<para>
- Go to the "<emphasis role="bold">Access control</emphasis>" tab and create new realm called "<literal>gatein</literal>".
+ Go to the <guilabel>Access control</guilabel> tab and create new realm called <literal>gatein</literal>.
</para>
</step>
<step>
<substeps>
<step>
<para>
- Go to the new "<literal>gatein</literal>" realm and click on the "<emphasis role="bold">Authentication</emphasis>" tab.
+ Go to the new <literal>gatein</literal> realm and click on the <guilabel>Authentication</guilabel> tab.
</para>
</step>
<step>
<para>
- Click on "<emphasis role="bold">ldapService</emphasis>" (at the bottom in the "Authentication chaining" section).
+ Click on <guilabel>ldapService</guilabel> (at the bottom in the <guilabel>Authentication chaining</guilabel> section).
</para>
</step>
<step>
<para>
- Change the selection from "<literal>Datastore</literal>", which is the default module in the authentication chain, to "<literal>AuthenticationPlugin</literal>".
+ Change the selection from <literal>Datastore</literal>, which is the default module in the authentication chain, to <literal>AuthenticationPlugin</literal>.
</para>
</step>
</substeps>
<para>
- These changes enable authentication of the "<literal>gatein</literal>" realm using the <literal>GateIn REST</literal> service instead of the OpenSSO LDAP server.
+ These changes enable authentication of the <literal>gatein</literal> realm using the <literal>GateIn REST</literal> service instead of the OpenSSO LDAP server.
</para>
</step>
<step>
<para>
- Go to "<emphasis role="bold">Advanced properties</emphasis>" and change <literal>UserProfile</literal> from "<parameter>Required</parameter>" to "<parameter>Dynamic</parameter>" to ensure all new users are automatically created in the OpenSSO datastore after successful authentication.
+ Go to <guilabel>Advanced properties</guilabel> and change <literal>UserProfile</literal> from <parameter>Required</parameter> to <parameter>Dynamic</parameter> to ensure all new users are automatically created in the OpenSSO datastore after successful authentication.
</para>
</step>
<step>
@@ -948,7 +940,7 @@
<substeps>
<step>
<para>
- Go to "<emphasis role="bold">Access control</emphasis>", then <emphasis role="bold">Top level realm</emphasis>, then click on the "<emphasis role="bold">Privileges</emphasis>" tab and go to "<emphasis role="bold">All authenticated users</emphasis>".
+ Go to <menuchoice><guimenu>Access control</guimenu><guimenuitem>Top level realm</guimenuitem><guimenuitem>Privileges</guimenuitem><guimenuitem>All authenticated users</guimenuitem></menuchoice>.
</para>
</step>
<step>
@@ -976,15 +968,19 @@
</para>
</step>
</procedure>
+ </section>
- <procedure id="proc-Reference_Guide-OpenSSO_The_Open_Web_SSO_project-Setup_the_OpenSSO_client">
+ <section id="sect-Reference_Guide-OpenSSO_The_Open_Web_SSO_project-Setup_the_OpenSSO_client">
+ <title>Setup the OpenSSO Client</title>
+
+ <procedure id="proc-Reference_Guide_eXo_JCR_1.14-OpenSSO_The_Open_Web_SSO_project-Setup_the_OpenSSO_client">
<title>Setup the OpenSSO client</title>
<step>
<para>
Copy all libraries from the <filename><replaceable>PORTAL_SSO</replaceable>/opensso/gatein.ear/lib</filename> directory into the <filename>JBOSS_HOME/server/default/deploy/gatein.ear/lib</filename> directory.
</para>
<para>
- Alternatively, in a Tomcat environment, copy the libraries into the <filename>GATEIN_HOME/lib</filename> directory.
+ Alternatively, in a Tomcat environment, copy the libraries into the <filename>JBOSS_HOME/lib</filename> directory.
</para>
</step>
<step>
@@ -996,7 +992,7 @@
</step>
<step>
<para>
- If you are running &PRODUCT; in Tomcat, edit $GATEIN_HOME/conf/jaas.conf, uncomment on this section and comment other parts:
+ If you are running the product in Tomcat, edit <replaceable><JBOSS_HOME></replaceable>/conf/jaas.conf, uncomment the following section and comment all other sections:
</para>
<programlisting>org.gatein.sso.agent.login.SSOLoginModule required;
org.exoplatform.services.security.j2ee.TomcatLoginModule required
@@ -1022,6 +1018,10 @@
</procedure>
</step>
</procedure>
+ </section>
+
+ <section id="sect-Reference_Guide-OpenSSO_The_Open_Web_SSO_project-Setup_the_portal_to_redirect_to_OpenSSO">
+ <title>Setup the portal to redirect to OpenSSO</title>
<para>
The next part of the process is to redirect all user authentication to the OpenSSO server.
@@ -1058,14 +1058,6 @@
</para>
<programlisting language="XML" role="XML"><xi:include href="../../extras/Authentication_Identity_SSO/default122.xml" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
</step>
-<!--<step>
- <remark> This step removed in gatein r7647. Should it be removed here?</remark>
- <para>
- Replace the <literal>InitiateLoginServlet</literal> declaration in <filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename> with:
- </para>
-
-<programlisting language="XML" role="XML"><xi:include href="../../extras/Authentication_Identity_SSO/default123.xml" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
- </step>-->
</procedure>
<para>
@@ -1100,7 +1092,7 @@
</step>
<step>
<para>
- JBoss EAP/AS uses background GSS messages with the Active Directory (or any Kerberos Server) to validate the user.
+ JBoss EAP/AS uses background GSS messages with the Active Directory (or any Kerberos Server) to validate the Kerberos ticket from user.
</para>
</step>
<step>
@@ -1110,25 +1102,29 @@
</step>
</procedure>
+ <section id="SPNEGO_server_configuration">
+ <title>SPNEGO Server Configuration</title>
<para>
- JBoss Enterprise Portal Platform uses JBoss Negotiation to enable SPNEGO-based desktop SSO.
+ In this section, we will describe some necessary steps for setup Kerberos server on Linux. This server will then be used for SPNEGO authentication against JBoss Enterprise Portal Platform.
</para>
- <para>
- The following procedure outlines how to integrate SPNEGO with the JBoss Enterprise Portal Platform.
- </para>
+
<note>
<title>SPNEGO Basics</title>
<para>
- The procedure below only describes the basic steps to configure the SPNEGO server. If you are already familiar with SPNEGO, you can jump to the
+ The procedure below only describes the basic steps to configure the SPNEGO server in a Linux environment. If you are already familiar with SPNEGO, or if you are using Windows and Active Directory domain, you can jump to the
<xref linkend="proc-Reference_Guide_eXo_JCR_1.14-SPNEGO_Simple_and_Protected_GSSAPI_Negotiation_Mechanism-Advanced_SPNEGO_Configuration" />
to see how to integrate SPNEGO with JBoss Enterprise Portal Platform.
</para>
+
+ <para>
+ Please note that Kerberos setup is also dependent on your Linux distribution and so steps can be slightly different in your environment.
+ </para>
</note>
<procedure id="proc-Reference_Guide_eXo_JCR_1.14-SPNEGO_Simple_and_Protected_GSSAPI_Negotiation_Mechanism-SPNEGO_Basics">
<title>SPNEGO Basics</title>
<step>
<para>
- Correct the setup of network on the machine. For example, if you are using the "server.local.network" domain as your machine where Kerberos and &PRODUCT; are localed, add the line containing the machine's IP address to the <emphasis role="bold">/etc/host </emphasis> file.
+ Correct the setup of network on the machine. For example, if you are using the "server.local.network" domain as your machine where Kerberos and JBoss Enterprise Portal Platform are localed, add the line containing the machine's IP address to the <emphasis role="bold">/etc/host </emphasis> file.
</para>
<programlisting>
192.168.1.88 server.local.network
@@ -1326,21 +1322,73 @@
<itemizedlist>
<listitem>
<para>
- If the setup works well, you are required to enter the password created for this user in Step 5.
+ If the setup works well, you are required to enter the password created for this user in Step 5. Without the -A, the kerberos ticket validation involved reverse DNS lookups, which can get very cumbersome to debug if your network's DNS setup is not great. This is a production level security feature, which is not necessary in this development setup. In production environment, it will be better to avoid -A option.
</para>
</listitem>
<listitem>
<para>
- If you want to login with another user, use this command.
+ After successful login to Kerberos, you can see your Kerberos ticket when using this command.
</para>
<programlisting>
+klist
+</programlisting>
+ </listitem>
+
+ <listitem>
+ <para>
+ If you want to logout and destroy your ticket, use this command.
+ </para>
+<programlisting>
kdestroy
</programlisting>
</listitem>
</itemizedlist>
</step>
</procedure>
+ </section>
+
+ <section id="Single_Sign_On-CAS_Central_Clients">
+ <title>Clients</title>
+
+ <para>
+ After performing all configurations above, you need to enable the <emphasis role="bold">Negotiate authentication </emphasis> of Firefox in client machines so that clients could be authenticated by JBoss Enterprise Portal Platform as follows:
+ </para>
+
+ <procedure>
+ <step>
+ <para>
+ Start Firefox, then enter the command: <emphasis role="bold">about:config </emphasis> into the address field.
+ </para>
+ </step>
+
+ <step>
+ <para>
+ Enter <emphasis role="bold">network.negotiate-auth</emphasis> and set the value as below:
+ </para>
+<programlisting>
+network.negotiate-auth.allow-proxies = true
+network.negotiate-auth.delegation-uris = .local.network
+network.negotiate-auth.gsslib (no-value)
+network.negotiate-auth.trusted-uris = .local.network
+network.negotiate-auth.using-native-gsslib = true
+</programlisting>
+ </step>
+ </procedure>
+
+ <note>
+ <para>
+ Consult documentation of your OS or web browser if using different browser than Firefox.
+ </para>
+ </note>
+ </section>
+
+ <section id="Single_Sign_On-SPNEGO-GateIn_Configuration">
+ <title>JBoss Enterprise Portal Platform Configuration</title>
+
+ <para>
+ JBoss Enterprise Portal Platform uses JBoss Negotiation to enable SPNEGO-based desktop SSO for the portal. Here are the steps to integrate SPNEGO with JBoss Enterprise Portal Platform.
