gatein SVN: r7663 - maven/dep/trunk.
by do-not-reply@jboss.org
Author: bdaw
Date: 2011-10-05 06:15:51 -0400 (Wed, 05 Oct 2011)
New Revision: 7663
Modified:
maven/dep/trunk/pom.xml
Log:
[maven-release-plugin] prepare release 1.1.0-GA
Modified: maven/dep/trunk/pom.xml
===================================================================
--- maven/dep/trunk/pom.xml 2011-10-05 10:13:39 UTC (rev 7662)
+++ maven/dep/trunk/pom.xml 2011-10-05 10:15:51 UTC (rev 7663)
@@ -8,7 +8,7 @@
<groupId>org.gatein</groupId>
<artifactId>gatein-dep</artifactId>
- <version>1.1.0-Beta07-SNAPSHOT</version>
+ <version>1.1.0-GA</version>
<packaging>pom</packaging>
<parent>
@@ -18,9 +18,9 @@
</parent>
<scm>
- <connection>scm:svn:http://anonsvn.jboss.org/repos/gatein/maven/dep/trunk/</connection>
- <developerConnection>scm:svn:https://svn.jboss.org/repos/gatein/maven/dep/trunk/</developerConnection>
- <url>http://fisheye.jboss.org/browse/gatein/maven/dep/trunk/</url>
+ <connection>scm:svn:http://anonsvn.jboss.org/repos/gatein/maven/dep/tags/1.1.0-GA</connection>
+ <developerConnection>scm:svn:https://svn.jboss.org/repos/gatein/maven/dep/tags/1.1.0-GA</developerConnection>
+ <url>http://fisheye.jboss.org/browse/gatein/maven/dep/tags/1.1.0-GA</url>
</scm>
<properties>
13 years, 3 months
- 1
- 0
gatein SVN: r7662 - maven/dep/trunk.
by do-not-reply@jboss.org
Author: bdaw
Date: 2011-10-05 06:13:39 -0400 (Wed, 05 Oct 2011)
New Revision: 7662
Modified:
maven/dep/trunk/pom.xml
Log:
- use gatein-parent 1.1.0-GA
Modified: maven/dep/trunk/pom.xml
===================================================================
--- maven/dep/trunk/pom.xml 2011-10-05 09:59:29 UTC (rev 7661)
+++ maven/dep/trunk/pom.xml 2011-10-05 10:13:39 UTC (rev 7662)
@@ -14,7 +14,7 @@
<parent>
<groupId>org.gatein</groupId>
<artifactId>gatein-parent</artifactId>
- <version>1.1.0-Beta02</version>
+ <version>1.1.0-GA</version>
</parent>
<scm>
@@ -553,13 +553,13 @@
<version>${version.jboss.logging}</version>
</dependency>
<dependency>
- <groupId>jboss</groupId>
- <artifactId>jboss-common-logging-jdk</artifactId>
+ <groupId>org.jboss.logging</groupId>
+ <artifactId>jboss-logging-jdk</artifactId>
<version>${version.jboss.logging}</version>
</dependency>
<dependency>
- <groupId>jboss</groupId>
- <artifactId>jboss-common-logging-log4j</artifactId>
+ <groupId>org.jboss.logging</groupId>
+ <artifactId>jboss-logging-log4j</artifactId>
<version>${version.jboss.logging}</version>
</dependency>
<dependency>
13 years, 3 months
- 1
- 0
gatein SVN: r7661 - maven/parent/trunk.
by do-not-reply@jboss.org
Author: bdaw
Date: 2011-10-05 05:59:29 -0400 (Wed, 05 Oct 2011)
New Revision: 7661
Modified:
maven/parent/trunk/pom.xml
Log:
[maven-release-plugin] prepare for next development iteration
Modified: maven/parent/trunk/pom.xml
===================================================================
--- maven/parent/trunk/pom.xml 2011-10-05 09:59:25 UTC (rev 7660)
+++ maven/parent/trunk/pom.xml 2011-10-05 09:59:29 UTC (rev 7661)
@@ -14,13 +14,13 @@
<groupId>org.gatein</groupId>
<artifactId>gatein-parent</artifactId>
- <version>1.1.0-GA</version>
+ <version>1.1.1-Beta01-SNAPSHOT</version>
<packaging>pom</packaging>
<scm>
- <connection>scm:svn:http://anonsvn.jboss.org/repos/gatein/maven/parent/tags/1.1.0-GA</connection>
- <developerConnection>scm:svn:https://svn.jboss.org/repos/gatein/maven/parent/tags/1.1.0-GA</developerConnection>
- <url>http://fisheye.jboss.org/browse/gatein/maven/parent/tags/1.1.0-GA</url>
+ <connection>scm:svn:http://anonsvn.jboss.org/repos/gatein/maven/parent/trunk</connection>
+ <developerConnection>scm:svn:https://svn.jboss.org/repos/gatein/maven/parent/trunk</developerConnection>
+ <url>http://fisheye.jboss.org/browse/gatein/maven/parent/trunk</url>
</scm>
<properties>
13 years, 3 months
- 1
- 0
gatein SVN: r7660 - maven/parent/tags.
