Author: rhauch Date: 2009-06-07 20:03:34 -0400 (Sun, 07 Jun 2009) New Revision: 990 Modified: trunk/.gitignore trunk/dna-graph/src/main/java/org/jboss/dna/graph/ExecutionContext.java trunk/dna-jcr/src/test/java/org/jboss/dna/jcr/JcrRepositoryTest.java trunk/dna-jcr/src/test/java/org/jboss/dna/jcr/JcrTckTest.java trunk/docs/examples/gettingstarted/pom.xml trunk/docs/examples/gettingstarted/repositories/src/main/java/org/jboss/example/dna/repository/RepositoryClient.java trunk/docs/examples/gettingstarted/sequencers/pom.xml trunk/docs/examples/gettingstarted/sequencers/src/main/java/org/jboss/example/dna/sequencer/SequencingClient.java trunk/docs/gettingstarted/src/main/docbook/en-US/content/sequencer_example.xml trunk/docs/reference/src/main/docbook/en-US/content/configuration.xml trunk/docs/reference/src/main/docbook/en-US/content/development_tools.xml trunk/docs/reference/src/main/docbook/en-US/content/environment.xml trunk/docs/reference/src/main/docbook/en-US/custom.dtd Log: DNA-389 Updated the documents to reflect the recent changes in the SecurityContext and configuration. Modified: trunk/.gitignore =================================================================== --- trunk/.gitignore 2009-06-07 22:33:45 UTC (rev 989) +++ trunk/.gitignore 2009-06-08 00:03:34 UTC (rev 990) @@ -49,6 +49,12 @@ # /docs/reference/ /docs/reference/target +# /extensions/dna-web-jcr-rest/ +/extensions/dna-web-jcr-rest/target/ + +# /extensions/dna-web-jcr-rest-war/ +/extensions/dna-web-jcr-rest-war/target/ + # /extensions/dna-classloader-maven/ /extensions/dna-classloader-maven/target Modified: trunk/dna-graph/src/main/java/org/jboss/dna/graph/ExecutionContext.java =================================================================== --- trunk/dna-graph/src/main/java/org/jboss/dna/graph/ExecutionContext.java 2009-06-07 22:33:45 UTC (rev 989) +++ trunk/dna-graph/src/main/java/org/jboss/dna/graph/ExecutionContext.java 2009-06-08 00:03:34 UTC (rev 990) @@ -73,6 +73,7 @@ * , with default implementations for all other components (including default namespaces in the * {@link #getNamespaceRegistry() namespace registry}. */ + @SuppressWarnings( "synthetic-access" ) public ExecutionContext() { this(new NullSecurityContext(), null, null, null, null, null); initializeDefaultNamespaces(this.getNamespaceRegistry()); @@ -193,7 +194,7 @@ /** * Get the {@link SecurityContext security context} for this context. * - * @return the security context; may be <code>null</code> + * @return the security context; never <code>null</code> */ public SecurityContext getSecurityContext() { return this.securityContext; @@ -347,6 +348,6 @@ public void logout() { } - + } } Modified: trunk/dna-jcr/src/test/java/org/jboss/dna/jcr/JcrRepositoryTest.java =================================================================== --- trunk/dna-jcr/src/test/java/org/jboss/dna/jcr/JcrRepositoryTest.java 2009-06-07 22:33:45 UTC (rev 989) +++ trunk/dna-jcr/src/test/java/org/jboss/dna/jcr/JcrRepositoryTest.java 2009-06-08 00:03:34 UTC (rev 990) @@ -79,8 +79,6 @@ } } - - @Before public void before() throws Exception { MockitoAnnotations.initMocks(this); @@ -93,7 +91,7 @@ // Set up the execution context ... context = new ExecutionContext(); credentials = new SimpleCredentials("superuser", "superuser".toCharArray()); - + // Stub out the connection factory ... connectionFactory = new RepositoryConnectionFactory() { /** @@ -180,28 +178,28 @@ assertThat(repository.getDescriptor("property"), is("value")); } - @Test(expected=javax.jcr.LoginException.class) + @Test( expected = javax.jcr.LoginException.class ) public void shouldNotAllowLoginWithNoCredentials() throws Exception { // This would work iff this code was executing in a privileged block, but it's not repository.login(); } - - @SuppressWarnings("cast") + @Test public void shouldAllowLoginWithNoCredentialsInPrivilegedBlock() throws Exception { LoginContext login = new LoginContext("dna-jcr", new UserPasswordCallbackHandler("superuser", "superuser".toCharArray())); login.login(); - + Subject subject = login.getSubject(); - - Session session = (Session) Subject.doAsPrivileged(subject, new PrivilegedExceptionAction<Session>() { + Session session = (Session)Subject.doAsPrivileged(subject, new PrivilegedExceptionAction<Session>() { + + @SuppressWarnings( "synthetic-access" ) public Session run() throws Exception { return repository.login(); } - + }, AccessController.getContext()); - + assertThat(session, is(notNullValue())); assertThat(session.getUserID(), is("superuser")); login.logout(); Modified: trunk/dna-jcr/src/test/java/org/jboss/dna/jcr/JcrTckTest.java =================================================================== --- trunk/dna-jcr/src/test/java/org/jboss/dna/jcr/JcrTckTest.java 2009-06-07 22:33:45 UTC (rev 989) +++ trunk/dna-jcr/src/test/java/org/jboss/dna/jcr/JcrTckTest.java 2009-06-08 00:03:34 UTC (rev 990) @@ -43,7 +43,6 @@ import org.apache.jackrabbit.test.api.RepositoryLoginTest; import org.apache.jackrabbit.test.api.SerializationTest; import org.apache.jackrabbit.test.api.SessionTest; -import org.apache.jackrabbit.test.api.SessionUUIDTest; import org.apache.jackrabbit.test.api.SetPropertyAssumeTypeTest; import org.apache.jackrabbit.test.api.SetPropertyBooleanTest; import org.apache.jackrabbit.test.api.SetPropertyCalendarTest; Modified: trunk/docs/examples/gettingstarted/pom.xml =================================================================== --- trunk/docs/examples/gettingstarted/pom.xml 2009-06-07 22:33:45 UTC (rev 989) +++ trunk/docs/examples/gettingstarted/pom.xml 2009-06-08 00:03:34 UTC (rev 990) @@ -10,7 +10,7 @@ <modules> <module>sequencers</module> - <module>repositories</module> + <!--module>repositories</module--> </modules> <dependencyManagement> Modified: trunk/docs/examples/gettingstarted/repositories/src/main/java/org/jboss/example/dna/repository/RepositoryClient.java =================================================================== --- trunk/docs/examples/gettingstarted/repositories/src/main/java/org/jboss/example/dna/repository/RepositoryClient.java 2009-06-07 22:33:45 UTC (rev 989) +++ trunk/docs/examples/gettingstarted/repositories/src/main/java/org/jboss/example/dna/repository/RepositoryClient.java 2009-06-08 00:03:34 UTC (rev 990) @@ -44,6 +44,7 @@ import org.jboss.dna.common.util.CheckArg; import org.jboss.dna.graph.ExecutionContext; import org.jboss.dna.graph.Graph; +import org.jboss.dna.graph.JaasSecurityContext; import org.jboss.dna.graph.Location; import org.jboss.dna.graph.property.Path; import org.jboss.dna.graph.property.PathFactory; @@ -306,7 +307,11 @@ case DNA: { try { // Use the DNA Graph API to read the properties and children of the node ... - ExecutionContext context = loginContext != null ? this.context.create(loginContext) : this.context; + ExecutionContext context = this.context; + if (loginContext != null) { + JaasSecurityContext security = new JaasSecurityContext(loginContext); + context = this.context.with(security); + } Graph graph = engine.getGraph(context, sourceName); graph.useWorkspace("default"); org.jboss.dna.graph.Node node = graph.getNodeAt(pathToNode); Modified: trunk/docs/examples/gettingstarted/sequencers/pom.xml =================================================================== --- trunk/docs/examples/gettingstarted/sequencers/pom.xml 2009-06-07 22:33:45 UTC (rev 989) +++ trunk/docs/examples/gettingstarted/sequencers/pom.xml 2009-06-08 00:03:34 UTC (rev 990) @@ -63,34 +63,6 @@ <artifactId>jcr</artifactId> </dependency> <!