+ </para>
<procedure id="proc-Reference_Guide_eXo_JCR_1.14-SPNEGO_Simple_and_Protected_GSSAPI_Negotiation_Mechanism-Advanced_SPNEGO_Configuration">
<title>Advanced SPNEGO Configuration</title>
<step>
@@ -1350,8 +1398,9 @@
<programlisting language="XML" role="XML"><xi:include href="../../extras/Authentication_Identity_SSO/default124.xml" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
<para>
- The '<literal>keyTab</literal>' value should point to the keytab file that was generated by the <literal>kadmin</literal> Kerberos tool. See the
- <xref linkend="proc-Reference_Guide_eXo_JCR_1.14-SPNEGO_Simple_and_Protected_GSSAPI_Negotiation_Mechanism-SPNEGO_Basics"/> for more details.
+ The '<literal>keyTab</literal>' value should point to the keytab file that was generated by the <literal>kadmin</literal> Kerberos tool. When using Kerberos on Linux, it should be value of parameter <emphasis role="bold">admin_keytab</emphasis> from kdc.conf file. See the
+ <xref linkend="proc-Reference_Guide_eXo_JCR_1.14-SPNEGO_Simple_and_Protected_GSSAPI_Negotiation_Mechanism-SPNEGO_Basics"/>
+ for more details.
</para>
</step>
<step>
@@ -1363,17 +1412,26 @@
</step>
<step>
<para>
- Add the Gatein SSO module binaries by adding <filename><replaceable>PORTAL_SSO</replaceable>/spnego/gatein.ear/lib/sso-agent.jar</filename> and <filename><replaceable>PORTAL_SSO</replaceable>/spnego/gatein.ear/lib/spnego-<replaceable>VERSION</replaceable>-epp-GA.jar</filename> to <filename>deploy/gatein.ear/lib</filename>.
+ Add the GateIn SSO module binaries by copying <emphasis role="bold">GATEIN_SSO_HOME/spnego/gatein.ear/lib/sso-agent-VERSION.jar</emphasis> to the <emphasis role="bold">JBOSS_HOME/server/default/deploy/gatein.ear/lib</emphasis> directory. File <emphasis role="bold">GATEIN_SSO_HOME/spnego/gatein.ear/lib/spnego-VERSION.jar</emphasis> needs to be copied to the <emphasis role="bold">JBOSS_HOME/server/default/lib</emphasis> directory.
</para>
</step>
+<!-- This step not required as EPP already has the correct version of Negotiation 2.0.4.GA
<step>
<para>
- Modifying <filename>deploy/gatein.ear/META-INF/gatein-jboss-beans.xml</filename> to match the following:
+ Download library <filename>jboss-negotiation-2.0.4.GA</filename> from location
+ <ulink type="html" url="https://repository.jboss.org/nexus/content/groups/public/org/jboss/security/jboss-negotiation/2.0.4.GA/jboss-negotiation-2.0.4.GA.jar">https://repository.jboss.org/nexus/content/groups/public/org/jboss/security/jboss-negotiation/2.0.4.GA/jboss-negotiation-2.0.4.GA.jar</ulink>
+ and copy this file to <filename>JBOSS_HOME/server/default/lib</filename> directory as well.
</para>
+ </step>
+ -->
+ <step>
+ <para>
+ Modify the <filename>deploy/gatein.ear/META-INF/gatein-jboss-beans.xml</filename> file to match the following:
+ </para>
<programlisting language="XML" role="XML"><xi:include href="../../extras/Authentication_Identity_SSO/default126.xml" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
<para>
- This activates the SPNEGO <literal>LoginModule</literal> for use with JBoss Enterprise Portal Platform.
+ This activates SPNEGO LoginModules with fallback to FORM authentication. When SPNEGO is not available and it needs to fallback to FORM, it will use <emphasis role="bold">gatein-form-auth-domain</emphasis> security domain.
</para>
</step>
<step>
@@ -1383,13 +1441,8 @@
<programlisting language="XML" role="XML"><xi:include href="../../extras/Authentication_Identity_SSO/default127.xml" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
<para>
- This integrates SPNEGO support into the Portal web archive by switching authentication mechanism from the default "<literal>FORM</literal>"-based to "<literal>SPNEGO</literal>"-based authentication.
+ Integrate the request pre-processing needed for SPNEGO via filters by adding the following filters to the <emphasis role="bold">JBOSS_HOME/server/default/deploy/gatein.ear/02portal.war/WEB-INF/web.xml</emphasis> at the top of the Filter chain.
</para>
- </step>
- <step>
- <para>
- Add the following filters to the top of the Filter chain in the <filename>web.xml</filename> file:
- </para>
<programlisting language="XML" role="XML"><xi:include href="../../extras/Authentication_Identity_SSO/default128.xml" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
<para>
@@ -1402,9 +1455,6 @@
</para>
<programlisting language="Java" role="Java"><xi:include href="../../extras/Authentication_Identity_SSO/default129.java" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
- <para>
- This modifies the Portal's '<emphasis role="bold">Sign In</emphasis>' link to perform SPNEGO authentication.
- </para>
</step>
<step>
<para>
@@ -1428,6 +1478,9 @@
<para>
Clicking the 'Sign In' link on the JBoss Enterprise Portal Platform should automatically sign the 'demo' user into the portal.
</para>
+ <para>
+ If you destroy your kerberos ticket with command <command>kdestroy</command>, then try to login again, you will directed to the login screen of JBoss Enterprise Portal Product because you don't have active Kerberos ticket. You can login with predefined account and password "demo"/"gtn" .
+ </para>
</section>
<section>
@@ -1453,5 +1506,6 @@
</programlisting>
</step>
</procedure>
-</section>
-
+ </section>
+ </section>
+</section>
\ No newline at end of file
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/modules/Introduction.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/en-US/modules/Introduction.xml 2011-11-09 21:18:17 UTC (rev 8017)
+++ epp/docs/branches/5.2/Reference_Guide/en-US/modules/Introduction.xml 2011-11-10 02:39:06 UTC (rev 8018)
@@ -32,7 +32,7 @@
This device will refer to the <application>JBoss Application Server</application> (<filename>jboss-as</filename>) directory deployed in JBoss Enterprise Portal Platform by default.
</para>
<para>
- Therefore, if your JBoss Enterprise Portal Platform instance is deployed into a directory called <filename>jboss-epp-&VZ;/</filename>, your <replaceable><JBOSS_HOME></replaceable> directory would be <filename>jboss-epp-&VZ;/jboss-as/</filename>.
+ Therefore, if your JBoss Enterprise Portal Platform instance is deployed into a directory called <filename>jboss-epp-&VY;/</filename>, your <replaceable><JBOSS_HOME></replaceable> directory would be <filename>jboss-epp-&VY;/jboss-as/</filename>.
</para>
</listitem>
</varlistentry>
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/modules/PortalDevelopment/Skinning.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/en-US/modules/PortalDevelopment/Skinning.xml 2011-11-09 21:18:17 UTC (rev 8017)
+++ epp/docs/branches/5.2/Reference_Guide/en-US/modules/PortalDevelopment/Skinning.xml 2011-11-10 02:39:06 UTC (rev 8018)
@@ -156,7 +156,7 @@
JBoss Enterprise Portal Platform automatically discovers web archives that contain a file descriptor for skins (<filename>WEB-INF/gatein-resources.xml</filename>). This file is responsible for specifying the portal, portlet and window decorators to be deployed into the skin service.
</para>
<para>
- The full schema can be found at: <ulink type="http" url="http://www.gatein.org/xml/ns/gatein_resources_1_0" />.
+ The full schema can be found at: <ulink type="http" url="http://www.gatein.org/xml/ns/gatein_resources_1_2" />.
</para>
<para>
Below is an example of where to define a skin (<literal>MySkin</literal>) with its CSS location, and specify some window decorator skins:
@@ -210,7 +210,7 @@
</listitem>
</varlistentry>
<varlistentry>
- <term>skin/Stylesheet.CSS</term>
+ <term>skin/Stylesheet.css</term>
<listitem>
<para>
This file is the main portal skin stylesheet. It is the main entry point to the CSS class definitions for the skin. The main content points of this file are:
@@ -322,7 +322,7 @@
In order for the default skin to display the skin icon for a new portal skin, the preview screenshot needs to be placed in: <filename>01eXoResources.war:/skin/DefaultSkin/portal/webui/component/customization/UIChangeSkinForm/background</filename>.
</para>
<para>
- The CSS stylesheet for the default portal needs to have the following updated with the preview icon CSS class. For a skin named <emphasis role="bold">MySkin</emphasis> then the following needs to be updated: <filename>01eXoResources.war:/skin/DefaultSkin/portal/webui/component/customization/UIChangeSkinForm/Stylesheet.CSS</filename>.
+ The CSS stylesheet for the default portal needs to have the following updated with the preview icon CSS class. For a skin named <emphasis role="bold">MySkin</emphasis> then the following needs to be updated: <filename>01eXoResources.war:/skin/DefaultSkin/portal/webui/component/customization/UIChangeSkinForm/Stylesheet.css</filename>.
</para>
<programlisting language="XML" role="XML"><xi:include href="../../extras/PortalDevelopment_Skinning/default188.xml" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
@@ -375,7 +375,7 @@
In order for the skin service to display the window decorators, it must have CSS classes specifically named in relation to the window style name. The service will try and display CSS based on this naming convention. The CSS class must be included as part of the current portal skin for the window decorators to be displayed.
</para>
<para>
- The location of the window decorator CSS classes for the default portal theme is located at: <filename>01eXoResources.war/skin/PortletThemes/Stylesheet.CSS</filename>.
+ The location of the window decorator CSS classes for the default portal theme is located at: <filename>01eXoResources.war/skin/PortletThemes/Stylesheet.css</filename>.
</para>
<para>
</para>
@@ -470,7 +470,7 @@
The portlet specification defines a set of default CSS classes that should be available for portlets. These classes are included as part of the portal skin. Please see the portlet specification for a list of the default classes that should be available.