by do-not-reply@jboss.org
Author: bdaw
Date: 2011-10-05 05:59:25 -0400 (Wed, 05 Oct 2011)
New Revision: 7660
Added:
maven/parent/tags/1.1.0-GA/
Log:
[maven-release-plugin] copy for tag 1.1.0-GA
13 years, 3 months
- 1
- 0
gatein SVN: r7659 - maven/parent/trunk.
by do-not-reply@jboss.org
Author: bdaw
Date: 2011-10-05 05:59:13 -0400 (Wed, 05 Oct 2011)
New Revision: 7659
Modified:
maven/parent/trunk/pom.xml
Log:
[maven-release-plugin] prepare release 1.1.0-GA
Modified: maven/parent/trunk/pom.xml
===================================================================
--- maven/parent/trunk/pom.xml 2011-10-05 04:12:18 UTC (rev 7658)
+++ maven/parent/trunk/pom.xml 2011-10-05 09:59:13 UTC (rev 7659)
@@ -14,13 +14,13 @@
<groupId>org.gatein</groupId>
<artifactId>gatein-parent</artifactId>
- <version>1.1.0-Beta03-SNAPSHOT</version>
+ <version>1.1.0-GA</version>
<packaging>pom</packaging>
<scm>
- <connection>scm:svn:http://anonsvn.jboss.org/repos/gatein/maven/parent/trunk</connection>
- <developerConnection>scm:svn:https://svn.jboss.org/repos/gatein/maven/parent/trunk</developerConnection>
- <url>http://fisheye.jboss.org/browse/gatein/maven/parent/trunk</url>
+ <connection>scm:svn:http://anonsvn.jboss.org/repos/gatein/maven/parent/tags/1.1.0-GA</connection>
+ <developerConnection>scm:svn:https://svn.jboss.org/repos/gatein/maven/parent/tags/1.1.0-GA</developerConnection>
+ <url>http://fisheye.jboss.org/browse/gatein/maven/parent/tags/1.1.0-GA</url>
</scm>
<properties>
13 years, 3 months
- 1
- 0
gatein SVN: r7658 - in portal/trunk/docs/reference-guide/en-US/modules: PortalDevelopment and 1 other directory.
by do-not-reply@jboss.org
Author: phuong_vu
Date: 2011-10-05 00:12:18 -0400 (Wed, 05 Oct 2011)
New Revision: 7658
Added:
portal/trunk/docs/reference-guide/en-US/modules/PortalDevelopment/NavigationController.xml
Modified:
portal/trunk/docs/reference-guide/en-US/modules/PortalDevelopment.xml
Log:
GTNPORTAL-2146 Add document for Navigation controller improvement
Added: portal/trunk/docs/reference-guide/en-US/modules/PortalDevelopment/NavigationController.xml
===================================================================
--- portal/trunk/docs/reference-guide/en-US/modules/PortalDevelopment/NavigationController.xml (rev 0)
+++ portal/trunk/docs/reference-guide/en-US/modules/PortalDevelopment/NavigationController.xml 2011-10-05 04:12:18 UTC (rev 7658)
@@ -0,0 +1,750 @@
+<?xml version='1.0' encoding='utf-8' ?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY % BOOK_ENTITIES SYSTEM "../../Reference_Guide.ent">
+%BOOK_ENTITIES;
+]>
+<section id="sect-Reference_Guide-Navigation_Controller">
+ <title>Navigation Controller </title>
+ <section>
+ <title>Description</title>
+ <para>The navigation controller is a major enhancement of GateIn that has several goals</para>
+ <itemizedlist>
+ <listitem>
+ <para>Provide non ambiguous urls for portal managed resources such as navigation. Previously different resources were possible for a single url, even worse, the set of resources available for an url was depending on one's private navigation (groups and dashboard)</para>
+ </listitem>
+ <listitem>
+ <para>Decouple the http request from the portal request. Previously both were tightly coupled, for instance the url for a site had to begin with /public/{sitename} or /private/{sitename} .The navigation controller provides a flexible and configurable mapping.</para>
+ </listitem>
+ <listitem>
+ <para>Provide more friendly url and give a degree of freedom for the portal administrator by letting him configure how http request should look like.</para>
+ </listitem>
+ </itemizedlist>
+ </section>
+ <section>
+ <title>Controller in Action</title>
+ <section>
+ <title>Controller</title>
+ <para>The <code>WebAppController</code> is the component of GateIn that process http invocations and transforms them into a portal request. It has been improved with the addition of a request mapping engine (<emphasis role="bold">controller</emphasis>) whose role is to make the decoupling of the http request and create a portal request. The mapping engine makes two essential tasks</para>
+ <itemizedlist>
+ <listitem>