-- - JAAS implementation (and dependencies) - --> - <dependency> - <groupId>org.jboss.security</groupId> - <artifactId>jboss-idtrust</artifactId> - <version>2.0.2.CR1</version> - </dependency> - <dependency> - <groupId>org.jboss.security</groupId> - <artifactId>jboss-security-spi-bare</artifactId> - <version>2.0.2.SP6</version> - </dependency> - <dependency> - <groupId>org.jboss.security</groupId> - <artifactId>jbosssx-bare</artifactId> - <version>2.0.2.SP6</version> - <exclusions> - <exclusion> - <groupId>apache-xalan</groupId> - <artifactId>xalan</artifactId> - </exclusion> - <exclusion> - <groupId>apache-xalan</groupId> - <artifactId>serializer</artifactId> - </exclusion> - </exclusions> - </dependency> - <!-- Test cases use JUnit --> <dependency> Modified: trunk/docs/examples/gettingstarted/sequencers/src/main/java/org/jboss/example/dna/sequencer/SequencingClient.java =================================================================== --- trunk/docs/examples/gettingstarted/sequencers/src/main/java/org/jboss/example/dna/sequencer/SequencingClient.java 2009-06-07 22:33:45 UTC (rev 989) +++ trunk/docs/examples/gettingstarted/sequencers/src/main/java/org/jboss/example/dna/sequencer/SequencingClient.java 2009-06-08 00:03:34 UTC (rev 990) @@ -41,13 +41,13 @@ import javax.jcr.Session; import javax.jcr.Value; import javax.jcr.ValueFormatException; +import org.jboss.dna.graph.SecurityContext; import org.jboss.dna.graph.connector.inmemory.InMemoryRepositorySource; import org.jboss.dna.jcr.JcrConfiguration; import org.jboss.dna.jcr.JcrEngine; -import org.jboss.dna.jcr.JcrRepository; +import org.jboss.dna.jcr.SecurityContextCredentials; import org.jboss.dna.repository.sequencer.SequencingService; import org.jboss.dna.repository.util.SessionFactory; -import org.jboss.security.config.IDTrustConfiguration; /** * @author Randall Hauch @@ -60,14 +60,6 @@ public static final char[] DEFAULT_PASSWORD = "secret".toCharArray(); public static void main( String[] args ) { - // Set up the JAAS provider (IDTrust) and a policy file (which defines the "dna-jcr" login config name) - IDTrustConfiguration idtrustConfig = new IDTrustConfiguration(); - try { - idtrustConfig.config("security/jaas.conf.xml"); - } catch (Exception ex) { - throw new IllegalStateException(ex); - } - // Configure the DNA configuration. This could be done by loading a configuration from a file, or by // using a (local or remote) configuration repository, or by setting up the configuration programmatically. // This example uses the programmatic approach... @@ -80,10 +72,7 @@ .setDescription("The repository for our content") .setProperty("defaultWorkspaceName", workspaceName); // Set up the JCR repository to use the source ... - config.repository(repositoryId) - .addNodeTypes("sequencing.cnd") - .setSource("store") - .setOption(JcrRepository.Option.JAAS_LOGIN_CONFIG_NAME, "dna-jcr"); + config.repository(repositoryId).addNodeTypes("sequencing.cnd").setSource("store"); // Set up the image sequencer ... config.sequencer("Image Sequencer") .usingClass("org.jboss.dna.sequencer.image.ImageMetadataSequencer") @@ -433,7 +422,14 @@ * @throws RepositoryException */ protected Session createSession() throws RepositoryException { - return this.repository.login(workspaceName); + // Normally we'd just use SimpleCredentials or some other custom Credentials implementation, + // but that would require JAAS (since JBoss DNA uses that used by default). Since we don't + // have a JAAS implementation, we will use the SecurityContextCredentials to wrap + // another SecurityContext implementation. This is how you might integrate a non-JAAS security + // system into JBoss DNA. See the repository example for how to set up with JAAS. + SecurityContext securityContext = new MyCustomSecurityContext(); + SecurityContextCredentials credentials = new SecurityContextCredentials(securityContext); + return this.repository.login(credentials, workspaceName); } protected String getMimeType( URL file ) { @@ -451,4 +447,33 @@ return null; } + protected class MyCustomSecurityContext implements SecurityContext { + /** + * {@inheritDoc} + * + * @see org.jboss.dna.graph.SecurityContext#getUserName() + */ + public String getUserName() { + return "Fred"; + } + + /** + * {@inheritDoc} + * + * @see org.jboss.dna.graph.SecurityContext#hasRole(java.lang.String) + */ + public boolean hasRole( String roleName ) { + return true; + } + + /** + * {@inheritDoc} + * + * @see org.jboss.dna.graph.SecurityContext#logout() + */ + public void logout() { + // do something + } + } + } Modified: trunk/docs/gettingstarted/src/main/docbook/en-US/content/sequencer_example.xml =================================================================== --- trunk/docs/gettingstarted/src/main/docbook/en-US/content/sequencer_example.xml 2009-06-07 22:33:45 UTC (rev 989) +++ trunk/docs/gettingstarted/src/main/docbook/en-US/content/sequencer_example.xml 2009-06-08 00:03:34 UTC (rev 990) @@ -161,14 +161,6 @@ creates the JBoss DNA configuration using the programmatic style. </para> <programlisting role="JAVA"><![CDATA[ -// Set up the JAAS provider (IDTrust) and a policy file (which defines the "dna-jcr" login config name) -IDTrustConfiguration idtrustConfig = new IDTrustConfiguration(); -try { - idtrustConfig.config("security/jaas.conf.xml"); -} catch (Exception ex) { - throw new IllegalStateException(ex); -} - // Create the configuration. String repositoryId = "content"; String workspaceName = "default"; @@ -181,8 +173,7 @@ // Set up the JCR repository to use the source ... config.repository(repositoryId) .addNodeTypes("sequencing.cnd") - .setSource("store") - .setOption(JcrRepository.Option.JAAS_LOGIN_CONFIG_NAME, "dna-jcr"); + .setSource("store"); // Set up the image sequencer ... config.sequencer("Image Sequencer") .usingClass("org.jboss.dna.sequencer.image.ImageMetadataSequencer") @@ -210,16 +201,13 @@ client.setUserInterface(new ConsoleInput(client)); ]]></programlisting> <para> - The first block sets up the JAAS provider to be the IDTrust library and a policy file that defines the "dna-jcr" JAAS configuration. - </para> - <para> - The second block of code configures the <code>JcrConfiguration</code> and sets up the "store" source, the "content" repository, + The first block of code configures the <code>JcrConfiguration</code> and sets up the "store" source, the "content" repository, and three sequencers. Again, this is done via the programmatic style. An alternative would be to load the entire configuration from a configuration file or from an existing configuration repository. (The repository example shown in the <link linkend="repository_example">next chapter</link> shows how to load the configuration from a file.) </para> <para> - The third block simply instantiates the <code>SequencingClient</code> class, passing the configuration and the name of the repository + The second block simply instantiates the <code>SequencingClient</code> class, passing