</para>
<para>
- For the default portal skin, the portlet specification CSS classes are defined in: <filename>01eXoResources.war/skin/Portlet/Stylesheet.CSS</filename>.
+ For the default portal skin, the portlet specification CSS classes are defined in: <filename>01eXoResources.war/skin/Portlet/Stylesheet.css</filename>.
</para>
</section>
Modified: epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/Authentication_Identity_SSO/default105.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/Authentication_Identity_SSO/default105.xml 2011-11-09 21:18:17 UTC (rev 8017)
+++ epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/Authentication_Identity_SSO/default105.xml 2011-11-10 02:39:06 UTC (rev 8018)
@@ -1,10 +1,10 @@
-<!--
<authentication>
<login-module code="org.gatein.sso.agent.login.SSOLoginModule" flag="required">
- </login-module>
+ <module-option name="portalContainerName">portal</module-option>
+ <module-option name="realmName">gatein-domain</module-option>
+ </login-module>
<login-module code="org.exoplatform.services.security.j2ee.JbossLoginModule" flag="required">
<module-option name="portalContainerName">portal</module-option>
<module-option name="realmName">gatein-domain</module-option>
</login-module>
</authentication>
--->
Modified: epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/Authentication_Identity_SSO/default111.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/Authentication_Identity_SSO/default111.xml 2011-11-09 21:18:17 UTC (rev 8017)
+++ epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/Authentication_Identity_SSO/default111.xml 2011-11-10 02:39:06 UTC (rev 8018)
@@ -1,9 +1,10 @@
<authentication>
<login-module code="org.gatein.sso.agent.login.SSOLoginModule" flag="required">
- </login-module>
+ <module-option name="portalContainerName">portal</module-option>
+ <module-option name="realmName">gatein-domain</module-option>
+ </login-module>
<login-module code="org.exoplatform.services.security.j2ee.JbossLoginModule" flag="required">
<module-option name="portalContainerName">portal</module-option>
<module-option name="realmName">gatein-domain</module-option>
</login-module>
-</authentication>
-</programlisting>
+</authentication>
\ No newline at end of file
Modified: epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/Authentication_Identity_SSO/default118.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/Authentication_Identity_SSO/default118.xml 2011-11-09 21:18:17 UTC (rev 8017)
+++ epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/Authentication_Identity_SSO/default118.xml 2011-11-10 02:39:06 UTC (rev 8018)
@@ -1,6 +1,8 @@
<authentication>
<login-module code="org.gatein.sso.agent.login.SSOLoginModule" flag="required">
- </login-module>
+ <module-option name="portalContainerName">portal</module-option>
+ <module-option name="realmName">gatein-domain</module-option>
+ </login-module>
<login-module code="org.exoplatform.services.security.j2ee.JbossLoginModule" flag="required">
<module-option name="portalContainerName">portal</module-option>
<module-option name="realmName">gatein-domain</module-option>
Modified: epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/PortalDevelopment_Skinning/default185.java
===================================================================
--- epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/PortalDevelopment_Skinning/default185.java 2011-11-09 21:18:17 UTC (rev 8017)
+++ epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/PortalDevelopment_Skinning/default185.java 2011-11-10 02:39:06 UTC (rev 8018)
@@ -1 +1 @@
- at import url(/eXoResources/skin/Portlet/Stylesheet.CSS);
+ at import url(/eXoResources/skin/Portlet/Stylesheet.css);
Modified: epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/PortalDevelopment_Skinning/default186.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/PortalDevelopment_Skinning/default186.xml 2011-11-09 21:18:17 UTC (rev 8017)
+++ epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/PortalDevelopment_Skinning/default186.xml 2011-11-10 02:39:06 UTC (rev 8018)
@@ -1,7 +1,7 @@
<gatein-resources>
<portal-skin>
<skin-name>MySkin</skin-name>
- <CSS-path>/skin/myskin.CSS</CSS-path>
+ <CSS-path>/skin/myskin.css</CSS-path>
<overwrite>false</overwrite>
</portal-skin>
</gatein-resources>
Modified: epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/modules/AuthenticationAndIdentity/SSO.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/modules/AuthenticationAndIdentity/SSO.xml 2011-11-09 21:18:17 UTC (rev 8017)
+++ epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/modules/AuthenticationAndIdentity/SSO.xml 2011-11-10 02:39:06 UTC (rev 8018)
@@ -4,9 +4,7 @@
%BOOK_ENTITIES;
]>
<section id="sect-Reference_Guide_eXo_JCR_1.14-SSO_Single_Sign_On">
- <title><remark>
- SSO - Single Sign On
- </remark></title>
+ <title><remark>SSO - Single Sign On</remark></title>
<section id="sect-Reference_Guide_eXo_JCR_1.14-SSO_Single_Sign_On-Overview">
<title>Overview</title>
@@ -57,11 +55,7 @@
<title>Prerequisites</title>
<para>
- In this tutorial, the SSO server is being installed in a Tomcat environment. Tomcat can be obtained from
- <ulink type="http" url="http://tomcat.apache.org">
- http://tomcat.apache.org
- </ulink>
- .
+ In this tutorial, the SSO server is being installed in a Tomcat environment. Tomcat can be obtained from <ulink type="http" url="http://tomcat.apache.org"> http://tomcat.apache.org </ulink> .
</para>
</note>
@@ -77,10 +71,10 @@
<para>
Users are advised to not run any portal extensions that could override the data when manipulating the <filename>gatein.ear</filename> file directly.
</para>
-
- <para>
- Remove <filename>JBOSS_HOME/server/PROFILE/deploy/gatein-sample-extension.ear</filename> and <filename>JBOSS_HOME/server/PROFILE/deploy/gatein-sample-portal.ear</filename> which are packaged by default with &PRODUCT;.
- </para>
+<!-- Removed in GateIn reference-guide
+ <para>
+ Remove <filename>JBOSS_HOME/server/PROFILE/deploy/gatein-sample-extension.ear</filename> and <filename>JBOSS_HOME/server/PROFILE/deploy/gatein-sample-portal.ear</filename> which are packaged by default with JBoss Enterprise Portal Platform.
+ </para> -->
</warning>
</section>
@@ -105,9 +99,7 @@
</para>
<para>
- More info about the JBoss SSO valve can be found at
- <ulink type="http" url="http://docs.redhat.com/docs/en-US/JBoss_Enterprise_Web_Platform/5/html/Administration_And_Configuration_Guide/clustering-http-sso.html" />
- .
+ More info about the JBoss SSO valve can be found at <ulink type="http" url="http://docs.redhat.com/docs/en-US/JBoss_Enterprise_Web_Platform/5/html/Administration_And_Configuration_Guide/clustering-http-sso.html" />.
</para>
<para>
@@ -256,29 +248,13 @@
<step>
<para>
- Navigate to
- <ulink type="http" url="http://localhost:8080/portal/private/classic" />
- and authenticate with the pre-configured user account "
- <systemitem>
- root
- </systemitem>
- " (password "
- <systemitem>
- gtn
- </systemitem>
- ").
+ Navigate to <ulink type="http" url="http://localhost:8080/portal/private/classic" /> and authenticate with the pre-configured user account " <systemitem> root </systemitem> " (password " <systemitem> gtn </systemitem> ").
</para>
</step>
<step>
<para>
- Navigate to
- <ulink type="http" url="http://localhost:8180/portal/private/classic" />
- . You should be automatically authenticated as user
- <systemitem>
- root
- </systemitem>
- on this node as well.
+ Navigate to <ulink type="http" url="http://localhost:8180/portal/private/classic" /> . You should be automatically authenticated as user <systemitem> root </systemitem> on this node as well.
</para>
</step>
</procedure>
@@ -315,11 +291,7 @@
<programlisting language="XML" role="XML"><Valve className="org.jboss.web.tomcat.service.sso.ClusteredSingleSignOn" cookieDomain="yourdomain.com" />
</programlisting>
<para>
- (Where <literal>yourdomain.com</literal> is the domain used in your cluster. For example;
- <ulink type="http" url="http://machine1.yourdomain.com:8080/portal/private/classic" />
- and
- <ulink type="http" url="http://machine2.yourdomain.com:8080/portal/private/classic" />
- )
+ (Where <literal>yourdomain.com</literal> is the domain used in your cluster. For example; <ulink type="http" url="http://machine1.yourdomain.com:8080/portal/private/classic" /> and <ulink type="http" url="http://machine2.yourdomain.com:8080/portal/private/classic" /> )
</para>
</step>
@@ -399,25 +371,13 @@
<step>
<para>
- Navigate to
- <ulink type="http" url="http://localhost:8080/portal/private/classic" />
- and authenticate with the pre-configured user account "
- <systemitem>
- root
- </systemitem>
- " (password "
- <systemitem>
- gtn
- </systemitem>
- ").
+ Navigate to <ulink type="http" url="http://localhost:8080/portal/private/classic" /> and authenticate with the pre-configured user account "<systemitem> root </systemitem>" (password "<systemitem> gtn </systemitem>").
</para>
</step>
<step>
<para>
- Navigate to
- <ulink type="http" url="http://localhost:8080/jmx-console" />
- . You should be automatically authenticated into the JMX Console.
+ Navigate to <ulink type="http" url="http://localhost:8080/jmx-console" />. You should be automatically authenticated into the JMX Console.
</para>
</step>
</procedure>
@@ -426,28 +386,16 @@
<title>Using SSO to Authenticate From the Public Page</title>
<para>
- The previous configuration changes in this section are useful if a user is using a private URL (
- <ulink type="http" url="http://localhost:8080/portal/private/classic" />
- , for example) to log in to the portal instance.
+ The previous configuration changes in this section are useful if a user is using a private URL ( <ulink type="http" url="http://localhost:8080/portal/private/classic" />, for example) to log in to the portal instance.
</para>
</formalpara>
<para>
- Further changes are needed however, if SSO authentication is required to work with the
- <guilabel>
- Sign In
- </guilabel>
- button on the front page of the portal (
- <ulink type="http" url="http://localhost:8080/portal/public/classic" />
- ).