+ <para>Create a Map<QualifiedName, String> from an incoming http request</para>
+ </listitem>
+ <listitem>
+ <para>Render a Map<QualifiedName, String> as an http URL</para>
+ </listitem>
+ </itemizedlist>
+ <para>The goal of the controller (mapping engine) is to <emphasis role="bold">decouple</emphasis> the request processed by GateIn from the incoming HTTP request. Indeed a request contain data that determine how the request will be processed and such data can be encoded in various places in the request such as the request path or a query parameter. The controller allows GateIn route a request according to a set of parameters (a map) instead of the servlet request.</para>
+ <para>The controller configuration is declarative in an XML file, allowing easy reconfiguration of the routing table and it is processed into an internal data structure that is used to perform resolution (routing or rendering)</para>
+ </section>
+ <section>
+ <title>Building controller</title>
+ <para>The controller configuration that contains the routing rules is loaded from a file named <emphasis role="bold">controller.xml</emphasis> that is retrieved in the GateIn configuration directory. Its location is determined by the <emphasis role="bold">gatein.controller.config</emphasis> property.</para>
+ <para>
+ <emphasis role="bold">WebAppController</emphasis> loads and initializes the mapping engine</para>
+ <programlistingco>
+ <areaspec units="linecolumn"/>
+ <programlisting language="xml"><![CDATA[
+<!-- conf/portal/controller-configuration.xml of portal.war -->
+<component>
+ <type>org.exoplatform.web.WebAppController</type>
+ <init-params>
+ <value-param>
+ <name>controller.config</name>
+ <value>${gatein.portal.controller.config}</value>
+ </value-param>
+ </init-params>
+</component>
+]]></programlisting>
+ </programlistingco>
+ <para>GateIn's extension project can define their own routing table, thanks to the extension mechanism.</para>
+ <para>The controller.xml can be changed and reloaded at runtime, this help the testing of different configurations easily (configuration loading operations) and provide more insight into the routing engine (the findRoutes operation). see <emphasis role="bold">Rebuiding controller</emphasis> for more detail</para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ <emphasis role="bold">ReBuilding controller</emphasis>
+ </para>
+ </listitem>
+ </itemizedlist>
+ <para>The WebAppController is annotated with <code>@Managed</code> annotations and is bound under the <code>view=portal,service=controller</code> JMX name and under the "portalcontroller" REST name.</para>
+ <para>It provides the following attributes and operations</para>
+ <itemizedlist>
+ <listitem>
+ <para>Attribute configurationPath : the read only the configuration path of the controller xml file</para>
+ </listitem>
+ <listitem>
+ <para>Operation loadConfiguration : load a new configuration file from a specified xml path</para>
+ </listitem>
+ <listitem>
+ <para>Operation reloadConfiguration : reload the configuration file</para>
+ </listitem>
+ <listitem>
+ <para>Operation findRoutes : route the request argument through the controller and returns a list of all parameter map resolution. The argument is a request uri such as "/groups/:platform:administrators/administration/registry". It returns a string representation (<code>List<Map></code>) of the matched routes.</para>
+ </listitem>
+ </itemizedlist>
+ </section>
+ <section>
+ <title>Controller Configuration (controller.xml)</title>
+ <para>Most of the controller configuration cares about defining rules (Routing table - contains routes object) that will drive the resolution. Routes are processed during the controller initialization to give a tree of node. Each node</para>
+ <itemizedlist>
+ <listitem>
+ <para>is related to its parent with a matching rule that can either be an <emphasis role="bold">exact string matching</emphasis> or a <emphasis role="bold">regular expression matching</emphasis>
+ </para>
+ </listitem>
+ <listitem>
+ <para>is associated with a set of parameters</para>
+ </listitem>
+ </itemizedlist>