the configuration and the name of the repository and workspace, and finally sets the user interface (which then executes its behavior, which we'll see below). </para> <para> @@ -298,6 +286,58 @@ } } ]]></programlisting> + <para> + There is one more aspect of this example that is worth discussing. While the repository example in the + <link linkend="repository_example">next chapter</link> does show how to use JAAS, this example intentionally shows how + you might integrate a different security system into JBoss DNA. In the <code>createSession()</code> method, + the <code>RepositoryClient</code> creates a <code>SecurityContextCredentials</code> wrapper around a custom + <code>SecurityContext</code> implementation, then passes that credentials into the <code>login(Credentials,String)</code> + method: + </para> + <programlisting role="JAVA"><![CDATA[ +protected Session createSession() throws RepositoryException { + SecurityContext securityContext = new MyCustomSecurityContext(); + SecurityContextCredentials credentials = new SecurityContextCredentials(securityContext); + return this.repository.login(credentials, workspaceName); +} + ]]></programlisting> + <para> + where the custom <code>SecurityContext</code> implementation is as follows: + </para> + <programlisting role="JAVA"><![CDATA[ +protected class MyCustomSecurityContext implements SecurityContext { + /** + * @see org.jboss.dna.graph.SecurityContext#getUserName() + */ + public String getUserName() { + return "Fred"; + } + + /** + * @see org.jboss.dna.graph.SecurityContext#hasRole(java.lang.String) + */ + public boolean hasRole( String roleName ) { + return true; + } + + /** + * @see org.jboss.dna.graph.SecurityContext#logout() + */ + public void logout() { + // do something + } +} + ]]></programlisting> + <para> + Obviously you would want to implement this correctly. If you're using JBoss DNA in a web application, your <code>SecurityContext</code> + implementation would likely delegate to the <code>HttpServletRequest</code>. + </para> + <para> + But if you're using JAAS, then you could just pass in a <code>javax.jcr.SimpleCredentials</code> with the username and password, + as long as your <code>JcrConfiguration</code>'s repository definitions are set up to use the correct JAAS login context name + (see the repository example in the <link linkend="repository_example">next chapter</link>). Or, you could use the approach listed + above and supply an instance of the <code>JaasSecurityContext</code> to the <code>SecurityContextCredentials</code>. + </para> <para>At this point, we've reviewed all of the interesting code in the example application related to JBoss DNA. However, feel free to play with the application, trying different things.</para> </sect1> Modified: trunk/docs/reference/src/main/docbook/en-US/content/configuration.xml =================================================================== --- trunk/docs/reference/src/main/docbook/en-US/content/configuration.xml 2009-06-07 22:33:45 UTC (rev 989) +++ trunk/docs/reference/src/main/docbook/en-US/content/configuration.xml 2009-06-08 00:03:34 UTC (rev 990) @@ -29,12 +29,343 @@ %CustomDTD; ]> <chapter id="configuration"> - <title>Configuration</title> - <para> - Configuring JBoss DNA services is a bit more manual than is ideal. JBoss DNA currently consists of classes that uses dependency - injection to allow a great deal of flexibility in how it can be configured and customized. But this flexibility - makes it more difficult for you to configure. We understand this, and will soon provide a much easier way to set up - and manage JBoss DNA. Current plans are to use the <ulink url="http://www.jboss.org/jbossmc">JBoss Microcontainer</ulink> - along with a configuration repository. + <title>Configuring and Using JBoss DNA</title> + <para>Using JBoss DNA within your application is actually quite straightforward. As you'll see in this chapter, + the first step is setting up JBoss DNA and starting the <code>JcrEngine</code>. After that, you obtain the + <code>javax.jcr.Repository</code> instance for a named repository and just use the standard JCR API throughout your + application. </para> + <sect1 id="jcr_engine"> + <title>JBoss DNA's JcrEngine</title> + <para> + JBoss DNA encapsulates everything necessary to run one or more JCR repositories into a single &JcrEngine; instance. + This includes all underlying repository sources, the pools of connections to the sources, the sequencers, + the MIME type detector(s), and the &Repository; implementations. + </para> + <para> + Obtaining a &JcrEngine; instance is very easy - assuming that you have a valid &JcrConfiguration; instance. We'll see + how to get one of those in a little bit, but if you have one then all you have to do is build and start the engine: + </para> + <programlisting role="JAVA"><![CDATA[ +JcrConfiguration config = ... +JcrEngine engine = config.build(); +engine.start(); + ]]></programlisting> + <para> + Obtaining a JCR &Repository; instance is a matter of simply asking the engine for it by the name defined in the configuration: + </para> + <programlisting role="JAVA"><![CDATA[ +javax.jcr.Repository repository = engine.getRepository("Name of repository"); + ]]></programlisting> + <para> + At this point, your application can proceed by working with the JCR API. + </para> + <para> + And, once you're finished with the &JcrEngine;, you should shut it down: + </para> + <programlisting role="JAVA"><![CDATA[ +engine.shutdown(); +engine.awaitTermination(3,TimeUnit.SECONDS); // optional + ]]></programlisting> + <para> + When the <code>shutdown()</code> method is called, the &Repository; instances managed by the engine are marked as being shut down, + and they will not be able to create new &Session;s. However, any existing &Session;s or ongoing operations (e.g., event notifications) + present at the time of the <code>shutdown()</code> call will be allowed to finish. + In essence, <code>shutdown()</code> is a <emphasis>graceful</emphasis> request, and since it may take some time to complete, + you can wait until the shutdown has completed by simply calling <code>awaitTermination(...)</code> as shown above. + This method will block until the engine has indeed shutdown or until the supplied time duration has passed (whichever comes first). + And, yes, you can call the <code>awaitTermination(...)