+ Further changes are needed however, if SSO authentication is required to work with the <guilabel>Sign In</guilabel> button on the front page of the portal ( <ulink type="http" url="http://localhost:8080/portal/public/classic" /> ).
</para>
<para>
- To enable this functionality, the
- <guilabel>
- Sign In
- </guilabel>
- link must redirect to the <filename>login.jsp</filename> file edited earlier to call the JAAS authentication directly.
+ To enable this functionality, the <guilabel>Sign In</guilabel> link must redirect to the <filename>login.jsp</filename> file edited earlier to call the JAAS authentication directly.
</para>
<procedure id="proc-Reference_Guide_eXo_JCR_1.14-Enabling_SSO_using_JBoss_SSO_Valve-Redirect_to_Use_SSO_Valve_Authentication">
@@ -485,13 +433,13 @@
<title>Central Authentication Service</title>
<para>
- This Single Sign On plugin enables seamless integration between JBoss Enterprise Portal Platform and the Central Authentication Service (<emphasis role="bold">CAS</emphasis>) Single Sign On Framework. Details about CAS can be found
- <ulink url="http://www.ja-sig.org/products/cas/">
- here
- </ulink>
- .
+ This Single Sign On plugin enables seamless integration between JBoss Enterprise Portal Platform and the Central Authentication Service (<emphasis role="bold">CAS</emphasis>) Single Sign On Framework. Details about CAS can be found <ulink url="http://www.ja-sig.org/cas/"> here </ulink> .
</para>
+ <para>
+ The integration consists of two parts; the first part consists of installing or configuring a CAS server, the second part consists of setting up the portal to use the CAS server.
+ </para>
+
<procedure id="proc-Reference_Guide_eXo_JCR_1.14-CAS_Central_Authentication_Service-CAS_server">
<title>CAS server</title>
@@ -503,12 +451,12 @@
<step>
<para>
- Downloaded CAS from
- <ulink type="http" url="http://www.jasig.org/cas/download">
- http://www.jasig.org/cas/download
- </ulink>
- .
+ Downloaded CAS from <ulink type="http" url="http://www.jasig.org/cas/download"> http://www.jasig.org/cas/download </ulink> .
</para>
+
+ <para>
+ The version, tested with these instructions is <emphasis role="bold">CAS 3.3.5</emphasis>. Other versions may work.
+ </para>
</step>
<step>
@@ -524,11 +472,7 @@
<note>
<para>
- To perform the final build step and complete these instructions you will need the Apache Maven 2. Download it from
- <ulink type="http" url="http://maven.apache.org/download.html">
- here
- </ulink>
- .
+ To perform the final build step and complete these instructions you will need the Apache Maven 2. Download it from <ulink type="http" url="http://maven.apache.org/download.html"> here </ulink> .
</para>
</note>
@@ -562,9 +506,6 @@
with the following (ensure you set the host, port and context with the values corresponding to your portal). Also available in <filename>GATEIN_SSO_HOME/cas/plugin/WEB-INF/deployerConfigContext.xml</filename>.):
</para>
<programlisting language="XML" role="XML"><xi:include href="../../extras/Authentication_Identity_SSO/default103.xml" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
- <para>
- Make sure to set the <emphasis>host</emphasis>, <emphasis>port</emphasis> and <emphasis>context</emphasis> with the values corresponding to your portal (also available in <filename><replaceable>PORTAL_SSO</replaceable>/cas/plugin/WEB-INF/deployerConfigContext.xml</filename>).
- </para>
</step>
<step>
@@ -581,7 +522,7 @@
<step>
<para>
- Edit <filename>TOMCAT_HOME/conf/server.xml</filename> and change the 8080 port to 8888 to avoid a conflict with the default JBoss Enterprise Portal Platform .
+ Edit <filename>TOMCAT_HOME/conf/server.xml</filename> and change the 8080 port to 8888 to avoid a conflict with the default JBoss Enterprise Portal Platform.
</para>
<note>
@@ -605,19 +546,15 @@
</para>
<para>
- Tomcat should start without issue and should be accessible at
- <ulink type="http" url="http://localhost:8888/cas">
- http://localhost:8888/cas
- </ulink>
- .
+ Tomcat should start without issue and should be accessible at <ulink type="http" url="http://localhost:8888/cas"> http://localhost:8888/cas </ulink> .
</para>
-<!-- Removed in gatein commit r7620:
- <note>
- <para>
- At this stage the login functionality will not be available.
- </para>
-
- </note> -->
+
+ <note>
+ <para>
+ At this stage the login functionality will not be available.
+ </para>
+ </note>
+
<mediaobject>
<imageobject>
<imagedata fileref="images/AuthenticationAndIdentity/SSO/cas.png" format="PNG" scale="100" width="444" />
@@ -625,10 +562,8 @@
</mediaobject>
</step>
</procedure>
-<!-- Added in gatein commit r7620 -->
+
<note>
- <remark>Added in gatein commit r7620</remark>
-
<para>
On logout, the CAS server will display the CAS logout page with a link to return to the portal. To make the CAS server redirect to the portal page after a logout, modify the <filename>cas.war/WEB-INF/cas-servlet.xml</filename> to include the follow line :
</para>
@@ -678,11 +613,7 @@
<procedure>
<step>
<para>
- Start (or restart) JBoss Enterprise Portal Platform and direct your web browser to
- <ulink type="http" url="http://localhost:8888/cas">
- http://localhost:8888/cas
- </ulink>
- .
+ Start (or restart) JBoss Enterprise Portal Platform and direct your web browser to <ulink type="http" url="http://localhost:8888/cas"> http://localhost:8888/cas </ulink> .
</para>
</step>
@@ -731,19 +662,8 @@
<para>
Add the following Filters at the top of the filter chain in <filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename>:
</para>
-
-<remark>DOC NOTE: Please check code sample as updated according to gatein r7620</remark>
<programlisting language="XML" role="XML"><xi:include href="../../extras/Authentication_Identity_SSO/default109.xml" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
</step>
-
- <step>
- <remark> This step removed in gatein r7620. Should it be removed here?</remark>
-
- <para>
- Replace the <literal>InitiateLoginServlet</literal> declaration in <filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename> with:
- </para>
-<programlisting language="XML" role="XML"><xi:include href="../../extras/Authentication_Identity_SSO/default110.xml" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
- </step>
</procedure>
<para>
@@ -755,7 +675,7 @@
<title>Java Open Single Sign-On Project</title>
<para>
- This Single Sign On plugin enables seamless integration between JBoss Enterprise Portal Platform and the Java Open Single Sign-On Project (<emphasis role="bold">JOSSO</emphasis>) Single Sign On Framework. Details about JOSSO can be found at <ulink url="http://www.josso.org">www.josso.org</ulink>.
+ This Single Sign On plugin enables seamless integration between JBoss Enterprise Portal Platform and the Java Open Single Sign-On Project (<emphasis role="bold">JOSSO</emphasis>) Single Sign On Framework. Details about JOSSO can be found at <ulink url="http://www.josso.org"> www.josso.org </ulink> .
</para>
<para>
@@ -767,7 +687,7 @@
<step>
<para>
- Download JOSSO from <ulink type="http" url="http://sourceforge.net/projects/josso/files/">http://sourceforge.net/projects/josso/files/</ulink>.
+ Download JOSSO from <ulink type="http" url="http://sourceforge.net/projects/josso/files/"> http://sourceforge.net/projects/josso/files/ </ulink> .
</para>
<note>
@@ -781,14 +701,6 @@
<para>
Extract the package into what will be called <filename>JOSSO_HOME</filename> in this example.
</para>
-
- <warning>
- <title>JOSSO Versions</title>
-
- <para>
- The steps described later are only correct in case of JOSSO v.1.8.1.
- </para>
- </warning>
</step>
</procedure>
@@ -840,11 +752,7 @@
<step>
<para>
- Tomcat will start and allow access to
- <ulink type="http" url="http://localhost:8888/josso/signon/login.do">
- http://localhost:8888/josso/signon/login.do
- </ulink>
- but at this stage login will not be available.
+ Tomcat will start and allow access to <ulink type="http" url="http://localhost:8888/josso/signon/login.do"> http://localhost:8888/josso/signon/login.do </ulink> but at this stage login will not be available.
</para>
<mediaobject>
@@ -860,13 +768,13 @@
<step>
<para>
- Copy the library files from <filename><replaceable>PORTAL_SSO</replaceable>/josso/gatein.ear/lib</filename> into <filename>gatein.ear/lib</filename>
+ Copy the library files from <filename><replaceable>PORTAL_SSO</replaceable>/josso/gatein.ear/lib</filename> into <filename>gatein.ear/lib</filename> (or into <filename>GATEIN_HOME/lib</filename> if the product is running in Tomcat).
</para>
</step>
<step>
<para>
- Copy the <filename><replaceable>PORTAL_SSO</replaceable>/josso/gatein.ear/02portal.war/WEB-INF/classes/josso-agent-config.xml</filename> file into the <filename>gatein.ear/02portal.war/WEB-INF/classes</filename> directory.
+ Copy the <filename><replaceable>PORTAL_SSO</replaceable>/josso/gatein.ear/portal.war/WEB-INF/classes/josso-agent-config.xml</filename> file into the <filename>gatein.ear/02portal.war/WEB-INF/classes</filename> directory (or into <filename>JBOSS_HOME/webapps/portal.war/WEB-INF/classes</filename>, or <filename>GATEIN_HOME/conf</filename> if the product is running in Tomcat).
</para>
</step>
@@ -876,16 +784,25 @@
</para>
<programlisting language="XML" role="XML"><xi:include href="../../extras/Authentication_Identity_SSO/default111.xml" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
</step>
-
+ <step>
+ <para>
+ In Tomcat, edit <filename>JBOSS_HOME/conf/jaas.conf</filename> and uncomment this section:
+ </para>
+<programlisting>org.gatein.sso.agent.login.SSOLoginModule required;
+org.exoplatform.services.security.j2ee.TomcatLoginModule requiredtm
+portalContainerName=portal
+realmName=gatein-domain;
+</programlisting>
+ </step>
<step>
<para>
The installation can be tested at this point.