+ <para>A parameter is defined by a qualified name and there are three kind of parameters</para>
+ <section>
+ <title>
+ <emphasis role="bold">Route parameters</emphasis>
+ </title>
+ <para>Route parameters defines a fixed value associate with a qualified name.</para>
+ <itemizedlist>
+ <listitem>
+ <para>Routing: route parameters allow the controller to distinguish branches easily and route the request accordingly.</para>
+ </listitem>
+ <listitem>
+ <para>Rendering: selection occurs when always.</para>
+ </listitem>
+ </itemizedlist>
+ <para>
+ <emphasis role="bold">Example:</emphasis>
+ </para>
+ <programlistingco>
+ <areaspec units="linecolumn"/>
+ <programlisting language="xml"><![CDATA[
+<route path="/foo">
+ <route-param qname="gtn:handler">
+ <value>portal</value>
+ </route-param>
+</route>
+]]></programlisting>
+ </programlistingco>
+ <para>This configuration matches the request path "/foo" to the map (gtn:handler=portal). Conversely it renders the (gtn:handler=portal) map as the "/foo" url. In this example we see two concepts</para>
+ <itemizedlist>
+ <listitem>
+ <para>exact path matching ("/foo")</para>
+ </listitem>
+ <listitem>
+ <para>route parameters ("gtn:handler")</para>
+ </listitem>
+ </itemizedlist>
+ </section>
+ <section>
+ <title>
+ <emphasis role="bold">Path parameters - <emphasis role="italic">Regular expression support</emphasis>
+ </emphasis>
+ </title>
+ <para>Path parameters allow to associate a portion of the request path with a parameter. Such parameter will match any non empty portion of text except the <emphasis role="bold">/</emphasis> character (that is the [^/]+ regular expression) otherwise they can be associated with a regular expression for matching specific patterns. Path parameters are mandatory for matching since they are part of the request path, however it is allowed to write regular expression matching an empty value.</para>
+ <itemizedlist>
+ <listitem>
+ <para>Routing: route is accepted if the regular expression is matched.</para>
+ </listitem>
+ <listitem>
+ <para>Rendering: selection occurs when the regular expression matches the parameter.</para>
+ </listitem>
+ </itemizedlist>
+ <para>
+ <emphasis role="bold">Encoding</emphasis>
+ </para>
+ <para>Path parameters may contain '/' character which is a reserved char for URI path. This case is specially handled by the navigation controller by using a special character to replace '/' literals. By default the character is the semi colon <emphasis role="bold">:</emphasis> and can be changed to other possible values (see controller XML schema for possible values) to give a greater amount of flexibility.</para>
+ <para>This encoding is applied only when the encoding performed for parameter having a mode set to the <code>default-form</code> value, for instance it does not happen for navigation node URI (for which <emphasis role="bold">/</emphasis> are encoded literally). The separator escape char can still be used but under it's percent escaped form, so by default a path parameter value containing <emphasis role="bold">:</emphasis> would be encoded as <code>%3A</code> and conversely the <code>%3A</code> value will be decoded as <emphasis role="bold">:</emphasis>.</para>
+ <para>
+ <emphasis role="bold">Example:</emphasis>
+ </para>
+ <programlistingco>
+ <areaspec units="linecolumn"/>
+ <programlisting language="xml"><![CDATA[
+<route path="/{gtn:path}">
+</route>
+]]></programlisting>
+ </programlistingco>
+ <para>No pattern defined, used the default one [^/]+</para>
+ <programlistingco>
+ <areaspec units="linecolumn"/>
+ <programlisting><![CDATA[
+Routing and Rendering
+Path "/foo" <--> the map (gtn:path=foo)
+
+Path "/foo:bar" <--> the map (gtn:path=foo/bar)
+]]></programlisting>
+ </programlistingco>
+ <para>If the request path contains another "/" char it will not work,default encoding mode is : <emphasis role="bold">default-form</emphasis>. For example:"/foo/bar" --> not matched, return empty parameter map</para>
+ <para>However this could be solved with the following configuration:</para>
+ <programlistingco>
+ <areaspec units="linecolumn"/>
+ <programlisting language="xml"><![CDATA[