</code> method repeatedly if needed. + </para> + </sect1> + <sect1 id="jcr_configuration"> + <title>JcrConfiguration</title> + <para> + The previous section assumed the existence of a &JcrConfiguration;. It's not really that creating an instance is all that difficult. + In fact, there's only one no-argument constructor, so actually creating the instance is a piece of cake. What can be a little more challenging, + though, is setting up the &JcrConfiguration; instance, which must define the following components: + <itemizedlist> + <listitem> + <para><emphasis role="strong"><code>Repository sources</code></emphasis> are the POJO objects that each describe a particular + location where content is stored. Each repository source object is an instance of a JBoss DNA connector, and is configured + with the properties that particular source. JBoss DNA's &RepositorySource; classes are analogous to JDBC's &DataSource; classes - + they are implemented by specific connectors (aka, "drivers") for specific kinds of repository sources (aka, "databases"). + Similarly, a &RepositorySource; instance is analogous to a &DataSource; instance, with bean properties for each configurable + parameter. Therefore, each repository source definition must supply the name of the &RepositorySource; class, any + bean properties, and, optionally, the classpath that should be used to load the class. </para> + </listitem> + <listitem> + <para><emphasis role="strong"><code>Repositories</code></emphasis> define the JCR repositories that are available. Each + repository has a unique name that is used to obtain the &Repository; instance from the &JcrEngine;'s <code>getRepository(String)</code> + method, but each repository definition also can include the predefined namespaces (other than those automatically defined by + JBoss DNA), various options, and the node types that are to be available in the repository without explicit registration + through the JCR API.</para> + </listitem> + <listitem> + <para><emphasis role="strong"><code>Sequencers</code></emphasis> define the particular sequencers that are available for use. + Each sequencer definition provides the path expressions governing which nodes in the repository should be sequenced when those nodes change, + and where the resulting output generated by the sequencer should be placed. The definition also must state the name of + the sequencer class, any bean properties and, optionally, the classpath that should be used to load the class.</para> + </listitem> + <listitem> + <para><emphasis role="strong"><code>MIME type detectors</code></emphasis> define the particular MIME type detector(s) that should + be made available. A MIME type detector does exactly what the name implies: it attempts to determine the MIME type given a + "filename" and contents. JBoss DNA automatically uses a detector that uses the file extension to identify the MIME type, + but also provides an implementation that uses an external library to identify the MIME type based upon the contents. + The definition must state the name of the detector class, any bean properties and, optionally, the classpath that should + be used to load the class.</para> + </listitem> + </itemizedlist> + </para> + <para> + There really are three options: + <itemizedlist> + <listitem> + <para><emphasis role="strong"><code>Load from a file</code></emphasis> is conceptually the easiest and requires the least amount + of Java code, but it now requires a configuration file.</para> + </listitem> + <listitem> + <para><emphasis role="strong"><code>Load from a configuration repository</code></emphasis> is not much more complicated than loading + from a file, but it does allow multiple &JcrEngine; instances (usually in different processes perhaps on different machines) + to easily access their (shared) configuration. And technically, loading the configuration from a file really just creates an + &InMemoryRepositorySource;, imports the configuration file into that source, and then proceeds with this approach.</para> + </listitem> + <listitem> + <para><emphasis role="strong"><code>Programmatic configuration</code></emphasis> is always possible, even if the configuration is loaded + from a file or repository. Using the &JcrConfiguration;'s API, you can define (or update or remove) all of the definitions that make + up a configuration.</para> + </listitem> + </itemizedlist> + </para> + <para> + Each of these approaches has their obvious advantages, so the choice of which one to use is entirely up to you. + </para> + <sect2 id="loading_from_file"> + <title>Loading from a configuration file</title> + <para> + Loading the JBoss DNA configuration from a file is actually very simple: + </para> + <programlisting role="JAVA"><![CDATA[ +JcrConfiguration config = new JcrConfiguration(); +configuration.loadFrom(file); + ]]></programlisting> + <para> + where the <code>file</code> parameter can actually be a &File; instance, a &URL; to the file, an &InputStream; + containing the contents of the file, or even a &String; containing the contents of the file. + </para> + <note> + <para>The <code>loadFrom(...)</code> method can be called any number of times, but each time it is called it completely wipes + out any current notion of the configuration and replaces it with the configuration found in the file. + </para> + </note> + <para> + There is an optional second parameter that defines the &Path; within the configuration file identifying the parent node of the various + configuration nodes. If not specified, it assumes "/". This makes it possible for the configuration content to be + located at a different location in the hierarchical structure. (This is not often required, but when it is required + this second parameter is very useful.) + </para> + <para> + Here is the configuration file that is used in the repository example, though it has been simplified a bit and most comments + have been removed for clarity): + </para> + <programlisting role="JAVA"><![CDATA[ +<?xml version="1.0" encoding="UTF-8"?> +<configuration xmlns="http://www.jboss.org/dna/1.0" xmlns:jcr="http://www.jcp.org/jcr/1.0"> + <!-- + Define the JCR repositories + --> + <dna:repositories> + <!-- + Define a JCR repository that accesses the 'Cars' source directly. + This of course is optional, since we could access the same content through 'vehicles'. + --> + <dna:repository jcr:name="car repository" dna:source="Cars"> + <options jcr:primaryType="dna:options"/> + <jaasLoginConfigName jcr:primaryType="dna:option" dna:value="dna-jcr"/> + </options> + </dna:repository> + </dna:repositories> + <!-- + Define the sources for the content. These sources are directly accessible using the DNA-specific Graph API. + --> + <dna:sources jcr:primaryType="nt:unstructured"> + <dna:source jcr:name="Cars" dna:classname="org.jboss.dna.graph.connector.inmemory.InMemoryRepositorySource" dna:retryLimit="3" dna:defaultWorkspaceName="workspace1"/> + <dna:source jcr:name="Aircraft" dna:classname="org.jboss.dna.graph.connector.inmemory.InMemoryRepositorySource"> + <!-- Define the name of the workspace used by default. Optional, but convenient. --> + <defaultWorkspaceName>workspace2</defaultWorkspaceName> + </dna:source> + </dna:sources> + <!-- + Define the sequencers. This is an optional section. For this example, we're not using any sequencers. + --> + <dna:sequencers> + <!--dna:sequencer jcr:name="Image Sequencer" dna:classname="org.jboss.dna.sequencer.image.ImageMetadataSequencer"> + <dna:description>Image metadata sequencer</dna:description> + <dna:pathExpression>/foo/source => /foo/target</dna:pathExpression> + <dna:pathExpression>/bar/source => /bar/target</dna:pathExpression> + </dna:sequencer--> + </dna:sequencers> + <dna:mimeTypeDetectors> + <dna:mimeTypeDetector jcr:name="Detector" dna:description="Standard extension-based MIME type detector"/> + </dna:mimeTypeDetectors> +</configuration> + ]]></programlisting> + </sect2> + <sect2 id="loading_from_repository"> + <title>Loading from a configuration repository</title> + <para> + Loading the JBoss DNA configuration from an existing repository is also pretty straightforward. Simply create and configure the + &RepositorySource; instance to point to the desired repository, and then call the <code>loadFrom(&RepositorySource; source)</code> + method: + </para> + <programlisting role="JAVA"><![CDATA[ +RepositorySource configSource = ... +JcrConfiguration config = new JcrConfiguration(); +configuration.loadFrom(configSource); + ]]></programlisting> + <para> + This really is a more advanced way to define your configuration, so we won't go into how you configure a &RepositorySource;. + For more information, consult the &ReferenceGuide;. + </para> + <note> + <para>The <code>loadFrom(...)