</para>
- <procedure>
+ <substeps>
<step>
<para>
- Start (or restart) JBoss Enterprise Portal Platform, and (assuming the JOSSO server on Tomcat is running) direct your browser to <ulink type="http" url="http://localhost:8888/josso/signon/login.do">http://localhost:8888/josso/signon/login.do</ulink>.
+ Start (or restart) JBoss Enterprise Portal Platform, and (assuming the JOSSO server on Tomcat is running) direct your browser to <ulink type="http" url="http://localhost:8888/josso/signon/login.do"> http://localhost:8888/josso/signon/login.do </ulink> .
</para>
</step>
@@ -894,7 +811,7 @@
Login with the username <literal>root</literal> and the password <literal>gtn</literal> or any account created through the portal.
</para>
</step>
- </procedure>
+ </substeps>
</step>
</procedure>
@@ -934,25 +851,8 @@
<para>
Add the following Filters to the top of the filter chain in <filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename>:
</para>
-
-<remark>DOC NOTE: Please check code sample as updated according to gatein r7647</remark>
<programlisting language="XML" role="XML"><xi:include href="../../extras/Authentication_Identity_SSO/default115.xml" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
</step>
-
- <step>
- <remark> This step removed in gatein r7647. Should it be removed here?</remark>
-
- <para>
- Replace the <literal>InitiateLoginServlet</literal> declaration in <filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename> with:
- </para>
-<programlisting language="XML" role="XML"><xi:include href="../../extras/Authentication_Identity_SSO/default116.xml" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
- </step>
-
- <step>
- <para>
- Remove the <literal>PortalLoginController</literal> servlet declaration and mapping in <filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename>
- </para>
- </step>
</procedure>
<para>
@@ -972,8 +872,12 @@
<step>
<para>
- OpenSSO must be purchased from <ulink type="http" url="http://www.oracle.com/technetwork/middleware/id-mgmt/overview/index.html">Oracle</ulink>.
+ OpenSSO must be purchased from <ulink type="http" url="http://www.oracle.com/technetwork/middleware/id-mgmt/overview/index.html"> Oracle </ulink> .
</para>
+
+ <para>
+ For testing purpose, use OpenSSO_80U2, which can be downloaded from <ulink type="http" url="http://download.oracle.com/otn/nt/middleware/11g/oracle_opensso_80U2.zip"> Oracle </ulink> .
+ </para>
</step>
<step>
@@ -983,6 +887,16 @@
</step>
</procedure>
+ <note>
+ <para>
+ It is also possible to use OpenAM instead of OpenSSO server. OpenAM is free and the integration steps between Enterprise Portal Platform and OpenAM are very similar as with OpenSSO. More info is available <ulink type="http" url="http://community.jboss.org/wiki/GateInAndOpenAMIntegration"> here </ulink> .
+ </para>
+ </note>
+ </section>
+
+ <section id="sect-Reference_Guide_eXo_JCR-1.14-OpenSSO_server-Modifying_OpenSSO_server">
+ <title>Modifying the OpenSSO server</title>
+
<para>
To configure the web server as required, it is simpler to directly modify the source files.
</para>
@@ -1060,7 +974,7 @@
<step>
<para>
- Tomcat should start and be able to access <ulink type="http" url="http://localhost:8888/opensso/UI/Login?realm=gatein">http://localhost:8888/opensso/UI/Login?realm=gatein</ulink>.
+ Tomcat should start and be able to access <ulink type="http" url="http://localhost:8888/opensso/UI/Login?realm=gatein"> http://localhost:8888/opensso/UI/Login?realm=gatein </ulink> .
</para>
<mediaobject>
@@ -1086,7 +1000,7 @@
<step>
<para>
- Direct your browser to <ulink type="http" url="http://localhost:8888/opensso">http://localhost:8888/opensso</ulink>
+ Direct your browser to <ulink type="http" url="http://localhost:8888/opensso"> http://localhost:8888/opensso </ulink>
</para>
</step>
@@ -1098,16 +1012,15 @@
<step>
<para>
- Login as <literal>admin</literal>.
+ Login as <literal>amadmin</literal>.
</para>
<important>
<para>
- Go to the "<emphasis role="bold">Configuration</emphasis>" tab then to "<emphasis role="bold">Authentication</emphasis>".
+ Go to <menuchoice><guimenu>Configuration</guimenu><guimenuitem>Authentication</guimenuitem></menuchoice> and follow the link to <guilabel>Core</guilabel>
</para>
-
<para>
- Follow the link to "<emphasis role="bold">Core</emphasis>" and add a new value with the class name "<literal>org.gatein.sso.opensso.plugin.AuthenticationPlugin</literal>".
+ Add a new value with the class name <literal>org.gatein.sso.opensso.plugin.AuthenticationPlugin</literal>.
</para>
<para>
@@ -1118,37 +1031,39 @@
<step>
<para>
- Go to the "<emphasis role="bold">Access control</emphasis>" tab and create new realm called "<literal>gatein</literal>".
+ Go to the <guilabel>Access control</guilabel> tab and create new realm called <literal>gatein</literal>.
</para>
</step>
<step>
- <substeps>
- <step>
- <para>
- Go to the new "<literal>gatein</literal>" realm and click on the "<emphasis role="bold">Authentication</emphasis>" tab.
- </para>
- </step>
- <step>
+ <substeps>
+ <step>
<para>
- Click on "<emphasis role="bold">ldapService</emphasis>" (at the bottom in the "Authentication chaining" section).
+ Go to the new <literal>gatein</literal> realm and click on the <guilabel>Authentication</guilabel> tab.
</para>
</step>
<step>
<para>
- Change the selection from "<literal>Datastore</literal>", which is the default module in the authentication chain, to "<literal>AuthenticationPlugin</literal>".
+ Click on <guilabel>ldapService</guilabel> (at the bottom in the <guilabel>Authentication chaining</guilabel> section).
</para>
</step>
- </substeps>
+
+ <step>
+ <para>
+ Change the selection from <literal>Datastore</literal>, which is the default module in the authentication chain, to <literal>AuthenticationPlugin</literal>.
+ </para>
+ </step>
+ </substeps>
+
<para>
- These changes enable authentication of the "<literal>gatein</literal>" realm using the <literal>GateIn REST</literal> service instead of the OpenSSO LDAP server.
+ These changes enable authentication of the <literal>gatein</literal> realm using the <literal>GateIn REST</literal> service instead of the OpenSSO LDAP server.
</para>
</step>
<step>
<para>
- Go to "<emphasis role="bold">Advanced properties</emphasis>" and change <literal>UserProfile</literal> from "<parameter>Required</parameter>" to "<parameter>Dynamic</parameter>" to ensure all new users are automatically created in the OpenSSO datastore after successful authentication.
+ Go to <guilabel>Advanced properties</guilabel> and change <literal>UserProfile</literal> from <parameter>Required</parameter> to <parameter>Dynamic</parameter> to ensure all new users are automatically created in the OpenSSO datastore after successful authentication.
</para>
</step>
@@ -1156,12 +1071,14 @@
<para>
Increase the user privileges to allow REST access with the following procedure:
</para>
- <substeps>
- <step>
+
+ <substeps>
+ <step>
<para>
- Go to "<emphasis role="bold">Access control</emphasis>", then <emphasis role="bold">Top level realm</emphasis>, then click on the "<emphasis role="bold">Privileges</emphasis>" tab and go to "<emphasis role="bold">All authenticated users</emphasis>".
+ Go to <menuchoice><guimenu>Access control</guimenu><guimenuitem>Top level realm</guimenuitem><guimenuitem>Privileges</guimenuitem><guimenuitem>All authenticated users</guimenuitem></menuchoice>.
</para>
</step>
+
<step>
<para>
Check the last two checkboxes:
@@ -1181,7 +1098,7 @@
</listitem>
</itemizedlist>
</step>
- </substeps>
+ </substeps>
</step>
<step>
@@ -1190,6 +1107,10 @@
</para>
</step>
</procedure>
+ </section>
+
+ <section id="sect-Reference_Guide_eXo_JCR_1.14-OpenSSO_The_Open_Web_SSO_project-Setup_the_OpenSSO_client">
+ <title>Setup the OpenSSO Client</title>
<procedure id="proc-Reference_Guide_eXo_JCR_1.14-OpenSSO_The_Open_Web_SSO_project-Setup_the_OpenSSO_client">
<title>Setup the OpenSSO client</title>
@@ -1200,20 +1121,20 @@
</para>
<para>
- Alternatively, in a Tomcat environment, copy the libraries into the <filename>GATEIN_HOME/lib</filename> directory.
+ Alternatively, in a Tomcat environment, copy the libraries into the <filename>JBOSS_HOME/lib</filename> directory.
</para>
</step>
<step>
<para>
- Edit the <filename>jboss-as/server/<replaceable>PROFILE</replaceable>/deploy/gatein.ear/META-INF/gatein-jboss-beans.xml</filename> and uncomment this section:
+ Edit the <filename>jboss-as/server/<replaceable><PROFILE></replaceable>/deploy/gatein.ear/META-INF/gatein-jboss-beans.xml</filename> and uncomment this section:
</para>
<programlisting language="XML" role="XML"><xi:include href="../../extras/Authentication_Identity_SSO/default118.xml" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
</step>
<step>
<para>
- If you are running &PRODUCT; in Tomcat, edit $GATEIN_HOME/conf/jaas.conf, uncomment on this section and comment other parts:
+ If you are running the product in Tomcat, edit <replaceable><JBOSS_HOME></replaceable>/conf/jaas.conf, uncomment the following section and comment all other sections:
</para>
<programlisting>org.gatein.sso.agent.login.SSOLoginModule required;
org.exoplatform.services.security.j2ee.TomcatLoginModule required
@@ -1230,7 +1151,7 @@
<procedure>
<step>
<para>
- Access JBoss Enterprise Portal Platform by going to <ulink type="http" url="http://localhost:8888/opensso/UI/Login?realm=gatein">http://localhost:8888/opensso/UI/Login?realm=gatein</ulink> (assuming that the OpenSSO server using Tomcat is still running).