+<route path="/{gtn:path}">
+ <path-param encoding="preserve-path" qname="gtn:path">
+ <pattern>.*</pattern>
+ </path-param>
+</route>
+]]></programlisting>
+ </programlistingco>
+ <orderedlist>
+ <listitem>
+ <para>The .* declaration allows to match any char sequence.</para>
+ </listitem>
+ <listitem>
+ <para>The <emphasis role="italic">preserve-path</emphasis> <emphasis role="bold">encoding</emphasis> tells the engine that the "/" chars should be handled by the path parameter itself as they have a special meaning for the router. Without this special encoding, "/" would be rendered as the ":<emphasis role="italic">" character and conversely the ":</emphasis>" character would be matched as the "/" character.</para>
+ </listitem>
+ </orderedlist>
+ </section>
+ <section>
+ <title>Request parameters</title>
+ <para>Request parameters are matched from the request parameters (GET or POST). The match can be optional as their representation in the request allows it.</para>
+ <itemizedlist>
+ <listitem>
+ <para>Routing</para>
+ <itemizedlist>
+ <listitem>
+ <para>route is accepted when a required parameter is present and matched in the request.</para>
+ </listitem>
+ <listitem>
+ <para>route is accepted when an optional parameter is absent or matched in the request.</para>
+ </listitem>
+ </itemizedlist>
+ </listitem>
+ <listitem>
+ <para>Rendering:</para>
+ <itemizedlist>
+ <listitem>
+ <para>selection occurs for required parameters when is the parameter is present and matched in the map.</para>
+ </listitem>
+ <listitem>
+ <para>selection occurs for optional parameters when is the parameter is absent or matched in the map.</para>
+ </listitem>
+ </itemizedlist>
+ </listitem>
+ </itemizedlist>
+ <para>
+ <emphasis role="bold">Example:</emphasis>
+ </para>
+ <programlistingco>
+ <areaspec units="linecolumn"/>
+ <programlisting language="xml"><![CDATA[
+<route path="/">
+ <request-param name="path" qname="gtn:path"/>
+</route>
+]]></programlisting>
+ </programlistingco>
+ <para>Request parameters are declared by a <code>request-param</code> element and by default will match any value. A request like "/?path=foo" is mapped to the (gtn:path=foo) map. The <code>name</code> attribute of the <code>request-param</code> tag defines the request parameter value. This element accepts more configuration</para>
+ <itemizedlist>
+ <listitem>
+ <para>a <code>value</code> or a <code>pattern</code> element a child element to match a constant or a pattern</para>
+ </listitem>
+ <listitem>
+ <para>a <code>control-mode</code> attribute with the value <code>optional</code> or <code>required</code> to indicate if matching is mandatory or not</para>
+ </listitem>
+ <listitem>
+ <para>a <code>value-mapping</code> attribute with the possible values <code>canonical</code>, <code>never-empty</code>, <code>never-null</code> can be used to filter filter values after matching is done. For instance a parameter configured with <code>value-mapping="never-empty"</code> and matching the empty string value will not put the empty string in the map.</para>
+ </listitem>
+ </itemizedlist>
+ </section>
+ <section>
+ <title>Route precedence</title>
+ <para>The order of route declaration is important as it influence how rules are matched. Sometimes the same request could be matched by several routes and the routing table is ambiguous.</para>
+ <programlistingco>
+ <areaspec units="linecolumn"/>
+ <programlisting language="xml"><![CDATA[
+<route path="/foo">
+ <route-param qname="gtn:handler">
+ <value>portal</value>
+ </route-param>
+</route>
+<route path="/{gtn:path}">
+ <path-param encoding="preserve-path" qname="gtn:path">
+ <pattern>.*</pattern>
+ </path-param>
+</route>
+]]></programlisting>
+ </programlistingco>
+ <para>In that case, the request path "/foo" will always be matched by the first rule before the second rule. This can be misleading since the map (gtn:path=foo) would be rendered as "/foo" as well and would not be matched by the first rule. Such ambiguit can happen, it can be desirable or not.</para>
+ </section>
+ <section>
+ <title>Route nesting</title>
+ <para>Route nesting is possible and often desirable as it helps to</para>