</code> method can be called any number of times, but each time it is called it completely wipes + out any current notion of the configuration and replaces it with the configuration found in the file. + </para> + </note> + <para> + There is an optional second parameter that defines the name of the workspace in the supplied source where the configuration content + can be found. It is not needed if the workspace is the source's default workspace. + There is an optional third parameter that defines the &Path; within the configuration repository identifying the parent node of the various + configuration nodes. If not specified, it assumes "/". This makes it possible for the configuration content to be + located at a different location in the hierarchical structure. (This is not often required, but when it is required + this second parameter is very useful.) + </para> + </sect2> + <sect2 id="programmatic_configuration"> + <title>Programmatic configuration</title> + <para> + Defining the configuration programmatically is not terribly complicated, and it for obvious reasons results in more verbose Java code. + But this approach is very useful and often the easiest approach when the configuration must change or is a reflection of other + dynamic information. + </para> + <para> + The &JcrConfiguration; class was designed to have an easy-to-use API that makes it easy to configure each of the different kinds of + components, especially when using an IDE with code completion. Here are several examples: + </para> + <sect3 id="programmatically_configuring_sources"> + <title>Repository sources</title> + <para>Each repository source definition must include the name of the &RepositorySource; class as well as each bean property + that should be set on the object: + </para> + <programlisting role="JAVA"><![CDATA[ +JcrConfiguration config = ... +config.repositorySource("source A") + .usingClass(InMemoryRepositorySource.class) + .setDescription("The repository for our content") + .setProperty("defaultWorkspaceName", workspaceName); + ]]></programlisting> + <para> + This example defines an in-memory source with the name "source A", a description, and a single "defaultWorkspaceName" bean property. + Different &RepositorySource; implementations will the bean properties that are required and optional. + Of course, the class can be specified as Class reference or a string (followed by whether the class should be loaded from + the classpath or from a specific classpath). + </para> + <note> + <para>Each time <code>repositorySource(String)</code> is called, it will either load the existing definition with the supplied + name or will create a new definition if one does not already exist. To remove a definition, simply call <code>remove()</code> + on the result of <code>repositorySource(String)</code>. + The set of existing definitions can be accessed with the <code>repositorySources()</code> method. + </para> + </note> + </sect3> + <sect3 id="programmatically_configuring_repositories"> + <title>Repositories</title> + <para>Each repository must be defined to use a named repository source, but all other aspects (e.g., namespaces, node types, options) + are optional.</para> + <programlisting role="JAVA"><![CDATA[ +JcrConfiguration config = ... +config.repository("repository A") + .addNodeTypes("myCustomNodeTypes.cnd") + .setSource("source 1") + .registerNamespace("acme","http://www.example.com/acme") + .setOption(JcrRepository.Option.JAAS_LOGIN_CONFIG_NAME, "dna-jcr"); + ]]></programlisting> + <para> + This example defines a repository that uses the "source 1" repository source (which could be a federated source, an in-memory source, + a database store, or any other source). Additionally, this example adds the node types in the "myCustomNodeTypes.cnd" file as those + that will be made available when the repository is accessed. It also defines the "http://www.example.com/acme" namespace, + and finally sets the "JAAS_LOGIN_CONFIG_NAME" option to define the name of the JAAS login configuration that should be used by + the JBoss DNA repository. + </para> + <note> + <para>Each time <code>repository(String)</code> is called, it will either load the existing definition with the supplied + name or will create a new definition if one does not already exist. To remove a definition, simply call <code>remove()</code> + on the result of <code>repository(String)</code>. + The set of existing definitions can be accessed with the <code>repositories()</code> method. + </para> + </note> + </sect3> + <sect3 id="programmatically_configuring_sequencers"> + <title>Sequencers</title> + <para>Each defined sequencer must specify the name of the &StreamSequencer; implementation class as well as the path expressions + defining which nodes should be sequenced and the output paths defining where the sequencer output should be placed (often as a function + of the input path expression).</para> + <programlisting role="JAVA"><![CDATA[ +JcrConfiguration config = ... +config.sequencer("Image Sequencer") + .usingClass("org.jboss.dna.sequencer.image.ImageMetadataSequencer") + .loadedFromClasspath() + .setDescription("Sequences image files to extract the characteristics of the image") + .sequencingFrom("//(*.(jpg|jpeg|gif|bmp|pcx|png|iff|ras|pbm|pgm|ppm|psd)[*])/jcr:content[@jcr:data]") + .andOutputtingTo("/images/$1"); + ]]></programlisting> + <para> + This shows an example of a sequencer definition named "Image Sequencer" that uses the &ImageMetadataSequencer; class + (loaded from the classpath), that is to sequence the "jcr:data" property on any new or changed nodes that are named + "jcr:content" below a parent node with a name ending in ".jpg", ".jpeg", ".gif", ".bmp", ".pcx", ".iff", ".ras", + ".pbm", ".pgm", ".ppm" or ".psd". The output of the sequencing operation should be placed at the "/images/$1" node, + where the "$1" value is captured as the name of the parent node. (The capture groups work the same was as regular expressions; + see the &ReferenceGuide; for more details.) + Of course, the class can be specified as Class reference or a string (followed by whether the class should be loaded from + the classpath or from a specific classpath). + </para> + <note> + <para>Each time <code>sequencer(String)</code> is called, it will either load the existing definition with the supplied + name or will create a new definition if one does not already exist. To remove a definition, simply call <code>remove()</code> + on the result of <code>sequencer(String)</code>. + The set of existing definitions can be accessed with the <code>sequencers()</code> method. + </para> + </note> + </sect3> + <sect3 id="programmatically_configuring_mime_type_detectors"> + <title>MIME type detectors</title> + <para>Each defined MIME type detector must specify the name of the &MimeTypeDetector; implementation class as well as any + other bean properties required by the implementation.