+ Access JBoss Enterprise Portal Platform by going to <ulink type="http" url="http://localhost:8888/opensso/UI/Login?realm=gatein"> http://localhost:8888/opensso/UI/Login?realm=gatein </ulink> (assuming that the OpenSSO server using Tomcat is still running).
</para>
</step>
@@ -1242,6 +1163,10 @@
</procedure>
</step>
</procedure>
+ </section>
+
+ <section id="sect-Reference_Guide_eXo_JCR_1.14-OpenSSO_The_Open_Web_SSO_project-Setup_the_portal_to_redirect_to_OpenSSO">
+ <title>Setup the portal to redirect to OpenSSO</title>
<para>
The next part of the process is to redirect all user authentication to the OpenSSO server.
@@ -1281,15 +1206,6 @@
</para>
<programlisting language="XML" role="XML"><xi:include href="../../extras/Authentication_Identity_SSO/default122.xml" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
</step>
-<!--<step>
- <remark> This step removed in gatein r7647. Should it be removed here?</remark>
- <para>
- Replace the <literal>InitiateLoginServlet</literal> declaration in <filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename> with:
- </para>
-
-<programlisting language="XML" role="XML"><xi:include href="../../extras/Authentication_Identity_SSO/default123.xml" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
-
- </step>-->
</procedure>
<para>
@@ -1329,7 +1245,7 @@
<step>
<para>
- JBoss EAP/AS uses background GSS messages with the Active Directory (or any Kerberos Server) to validate the user.
+ JBoss EAP/AS uses background GSS messages with the Active Directory (or any Kerberos Server) to validate the Kerberos ticket from user.
</para>
</step>
@@ -1340,26 +1256,33 @@
</step>
</procedure>
- <para>
- JBoss Enterprise Portal Platform uses JBoss Negotiation to enable SPNEGO-based desktop SSO.
- </para>
-
- <para>
- The following procedure outlines how to integrate SPNEGO with the JBoss Enterprise Portal Platform.
- </para>
- <note>
- <title>SPNEGO Basics</title>
+ <section id="SPNEGO_server_configuration">
+ <title>SPNEGO Server Configuration</title>
+
+ <para>
+ In this section, we will describe some necessary steps for setup Kerberos server on Linux. This server will then be used for SPNEGO authentication against JBoss Enterprise Portal Platform.
+ </para>
+
+ <note>
+ <title>SPNEGO Basics</title>
+
<para>
- The procedure below only describes the basic steps to configure the SPNEGO server. If you are already familiar with SPNEGO, you can jump to the
+ The procedure below only describes the basic steps to configure the SPNEGO server in a Linux environment. If you are already familiar with SPNEGO, or if you are using Windows and Active Directory domain, you can jump to the
<xref linkend="proc-Reference_Guide_eXo_JCR_1.14-SPNEGO_Simple_and_Protected_GSSAPI_Negotiation_Mechanism-Advanced_SPNEGO_Configuration" />
to see how to integrate SPNEGO with JBoss Enterprise Portal Platform.
</para>
+
+ <para>
+ Please note that Kerberos setup is also dependent on your Linux distribution and so steps can be slightly different in your environment.
+ </para>
</note>
- <procedure id="proc-Reference_Guide_eXo_JCR_1.14-SPNEGO_Simple_and_Protected_GSSAPI_Negotiation_Mechanism-SPNEGO_Basics">
- <title>SPNEGO Basics</title>
+
+ <procedure id="proc-Reference_Guide_eXo_JCR_1.14-SPNEGO_Simple_and_Protected_GSSAPI_Negotiation_Mechanism-SPNEGO_Basics">
+ <title>SPNEGO Basics</title>
+
<step>
<para>
- Correct the setup of network on the machine. For example, if you are using the "server.local.network" domain as your machine where Kerberos and &PRODUCT; are localed, add the line containing the machine's IP address to the <emphasis role="bold">/etc/host </emphasis> file.
+ Correct the setup of network on the machine. For example, if you are using the "server.local.network" domain as your machine where Kerberos and JBoss Enterprise Portal Platform are localed, add the line containing the machine's IP address to the <emphasis role="bold">/etc/host </emphasis> file.
</para>
<programlisting>
192.168.1.88 server.local.network
@@ -1557,111 +1480,168 @@
<itemizedlist>
<listitem>
<para>
- If the setup works well, you are required to enter the password created for this user in Step 5.
+ If the setup works well, you are required to enter the password created for this user in Step 5. Without the -A, the kerberos ticket validation involved reverse DNS lookups, which can get very cumbersome to debug if your network's DNS setup is not great. This is a production level security feature, which is not necessary in this development setup. In production environment, it will be better to avoid -A option.
</para>
</listitem>
<listitem>
<para>
- If you want to login with another user, use this command.
+ After successful login to Kerberos, you can see your Kerberos ticket when using this command.
</para>
<programlisting>
+klist
+</programlisting>
+ </listitem>
+
+ <listitem>
+ <para>
+ If you want to logout and destroy your ticket, use this command.
+ </para>
+<programlisting>
kdestroy
</programlisting>
</listitem>
</itemizedlist>
</step>
</procedure>
- <procedure id="proc-Reference_Guide_eXo_JCR_1.14-SPNEGO_Simple_and_Protected_GSSAPI_Negotiation_Mechanism-Advanced_SPNEGO_Configuration">
- <title>Advanced SPNEGO Configuration</title>
- <step>
- <para>
- Activate the Host authentication. Add the following host login module to the <filename>jboss-as/server/<replaceable>PROFILE</replaceable>/conf/login-config.xml</filename>:
- </para>
-<programlisting language="XML" role="XML"><xi:include href="../../extras/Authentication_Identity_SSO/default124.xml" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
- <para>
- The '<literal>keyTab</literal>' value should point to the keytab file that was generated by the <literal>kadmin</literal> Kerberos tool. See the
- <xref linkend="proc-Reference_Guide_eXo_JCR_1.14-SPNEGO_Simple_and_Protected_GSSAPI_Negotiation_Mechanism-SPNEGO_Basics"/> for more details.
- </para>
- </step>
+ </section>
+
+ <section id="Single_Sign_On-CAS_Central_Clients">
+ <title>Clients</title>
- <step>
- <para>
- Extend the core authentication mechanisms to support SPNEGO. Under <filename>deployers/jbossweb.deployer/META-INF/war-deployers-jboss-beans.xml</filename>, add a '<literal>SPNEGO</literal>' authenticators property
- </para>
-<programlisting language="XML" role="XML"><xi:include href="../../extras/Authentication_Identity_SSO/default125.xml" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
- </step>
+ <para>
+ After performing all configurations above, you need to enable the <emphasis role="bold">Negotiate authentication </emphasis> of Firefox in client machines so that clients could be authenticated by JBoss Enterprise Portal Platform as follows:
+ </para>
- <step>
- <para>
- Add the Gatein SSO module binaries by adding <filename><replaceable>PORTAL_SSO</replaceable>/spnego/gatein.ear/lib/sso-agent.jar</filename> and <filename><replaceable>PORTAL_SSO</replaceable>/spnego/gatein.ear/lib/spnego-<replaceable>VERSION</replaceable>-epp-GA.jar</filename> to <filename>deploy/gatein.ear/lib</filename>.
- </para>
- </step>
+ <procedure>
+ <step>
+ <para>
+ Start Firefox, then enter the command: <emphasis role="bold">about:config </emphasis> into the address field.
+ </para>
+ </step>
+
+ <step>
+ <para>
+ Enter <emphasis role="bold">network.negotiate-auth</emphasis> and set the value as below:
+ </para>
+<programlisting>
+network.negotiate-auth.allow-proxies = true
+network.negotiate-auth.delegation-uris = .local.network
+network.negotiate-auth.gsslib (no-value)
+network.negotiate-auth.trusted-uris = .local.network
+network.negotiate-auth.using-native-gsslib = true
+</programlisting>
+ </step>
+ </procedure>
- <step>
+ <note>
<para>
- Modifying <filename>deploy/gatein.ear/META-INF/gatein-jboss-beans.xml</filename> to match the following:
+ Consult documentation of your OS or web browser if using different browser than Firefox.
</para>
-<programlisting language="XML" role="XML"><xi:include href="../../extras/Authentication_Identity_SSO/default126.xml" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
- <para>
- This activates the SPNEGO <literal>LoginModule</literal> for use with JBoss Enterprise Portal Platform.
- </para>
- </step>
+ </note>
+ </section>
+
+ <section id="Single_Sign_On-SPNEGO-GateIn_Configuration">
+ <title>JBoss Enterprise Portal Platform Configuration</title>
- <step>
- <para>
- Modify <filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename> to match:
- </para>
-<programlisting language="XML" role="XML"><xi:include href="../../extras/Authentication_Identity_SSO/default127.xml" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
- <para>
- This integrates SPNEGO support into the Portal web archive by switching authentication mechanism from the default "<literal>FORM</literal>"-based to "<literal>SPNEGO</literal>"-based authentication.
- </para>
- </step>
+ <para>
+ JBoss Enterprise Portal Platform uses JBoss Negotiation to enable SPNEGO-based desktop SSO for the portal. Here are the steps to integrate SPNEGO with JBoss Enterprise Portal Platform.
+ </para>
- <step>
- <para>
- Add the following filters to the top of the Filter chain in the <filename>web.xml</filename> file:
- </para>
+ <procedure id="proc-Reference_Guide_eXo_JCR_1.14-SPNEGO_Simple_and_Protected_GSSAPI_Negotiation_Mechanism-Advanced_SPNEGO_Configuration">
+ <title>Advanced SPNEGO Configuration</title>
+
+ <step>
+ <para>
+ Activate the Host authentication. Add the following host login module to the <filename>jboss-as/server/<replaceable>PROFILE</replaceable>/conf/login-config.xml</filename>:
+ </para>
+<programlisting language="XML" role="XML"><xi:include href="../../extras/Authentication_Identity_SSO/default124.xml" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
+ <para>
+ The '<literal>keyTab</literal>' value should point to the keytab file that was generated by the <literal>kadmin</literal> Kerberos tool. When using Kerberos on Linux, it should be value of parameter <emphasis role="bold">admin_keytab</emphasis> from kdc.conf file. See the
+ <xref linkend="proc-Reference_Guide_eXo_JCR_1.14-SPNEGO_Simple_and_Protected_GSSAPI_Negotiation_Mechanism-SPNEGO_Basics"/>
+ for more details.