</para> + <programlisting role="JAVA"><![CDATA[ +JcrConfiguration config = ... +config.mimeTypeDetector("Extension Detector") + .usingClass(org.jboss.dna.graph.mimetype.ExtensionBasedMimeTypeDetector.class); + ]]></programlisting> + <para> + Of course, the class can be specified as Class reference or a string (followed by whether the class should be loaded from + the classpath or from a specific classpath). + </para> + <note> + <para>Each time <code>mimeTypeDetector(String)</code> is called, it will either load the existing definition with the supplied + name or will create a new definition if one does not already exist. To remove a definition, simply call <code>remove()</code> + on the result of <code>mimeTypeDetector(String)</code>. + The set of existing definitions can be accessed with the <code>mimeTypeDetectors()</code> method. + </para> + </note> + </sect3> + </sect2> + </sect1> + <sect1 id="using_dna_whats_next"> + <title>What's next</title> + <para> + This chapter outline how you configure JBoss DNA, how you then access a <code>javax.jcr.Repository</code> instance, + and use the standard JCR API to interact with the repository. The + <link linkend="downloading_and_running">next chapter </link> walks you through downloading + and running the JBoss DNA examples. + </para> + </sect1> </chapter> Modified: trunk/docs/reference/src/main/docbook/en-US/content/development_tools.xml =================================================================== --- trunk/docs/reference/src/main/docbook/en-US/content/development_tools.xml 2009-06-07 22:33:45 UTC (rev 989) +++ trunk/docs/reference/src/main/docbook/en-US/content/development_tools.xml 2009-06-08 00:03:34 UTC (rev 990) @@ -228,6 +228,7 @@ <para>While you're adding <code>$MAVEN_HOME/bin</code> to your path, you should also set the <code>$MAVEN_OPTS</code> environment variable to "<code>-Xmx256m</code>". If you don't do this, you'll likely see an <code>java.lang.OutOfMemoryError</code> sometime during a full build. + </para> <note> <para> The JBoss Maven repository provides a central location for not only the artifacts produced by the JBoss.org projects (well, at least those Modified: trunk/docs/reference/src/main/docbook/en-US/content/environment.xml =================================================================== --- trunk/docs/reference/src/main/docbook/en-US/content/environment.xml 2009-06-07 22:33:45 UTC (rev 989) +++ trunk/docs/reference/src/main/docbook/en-US/content/environment.xml 2009-06-08 00:03:34 UTC (rev 990) @@ -39,86 +39,6 @@ <ulink url="http://www.jboss.org/jbossmc">JBoss Microcontainer</ulink> to automatically assemble and wire together all the lower-level components. </para> - <sect1 id="security"> - <title>Security</title> - <para> - JBoss DNA uses the - <ulink url="http://java.sun.com/javase/technologies/security/">Java Authentication and Authorization Service (JAAS)</ulink> - for its security mechanism. Not only is this the standard approach for authenticating and authorizing in Java, but - it also enables JBoss DNA to integrate existing security systems. - </para> - <para> - There are quite a few JAAS providers available, but one of the best and most powerful providers is - <ulink url="http://www.jboss.org/jbosssecurity/">JBoss Security</ulink>, which is the open source - security framework used by JBoss. JBoss Security offers a number of JAAS login modules, including: - <itemizedlist> - <listitem> - <para> - <emphasis role="strong">User-Roles Login Module</emphasis> - is a simple - <code>javax.security.auth.login.LoginContext</code> - implementation that uses usernames and passwords stored in a properties file. - </para> - </listitem> - <listitem> - <para> - <emphasis role="strong">Client Login Module</emphasis> - prompts the user for their username and password. - </para> - </listitem> - <listitem> - <para> - <emphasis role="strong">Database Server Login Module</emphasis> - uses a JDBC database to authenticate principals and associate them with roles. - </para> - </listitem> - <listitem> - <para> - <emphasis role="strong">LDAP Login Module</emphasis> - uses an LDAP directory to authenticate principals. Two implementations are available. - </para> - </listitem> - <listitem> - <para> - <emphasis role="strong">Certificate Login Module</emphasis> - authenticates using X509 certificates, obtaining roles from either property files or a JDBC database. - </para> - </listitem> - <listitem> - <para> - <emphasis role="strong">Operating System Login Module</emphasis> - authenticates using the operating system's mechanism. - </para> - </listitem> - </itemizedlist> - and many others. Plus, JBoss Security also provides other capabilities, such as using XACML policies or using federated single sign-on. - For more detail, see the <ulink url="http://www.jboss.org/jbosssecurity/">JBoss Security</ulink> project. - </para> - <sect2 id="authentication"> - <title>Authenticating with JAAS</title> - <para> - JBoss DNA defers to JAAS to authenticate clients creating repository connections (known as JCR Sessions if using the JCR API), - and generally expects the client application to obtain the JAAS &LoginContext; or &AppControlContext;. - These are then passed to JBoss DNA, which merely verifies that authentication has been done. - </para> - <para> - As we'll see in the <link linkend="execution-context">next section</link>, JBoss DNA has the notion of an &ExecutionContext; - that can be created using JAAS login or access control contexts. These execution contexts therefore contain information - about the subject. - </para> - <para> - We'll also see in the <link linkend="jcr">chapter on JCR</link> how JAAS can be used for authentication when - JCR Sessions are created. - </para> - </sect2> - <sect2 id="authorization"> - <title>Authorization with JAAS</title> - <para> - JBoss DNA does not currently use any of the authorization features of JAAS. However, in future releases where authorization - is supported, JBoss DNA will rely upon JAAS authorization just as it currently does for authentication. - </para> - </sect2> - </sect1> <sect1 id="execution-context"> <title>Execution contexts</title> <para> @@ -158,18 +78,12 @@ public &PropertyFactory; getPropertyFactory() {...} /** - * Get the current JAAS access control context. - * @return the access control context; may be <code>null</code> + * Get the security context for this environment. + * @return the security context; never <code>null</code> */ - public &AccessControlContext; getAccessControlContext() {...} + public &SecurityContext; getSecurityContext() {...} /** - * Get the current JAAS login context. - * @return the login context; may be <code>null</code> - */ - public &LoginContext; getLoginContext() {...} - - /** * Get the JAAS subject for which this context was created. * @return the subject; never null */ @@ -201,8 +115,8 @@ <para> Notice that &ExecutionContext; implements the &ClassLoaderFactory; interface described in the <link linkend="classloaders">previous chapter</link>, meaning it can be used to create other contexts. These other methods are not shown, - but can be used to create create subcontexts with different <link linkend="security">JAAS</link> - login or access control contexts, with different namespace registry, or with different combinations of components. + but can be used to create create subcontexts with different <link linkend="security">security contexts</link>, + with different namespace registry, or with different combinations of components. </para> <para> The fact that so many of the JBoss DNA components take &ExecutionContext; instances gives us some interesting possibilities. @@ -226,11 +140,167 @@ &CallbackHandler; callbackHandler = ... &LoginContext; loginContext = new LoginContext("username",callbackHandler); &ExecutionContext; context3 = context1.with(loginContext); + +// Create a context that uses a provided &SecurityContext; (see the <link linkend="security">next section</link>)... +&SecurityContext; mySecurityContext = ... +&ExecutionContext; context4 = context1.with(mySecurityContext); </programlisting> <para> These contexts can then be passed to the various components as needed. </para> </sect1> + <sect1 id="security"> + <title>Security</title> + <para> + JBoss DNA uses a simple abstraction layer to isolate it from the security infrastructure used within an application. + The &SecurityContext; interface is defined as follows: + </para> + <programlisting> +public interface &SecurityContext; { + + /** + * Get the name of the authenticated user. + * @return the authenticated user's name + */ + &String; getUserName(); + + /** + * Determine whether the authenticated user has the given role. + * @param roleName the name of the role to check + * @return true if the user has the role and is logged in; false otherwise + */ + boolean hasRole( String roleName ); + + /** + * Logs the user out of the authentication mechanism. + * For some authentication mechanisms, this will be implemented as a no-op. + */ + void logout(); +} +</programlisting> + <para> + As noted below, this security context is made available through the &ExecutionContext; described above. + </para> + <sect1 id="jaas_security"> + <title>JAAS</title> + <para> + One such implementation is the &JaasSecurityContext;, which delegates any authentication or authorization requests to a + <ulink url="http://java.sun.com/javase/technologies/security/">Java Authentication and Authorization Service (JAAS)</ulink> + provider. This is the standard approach for authenticating and authorizing in Java, and is the default mechanism + used by the &JcrEngine;. + </para> + <para> + There are quite a few JAAS providers available, but one of the best and most powerful providers is + <ulink url="http://www.jboss.org/jbosssecurity/">JBoss Security</ulink>, which is the open source + security framework used by JBoss. JBoss Security offers a number of JAAS login modules, including: + <itemizedlist> + <listitem> + <para> + <emphasis role="strong">User-Roles Login Module</emphasis> + is a simple + <code>javax.security.auth.login.LoginContext</code> + implementation that uses usernames and passwords stored in a properties file. + </para> + </listitem> + <listitem> + <para> + <emphasis role="strong">Client Login Module</emphasis> + prompts the user for their username and password. + </para> + </listitem> + <listitem> + <para> + <emphasis role="strong">Database Server Login Module</emphasis> + uses a JDBC database to authenticate principals and associate them with roles. + </para> + </listitem> + <listitem> + <para> + <emphasis role="strong">LDAP Login Module</emphasis> + uses an LDAP directory to authenticate principals. Two implementations are available. + </para> + </listitem> + <listitem> + <para> + <emphasis role="strong">Certificate Login Module</emphasis> + authenticates using X509 certificates, obtaining roles from either property files or a JDBC database. + </para> + </listitem> + <listitem> + <para> + <emphasis role="strong">Operating System Login Module</emphasis> + authenticates using the operating system's mechanism. + </para> + </listitem> + </itemizedlist> + and many others. Plus, JBoss Security also provides other capabilities, such as using XACML policies or using federated single sign-on. + For more detail, see the <ulink url="http://www.jboss.org/jbosssecurity/">JBoss Security</ulink> project. + </para> + </sect2> + <sect2 id="web_security"> + <title>Web application security</title> + <para> + If JBoss DNA is being used within a web application, then it is probably desirable to reuse the security infrastructure + of the application server. This can be accomplished by implementing the &SecurityContext; interface with an implementation + that delegates to the <interface>HttpServletRequest</interface>. Then, for each request, create a &SecurityContextCredentials; + instance around your &SecurityContext;, and use that credentials to obtain a JCR &Session;. + </para> + <para> + Here is an example of the &SecurityContext; implementation that uses the servlet request: + </para> + <programlisting> +@Immutable +public class ServletSecurityContext implements &SecurityContext; { + + private final String userName; + private final HttpServletRequest request; + + /** + * Create a {@link ServletSecurityContext} with the supplied {@link HttpServletRequest servlet information}. + * + * @param request the servlet request; may not be null + */ + public ServletSecurityContext( HttpServletRequest request ) { + this.request = request; + this.userName = request.getUserPrincipal() != null ? request.getUserPrincipal().getName() : null; + } + + /** + * Get the name of the authenticated user. + * @return the authenticated user's name + */ + public &String; getUserName() { + return userName; + } + + /** + * Determine whether the authenticated user has the given role. + * @param roleName the name of the role to check + * @return true if the user has the role and is logged in; false otherwise + */ + boolean hasRole( String roleName ) { + request.isUserInRole(roleName); + } + + /** + * Logs the user out of the authentication mechanism. + * For some authentication mechanisms, this will be implemented as a no-op. + */ + public void logout() { + } +}</programlisting> + <para> + Then use this to create a &Session;: + </para> + <programlisting> +HttpServletRequest request = ... +&Repository; repository = engine.getRepository("my repository"); +&SecurityContext; securityContext = new ServletSecurityContext(httpServletRequest); +SecurityContextCredentials credentials = new SecurityContextCredentials(securityContext); +&Session; session = repository.login(credentials, workspaceName); +</programlisting> + </sect2> + </sect1> <sect1> <title>Summary</title> <para> Modified: trunk/docs/reference/src/main/docbook/en-US/custom.dtd =================================================================== --- trunk/docs/reference/src/main/docbook/en-US/custom.dtd 2009-06-07 22:33:45 UTC (rev 989) +++ trunk/docs/reference/src/main/docbook/en-US/custom.dtd 2009-06-08 00:03:34 UTC (rev 990) @@ -1,4 +1,4 @@ -<!ENTITY versionNumber "0.4"> +<!ENTITY versionNumber "0.5"> <!ENTITY copyrightYears "2008-2009"> <!ENTITY copyrightHolder "Red Hat, Inc."