+ </para>
+ </step>
+
+ <step>
+ <para>
+ Extend the core authentication mechanisms to support SPNEGO. Under <filename>deployers/jbossweb.deployer/META-INF/war-deployers-jboss-beans.xml</filename>, add a '<literal>SPNEGO</literal>' authenticators property
+ </para>
+<programlisting language="XML" role="XML"><xi:include href="../../extras/Authentication_Identity_SSO/default125.xml" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
+ </step>
+
+ <step>
+ <para>
+ Add the GateIn SSO module binaries by copying <emphasis role="bold">GATEIN_SSO_HOME/spnego/gatein.ear/lib/sso-agent-VERSION.jar</emphasis> to the <emphasis role="bold">JBOSS_HOME/server/default/deploy/gatein.ear/lib</emphasis> directory. File <emphasis role="bold">GATEIN_SSO_HOME/spnego/gatein.ear/lib/spnego-VERSION.jar</emphasis> needs to be copied to the <emphasis role="bold">JBOSS_HOME/server/default/lib</emphasis> directory.
+ </para>
+ </step>
+<!-- This step not required as EPP already has the correct version of Negotiation 2.0.4.GA
+ <step>
+ <para>
+ Download library <filename>jboss-negotiation-2.0.4.GA</filename> from location
+ <ulink type="html" url="https://repository.jboss.org/nexus/content/groups/public/org/jboss/security/jboss-negotiation/2.0.4.GA/jboss-negotiation-2.0.4.GA.jar">https://repository.jboss.org/nexus/content/groups/public/org/jboss/security/jboss-negotiation/2.0.4.GA/jboss-negotiation-2.0.4.GA.jar</ulink>
+ and copy this file to <filename>JBOSS_HOME/server/default/lib</filename> directory as well.
+ </para>
+ </step>
+ -->
+ <step>
+ <para>
+ Modify the <filename>deploy/gatein.ear/META-INF/gatein-jboss-beans.xml</filename> file to match the following:
+ </para>
+<programlisting language="XML" role="XML"><xi:include href="../../extras/Authentication_Identity_SSO/default126.xml" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
+ <para>
+ This activates SPNEGO LoginModules with fallback to FORM authentication. When SPNEGO is not available and it needs to fallback to FORM, it will use <emphasis role="bold">gatein-form-auth-domain</emphasis> security domain.
+ </para>
+ </step>
+
+ <step>
+ <para>
+ Modify <filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename> to match:
+ </para>
+<programlisting language="XML" role="XML"><xi:include href="../../extras/Authentication_Identity_SSO/default127.xml" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
+ <para>
+ Integrate the request pre-processing needed for SPNEGO via filters by adding the following filters to the <emphasis role="bold">JBOSS_HOME/server/default/deploy/gatein.ear/02portal.war/WEB-INF/web.xml</emphasis> at the top of the Filter chain.
+ </para>
<programlisting language="XML" role="XML"><xi:include href="../../extras/Authentication_Identity_SSO/default128.xml" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
- <para>
- This integrates request pre-processing needed for SPNEGO.
- </para>
- </step>
-
- <step>
- <para>
- Edit the '<emphasis role="bold">Sign In</emphasis>' link in <filename><replaceable>JBOSS_HOME</replaceable>/server/<replaceable>PROFILE</replaceable>/deploy/gatein.ear/web.war/groovy/groovy/webui/component/UIBannerPortlet.gtmpl</filename> to match the following:
- </para>
+ <para>
+ This integrates request pre-processing needed for SPNEGO.
+ </para>
+ </step>
+
+ <step>
+ <para>
+ Edit the '<emphasis role="bold">Sign In</emphasis>' link in <filename><replaceable>JBOSS_HOME</replaceable>/server/<replaceable>PROFILE</replaceable>/deploy/gatein.ear/web.war/groovy/groovy/webui/component/UIBannerPortlet.gtmpl</filename> to match the following:
+ </para>
<programlisting language="Java" role="Java"><xi:include href="../../extras/Authentication_Identity_SSO/default129.java" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
- <para>
- This modifies the Portal's '<emphasis role="bold">Sign In</emphasis>' link to perform SPNEGO authentication.
- </para>
- </step>
-
- <step>
- <para>
- Start the JBoss Enterprise Portal Platform;
- </para>
+ </step>
+
+ <step>
+ <para>
+ Start the JBoss Enterprise Portal Platform;
+ </para>
<programlisting language="Java" role="Java"><xi:include href="../../extras/Authentication_Identity_SSO/default130.java" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
- <para>
- The <replaceable>PROFILE</replaceable> parameter in the above command should be replaced with the server profile modified with the above configuration.
- </para>
- </step>
-
- <step>
- <para>
- Login to Kerberos:
- </para>
+ <para>
+ The <replaceable>PROFILE</replaceable> parameter in the above command should be replaced with the server profile modified with the above configuration.
+ </para>
+ </step>
+
+ <step>
+ <para>
+ Login to Kerberos:
+ </para>
<programlisting>kinit -A demo
</programlisting>
- </step>
- </procedure>
-
- <para>
- Clicking the 'Sign In' link on the JBoss Enterprise Portal Platform should automatically sign the 'demo' user into the portal.
- </para>
- </section>
-
+ </step>
+ </procedure>
+
+ <para>
+ Clicking the 'Sign In' link on the JBoss Enterprise Portal Platform should automatically sign the 'demo' user into the portal.
+ </para>
+
+ <para>
+ If you destroy your kerberos ticket with command <command>kdestroy</command>, then try to login again, you will directed to the login screen of JBoss Enterprise Portal Product because you don't have active Kerberos ticket. You can login with predefined account and password "demo"/"gtn" .
+ </para>
+ </section>
<section>
<title>Clients</title>
<para>After performing all configurations above, you need to enable the <emphasis role="bold">Negotiate authentication </emphasis> of Firefox in clients so that clients can be authenticated by JBoss Enterprise Portal Platform as follows:
@@ -1686,4 +1666,5 @@
</step>
</procedure>
</section>
+ </section>
</section>
Modified: epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/modules/Introduction.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/modules/Introduction.xml 2011-11-09 21:18:17 UTC (rev 8017)
+++ epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/modules/Introduction.xml 2011-11-10 02:39:06 UTC (rev 8018)
@@ -4,119 +4,119 @@
%BOOK_ENTITIES;
]>
<chapter id="chap-Reference_Guide_eXo_JCR_1.14-Introduction">
- <title>Introduction</title>
- <para>
- JBoss Enterprise Portal Platform is based on the GateIn project which is the merge of two mature Java projects; JBoss Portal and eXo Portal. This new community project takes the best of both offerings and incorporates them into a single portal framework. The aim is to provide an intuitive user-friendly portal, and a framework to address the needs of today's Web 2.0 applications.
- </para>
- <mediaobject>
- <imageobject role="html">
- <imagedata align="center" fileref="images/Common/Frontpage.png" format="PNG" scale="100" width="444" />
- </imageobject>
- <imageobject role="fo">
- <imagedata align="center" contentwidth="150mm" fileref="images/Common/Frontpage.png" format="PNG" width="444" />
- </imageobject>
+ <title>Introduction</title>
+ <para>
+ JBoss Enterprise Portal Platform is based on the GateIn project which is the merge of two mature Java projects; JBoss Portal and eXo Portal. This new community project takes the best of both offerings and incorporates them into a single portal framework. The aim is to provide an intuitive user-friendly portal, and a framework to address the needs of today's Web 2.0 applications.
+ </para>
+ <mediaobject>
+ <imageobject role="html">
+ <imagedata align="center" fileref="images/Common/Frontpage.png" format="PNG" scale="100" width="444" />
+ </imageobject>
+ <imageobject role="fo">
+ <imagedata align="center" contentwidth="150mm" fileref="images/Common/Frontpage.png" format="PNG" width="444" />
+ </imageobject>
- </mediaobject>
- <para>
- This book provides a deep-dive information about installation and configuration of the services provided by JBoss Enterprise Portal Platform.
- </para>
- <note>
- <title>Notational Devices</title>
- <para>
- Along with the <emphasis>Document Conventions</emphasis> outlined in the <xref linkend="pref-Reference_Guide_eXo_JCR_1.14-Preface" />, this document will also use the following notational devices:
- <variablelist id="vari-Reference_Guide_eXo_JCR_1.14-Introduction-Devices">
- <title>Devices</title>
- <varlistentry>
- <term><replaceable><JBOSS_HOME></replaceable></term>
- <listitem>
- <para>
- This device will refer to the <application>JBoss Application Server</application> (<filename>jboss-as</filename>) directory deployed in JBoss Enterprise Portal Platform by default.
- </para>
- <para>
- Therefore, if your JBoss Enterprise Portal Platform instance is deployed into a directory called <filename>jboss-epp-&VZ;/</filename>, your <replaceable><JBOSS_HOME></replaceable> directory would be <filename>jboss-epp-&VZ;/jboss-as/</filename>.
- </para>
+ </mediaobject>
+ <para>
+ This book provides a deep-dive information about installation and configuration of the services provided by JBoss Enterprise Portal Platform.
+ </para>
+ <note>
+ <title>Notational Devices</title>
+ <para>
+ Along with the <emphasis>Document Conventions</emphasis> outlined in the <xref linkend="pref-Reference_Guide_eXo_JCR_1.14-Preface" />, this document will also use the following notational devices:
+ <variablelist id="vari-Reference_Guide_eXo_JCR_1.14-Introduction-Devices">
+ <title>Devices</title>
+ <varlistentry>
+ <term><replaceable><JBOSS_HOME></replaceable></term>
+ <listitem>
+ <para>
+ This device will refer to the <application>JBoss Application Server</application> (<filename>jboss-as</filename>) directory deployed in JBoss Enterprise Portal Platform by default.