> @@ -10,6 +10,7 @@ <!ENTITY DocHome "http://www.jboss.org/file-access/default/members/dna/freezone/"> <!ENTITY API "&DocHome;docs/&versionNumber;/apidocs/org/jboss/dna/"> <!ENTITY JIRA "http://jira.jboss.org/jira/browse/DNA"> +<!ENTITY Roadmap "&JIRA;?report=com.atlassian.jira.plugin.system.project:roadmap-panel"> <!ENTITY Subversion "http://anonsvn.jboss.org/repos/dna/"> <!ENTITY Fisheye "http://fisheye.jboss.org/browse/DNA/"> <!ENTITY SecureSubversion "https://svn.jboss.org/repos/dna/"> @@ -24,10 +25,14 @@ <!ENTITY Java "http://java.sun.com/j2se/1.5.0/docs/api/"> <!ENTITY GettingStarted "<ulink url='&DocHome;docs/&versionNumber;/manuals/gettingstarted/html/index.html'>Getting Started</ulink>"> +<!ENTITY ReferenceGuide "<ulink url='&DocHome;docs/&versionNumber;/manuals/reference/html/index.html'>Getting Started</ulink>"> <!-- Types in JRE --> <!ENTITY String "<ulink url='&Java;java/lang/String.html'><interface>String</interface></ulink>"> +<!ENTITY File "<ulink url='&Java;java/io/File.html'><classname>File</classname></ulink>"> +<!ENTITY URL "<ulink url='&Java;java/net/URL.html'><classname>URL</classname></ulink>"> +<!ENTITY URI "<ulink url='&Java;java/net/URL.html'><classname>URI</classname></ulink>"> <!ENTITY InputStream "<ulink url='&Java;java/io/InputStream.html'><interface>InputStream</interface></ulink>"> <!ENTITY IOException "<ulink url='&Java;java/io/IOException.html'><classname>IOException</classname></ulink>"> <!ENTITY ClassLoader "<ulink url='&Java;java/lang/ClassLoader.html'><interface>ClassLoader</interface></ulink>"> @@ -38,6 +43,7 @@ <!ENTITY ExecutorService "<ulink url='&Java;java/util/concurrent/ExecutorService.html'><interface>ExecutorService</interface></ulink>"> <!ENTITY TimeUnit "<ulink url='&Java;java/util/concurrent/TimeUnit.html'><interface>TimeUnit</interface></ulink>"> <!ENTITY UUID "<ulink url='&Java;java/util/UUID.html'><classname>UUID</classname></ulink>"> +<!ENTITY DataSource "<ulink url='&Java;javax/sql/DataSource.html'><classname>DataSource</classname></ulink>"> <!-- Types in JCR API --> @@ -45,6 +51,7 @@ <!ENTITY Repository "<interface>Repository</interface>"> <!ENTITY Session "<interface>Session</interface>"> <!ENTITY Credentials "<interface>Credentials</interface>"> +<!ENTITY SimpleCredentials "<interface>SimpleCredentials</interface>"> <!-- Types in dna-common --> @@ -62,6 +69,8 @@ <!ENTITY Results "<ulink url='&API;graph/Results.html'><interface>Results</interface></ulink>"> <!ENTITY Location "<ulink url='&API;graph/Location.html'><classname>Location</classname></ulink>"> <!ENTITY ExecutionContext "<ulink url='&API;graph/ExecutionContext.html'><classname>ExecutionContext</classname></ulink>"> +<!ENTITY SecurityContext "<ulink url='&API;graph/SecurityContext.html'><interface>SecurityContext</interface></ulink>"> +<!ENTITY JaasSecurityContext "<ulink url='&API;graph/JaasSecurityContext.html'><classname>JaasSecurityContext</classname></ulink>"> <!ENTITY Name "<ulink url='&API;graph/property/Name.html'><interface>Name</interface></ulink>"> <!ENTITY Path "<ulink url='&API;graph/property/Path.html'><interface>Path</interface></ulink>"> <!ENTITY PathSegment "<ulink url='&API;graph/property/Path.Segment.html'><interface>Path.Segment</interface></ulink>"> @@ -77,6 +86,9 @@ <!ENTITY RepositorySourceCapabilities "<ulink url='&API;graph/connector/RepositorySourceCapabilities.html'><classname>RepositorySourceCapabilities</classname></ulink>"> <!ENTITY InMemoryRepository "<ulink url='&API;graph/connector/inmemory/InMemoryRepository.html'><classname>InMemoryRepository</classname></ulink>"> <!ENTITY InMemoryRepositorySource "<ulink url='&API;graph/connector/inmemory/InMemoryRepositorySource.html'><classname>InMemoryRepositorySource</classname></ulink>"> +<!ENTITY FederatedRepository "<ulink url='&API;graph/connector/federation/FederatedRepository.html'><classname>FederatedRepository</classname></ulink>"> +<!ENTITY FederatedRepositorySource "<ulink url='&API;graph/connector/federation/FederatedRepositorySource.html'><classname>FederatedRepositorySource</classname></ulink>"> +<!ENTITY Projection "<ulink url='&API;graph/connector/federation/Projection.html'><classname>Projection</classname></ulink>"> <!ENTITY CachePolicy "<ulink url='&API;graph/cache/CachePolicy.html'><interface>CachePolicy</interface></ulink>"> <!ENTITY Request "<ulink url='&API;graph/request/Request.html'><classname>Request</classname></ulink>"> <!ENTITY CompositeRequest "<ulink url='&API;graph/request/CompositeRequest.html'><classname>CompositeRequest</classname></ulink>"> @@ -95,6 +107,8 @@ <!-- Types in dna-repository --> +<!ENTITY DnaEngine "<ulink url='&API;repository/DnaEngine.html'><classname>DnaEngine</classname></ulink>"> +<!ENTITY DnaConfiguration "<ulink url='&API;repository/DnaConfiguration.html'><classname>DnaConfiguration</classname></ulink>"> <!ENTITY RepositoryLibrary "<ulink url='&API;repository/RepositoryLibrary.html'><classname>RepositoryLibrary</classname></ulink>"> <!ENTITY RepositoryService "<ulink url='&API;repository/RepositoryService.html'><classname>RepositoryService</classname></ulink>"> <!ENTITY ServiceAdministrator "<ulink url='&API;repository/service/ServiceAdministrator.html'><interface>ServiceAdministrator</interface></ulink>"> @@ -110,16 +124,16 @@ <!-- Types in dna-jcr --> +<!ENTITY JcrEngine "<ulink url='&API;jcr/JcrEngine.html'><classname>JcrEngine</classname></ulink>"> +<!ENTITY JcrConfiguration "<ulink url='&API;jcr/JcrConfiguration.html'><classname>JcrConfiguration</classname></ulink>"> <!ENTITY JcrRepository "<ulink url='&API;jcr/JcrRepository.html'><classname>JcrRepository</classname></ulink>"> <!ENTITY JcrSession "<ulink url='&API;jcr/JcrSession.html'><classname>JcrSession</classname></ulink>"> +<!ENTITY SecurityContextCredentials "<ulink url='&API;jcr/SecurityContextCredentials.html'><classname>SecurityContextCredentials</classname></ulink>"> <!-- Types in extensions/ --> <!ENTITY JBossCacheRepository "<ulink url='&API;connector/jbosscache/JBossCacheRepository.html'><classname>JBossCacheRepository</classname></ulink>"> <!ENTITY JBossCacheSource "<ulink url='&API;connector/jbosscache/JBossCacheSource.html'><classname>JBossCacheSource</classname></ulink>"> -<!ENTITY FederatedRepositorySource "<ulink url='&API;connector/federation/FederatedRepositorySource.html'><classname>FederatedRepositorySource</classname></ulink>"> -<!ENTITY FederatedRepository "<ulink url='&API;connector/federation/FederatedRepository.html'><classname>FederatedRepository</classname></ulink>"> -<!ENTITY Projection "<ulink url='&API;connector/federation/Projection.html'><classname>Projection</classname></ulink>"> <!ENTITY ImageMetadataSequencer "<ulink url='&API;sequencer/image/ImageMetadataSequencer.html'><classname>ImageMetadataSequencer</classname></ulink>"> <!ENTITY ImageMetadata "<ulink url='&API;sequencer/image/ImageMetadata.html'><classname>ImageMetadata</classname></ulink>"> <!ENTITY ImageSequencerI18n "<ulink url='&API;sequencer/image/ImageSequencerI18n.html'><classname>ImageSequencerI18n</classname></ulink>">