+ </para>
+ <para>
+ Therefore, if your JBoss Enterprise Portal Platform instance is deployed into a directory called <filename>jboss-epp-&VY;/</filename>, your <replaceable><JBOSS_HOME></replaceable> directory would be <filename>jboss-epp-&VY;/jboss-as/</filename>.
+ </para>
- </listitem>
+ </listitem>
- </varlistentry>
- <varlistentry>
- <term><replaceable><PROFILE></replaceable></term>
- <listitem>
- <para>
- This device will usually follow an instance of <replaceable><JBOSS_HOME></replaceable> in a file path and refers to the directory that contains the server profile your JBoss Enterprise Portal Platform instance is configured to use.
- </para>
- <para>
- JBoss Enterprise Portal Platform comes with six profiles by default; <emphasis role="bold">all</emphasis>, <emphasis role="bold">default</emphasis>, <emphasis role="bold">minimal</emphasis>, <emphasis role="bold">production</emphasis>, <emphasis role="bold">standard</emphasis> and <emphasis role="bold">web</emphasis>. These profiles are found in the <filename><replaceable><JBOSS_HOME></replaceable>/server/</filename> directory.
- </para>
- <para>
- Therefore, if you are using the <emphasis>default</emphasis> profile, your <replaceable><PROFILE></replaceable> directory would be <filename><replaceable><JBOSS_HOME></replaceable>/server/default/</filename>
- </para>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable><PROFILE></replaceable></term>
+ <listitem>
+ <para>
+ This device will usually follow an instance of <replaceable><JBOSS_HOME></replaceable> in a file path and refers to the directory that contains the server profile your JBoss Enterprise Portal Platform instance is configured to use.
+ </para>
+ <para>
+ JBoss Enterprise Portal Platform comes with six profiles by default; <emphasis role="bold">all</emphasis>, <emphasis role="bold">default</emphasis>, <emphasis role="bold">minimal</emphasis>, <emphasis role="bold">production</emphasis>, <emphasis role="bold">standard</emphasis> and <emphasis role="bold">web</emphasis>. These profiles are found in the <filename><replaceable><JBOSS_HOME></replaceable>/server/</filename> directory.
+ </para>
+ <para>
+ Therefore, if you are using the <emphasis>default</emphasis> profile, your <replaceable><PROFILE></replaceable> directory would be <filename><replaceable><JBOSS_HOME></replaceable>/server/default/</filename>
+ </para>
- </listitem>
+ </listitem>
- </varlistentry>
+ </varlistentry>
- </variablelist>
+ </variablelist>
- </para>
+ </para>
- </note>
- <section id="sect-Reference_Guide_eXo_JCR_1.14-Introduction-Related_Links">
- <title>Related Links</title>
- <variablelist>
- <varlistentry>
- <term>Technical documentation</term>
- <listitem>
- <para>
- Other technical documentation, including an <emphasis role="bold">Installation Guide</emphasis>, and a <emphasis role="bold">User Guide</emphasis> can be found at <ulink type="http" url="http://www.redhat.com/docs/en-US/JBoss_Enterprise_Portal_Platform">www.redhat.com/docs</ulink>
- </para>
+ </note>
+ <section id="sect-Reference_Guide_eXo_JCR_1.14-Introduction-Related_Links">
+ <title>Related Links</title>
+ <variablelist>
+ <varlistentry>
+ <term>Technical documentation</term>
+ <listitem>
+ <para>
+ Other technical documentation, including an <emphasis role="bold">Installation Guide</emphasis>, and a <emphasis role="bold">User Guide</emphasis> can be found at <ulink type="http" url="http://www.redhat.com/docs/en-US/JBoss_Enterprise_Portal_Platform">www.redhat.com/docs</ulink>
+ </para>
- </listitem>
+ </listitem>
- </varlistentry>
- <varlistentry>
- <term>Non-technical documentation</term>
- <listitem>
- <para>
- Links to non-technical documents are included on the front page of the portal:
- </para>
- <mediaobject>
- <imageobject role="html">
- <imagedata align="center" fileref="images/Common/Non-tech-docs.png" format="PNG" scale="90" width="444" />
- </imageobject>
- <imageobject role="fo">
- <imagedata align="center" contentwidth="130mm" fileref="images/Common/Non-tech-docs.png" format="PNG" width="444" />
- </imageobject>
+ </varlistentry>
+ <varlistentry>
+ <term>Non-technical documentation</term>
+ <listitem>
+ <para>
+ Links to non-technical documents are included on the front page of the portal:
+ </para>
+ <mediaobject>
+ <imageobject role="html">
+ <imagedata align="center" fileref="images/Common/Non-tech-docs.png" format="PNG" scale="90" width="444" />
+ </imageobject>
+ <imageobject role="fo">
+ <imagedata align="center" contentwidth="130mm" fileref="images/Common/Non-tech-docs.png" format="PNG" width="444" />
+ </imageobject>
- </mediaobject>
+ </mediaobject>
- </listitem>
+ </listitem>
- </varlistentry>
- <varlistentry>
- <term>Videos</term>
- <listitem>
- <para>
- A link to <ulink type="http" url="http://vimeo.com/channels/gatein">videos</ulink> related to the JBoss Enterprise Portal Platform is also included on the front page:
- </para>
- <mediaobject>
- <imageobject role="html">
- <imagedata align="center" fileref="images/Common/Videos.png" format="PNG" scale="90" width="444" />
- </imageobject>
- <imageobject role="fo">
- <imagedata align="center" contentwidth="130mm" fileref="images/Common/Videos.png" format="PNG" width="444" />
- </imageobject>
+ </varlistentry>
+ <varlistentry>
+ <term>Videos</term>
+ <listitem>
+ <para>
+ A link to <ulink type="http" url="http://vimeo.com/channels/gatein">videos</ulink> related to the JBoss Enterprise Portal Platform is also included on the front page:
+ </para>
+ <mediaobject>
+ <imageobject role="html">
+ <imagedata align="center" fileref="images/Common/Videos.png" format="PNG" scale="90" width="444" />
+ </imageobject>
+ <imageobject role="fo">
+ <imagedata align="center" contentwidth="130mm" fileref="images/Common/Videos.png" format="PNG" width="444" />
+ </imageobject>
- </mediaobject>
+ </mediaobject>
- </listitem>
+ </listitem>
- </varlistentry>
+ </varlistentry>
- </variablelist>
+ </variablelist>
- </section>
-
+ </section>
+
</chapter>
Modified: epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/modules/PortalDevelopment/Skinning.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/modules/PortalDevelopment/Skinning.xml 2011-11-09 21:18:17 UTC (rev 8017)
+++ epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/modules/PortalDevelopment/Skinning.xml 2011-11-10 02:39:06 UTC (rev 8018)
@@ -176,7 +176,7 @@
JBoss Enterprise Portal Platform automatically discovers web archives that contain a file descriptor for skins (<filename>WEB-INF/gatein-resources.xml</filename>). This file is responsible for specifying the portal, portlet and window decorators to be deployed into the skin service.
</para>
<para>
- The full schema can be found at: <ulink type="http" url="http://www.gatein.org/xml/ns/gatein_resources_1_0" />.
+ The full schema can be found at: <ulink type="http" url="http://www.gatein.org/xml/ns/gatein_resources_1_2" />.
</para>
<para>
Below is an example of where to define a skin (<literal>MySkin</literal>) with its CSS location, and specify some window decorator skins:
@@ -236,7 +236,7 @@
</varlistentry>
<varlistentry>
- <term>skin/Stylesheet.CSS</term>
+ <term>skin/Stylesheet.css</term>
<listitem>
<para>
This file is the main portal skin stylesheet. It is the main entry point to the CSS class definitions for the skin. The main content points of this file are:
@@ -361,7 +361,7 @@
In order for the default skin to display the skin icon for a new portal skin, the preview screenshot needs to be placed in: <filename>01eXoResources.war:/skin/DefaultSkin/portal/webui/component/customization/UIChangeSkinForm/background</filename>.
</para>
<para>
- The CSS stylesheet for the default portal needs to have the following updated with the preview icon CSS class. For a skin named <emphasis role="bold">MySkin</emphasis> then the following needs to be updated: <filename>01eXoResources.war:/skin/DefaultSkin/portal/webui/component/customization/UIChangeSkinForm/Stylesheet.CSS</filename>.
+ The CSS stylesheet for the default portal needs to have the following updated with the preview icon CSS class. For a skin named <emphasis role="bold">MySkin</emphasis> then the following needs to be updated: <filename>01eXoResources.war:/skin/DefaultSkin/portal/webui/component/customization/UIChangeSkinForm/Stylesheet.css</filename>.
</para>
<programlisting language="XML" role="XML"><xi:include href="../../extras/PortalDevelopment_Skinning/default188.xml" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
@@ -417,7 +417,7 @@
In order for the skin service to display the window decorators, it must have CSS classes specifically named in relation to the window style name. The service will try and display CSS based on this naming convention. The CSS class must be included as part of the current portal skin for the window decorators to be displayed.
</para>
<para>
- The location of the window decorator CSS classes for the default portal theme is located at: <filename>01eXoResources.war/skin/PortletThemes/Stylesheet.CSS</filename>.
+ The location of the window decorator CSS classes for the default portal theme is located at: <filename>01eXoResources.war/skin/PortletThemes/Stylesheet.css</filename>.
</para>
<para>
@@ -522,7 +522,7 @@
The portlet specification defines a set of default CSS classes that should be available for portlets. These classes are included as part of the portal skin. Please see the portlet specification for a list of the default classes that should be available.
</para>
<para>
- For the default portal skin, the portlet specification CSS classes are defined in: <filename>01eXoResources.war/skin/Portlet/Stylesheet.CSS</filename>.
+ For the default portal skin, the portlet specification CSS classes are defined in: <filename>01eXoResources.war/skin/Portlet/Stylesheet.css</filename>.
</para>
</section>
More information about the gatein-commits
mailing list