+ <itemizedlist>
+ <listitem>
+ <para>factor common parameters in a common rule</para>
+ </listitem>
+ <listitem>
+ <para>perform more efficient matching as the match of the common rule is done once for all the sub routes</para>
+ </listitem>
+ </itemizedlist>
+ <programlistingco>
+ <areaspec units="linecolumn"/>
+ <programlisting language="xml"><![CDATA[
+<route path="/foo">
+ <route-param qname="gtn:handler">
+ <value>portal</value>
+ </route-param>
+ <route path="/bar">
+ <route-param qname="gtn:path">
+ <value>bar</value>
+ </route-param>
+ </route>
+ <route path="/juu">
+ <route-param qname="gtn:path">
+ <value>juu</value>
+ </route-param>
+ </route>
+</route>
+]]></programlisting>
+ </programlistingco>
+ <itemizedlist>
+ <listitem>
+ <para>The request path "/foo/bar" is mapped to the (gtn:handler=portal,gtn:path=bar) map</para>
+ </listitem>
+ <listitem>
+ <para>The request path "/foo/juu" is mapped to the (gtn:handler=portal,gtn:path=juu) map</para>
+ </listitem>
+ <listitem>
+ <para>The request path "/foo" is not mapped as non leaf routes do not perform matches.</para>
+ </listitem>
+ </itemizedlist>
+ </section>
+ </section>
+ </section>
+ <section>
+ <title>Integrate to GateIn WebUI framework</title>
+ <section>
+ <title>Routing</title>
+ <para>GateIn defines a set of parameters in its routing table, for each client request, the mapping engine processes the request path and return the defined parameters with their values as a Map<QualifiedName, String></para>
+ <para>
+ <emphasis role="bold">gtn:handler</emphasis>
+ </para>
+ <para>The gtn:handler names is one of the most important qualified name as it determines which handler will take care of the request processing just after the controller has determined the parameter map. The handler value is used to make a lookup in the handler map of the controller. An handler is a class that extends the <code>WebRequestHandler</code> class and implements the <code>execute(ControllerContext)</code> method. Several handlers are available by default:</para>
+ <itemizedlist>
+ <listitem>
+ <para>portal : process aggregated portal requests</para>
+ </listitem>
+ <listitem>
+ <para>upload / download : process file upload and file download</para>
+ </listitem>
+ <listitem>
+ <para>legacy : handle legacy URL redirection (see <emphasis role="bold">Legacy handler</emphasis> section)</para>
+ </listitem>
+ <listitem>
+ <para>default : http redirection to the default portal of the container</para>
+ </listitem>
+ <listitem>
+ <para>staticResource: serve static resources like image, css or javascript... files in portal.war (see <emphasis role="bold">Static Resource Handler</emphasis> section)</para>
+ </listitem>
+ </itemizedlist>
+ <para>
+ <emphasis role="bold">gtn:sitetype / gtn:sitename / gtn:path</emphasis>
+ </para>
+ <para>Those qualified names drives a request for the portal handler. They are used to determine which site to show and which path to resolve against a navigation. For instance the (gtn:sitetype=portal,gtn:sitename=classic,gtn:path=home) instruct the portal handler to show the home page of the classic portal site.</para>
+ <para>
+ <emphasis role="bold">gtn:lang</emphasis>
+ </para>
+ <para>The language in the url for the portal handler. This is a new feature offered, now language can be specified on URL. that mean user can bookmark that URL (with the information about language) or he can changed language simply by modifying the URL address</para>
+ <para>
+ <emphasis role="bold">gtn:componentid / gtn:action / gtn:objectid</emphasis>
+ </para>
+ <para>The webui parameters used by the portal handler for managing webui component URLs for portal applications (and not for portlet applications).</para>
+ </section>
+ <section>
+ <title>Rendering</title>
+ <para>The <emphasis role="bold">controller</emphasis> is designed to render a Map<QualifiedName, String> as an http URL according to its routing table. But to integrate it for using easily in WebUI Framework of GateIn, we need some more components</para>
+ <section>
+ <title>
+ <emphasis role="bold">PortalURL</emphasis>
+ </title>
+ <para>
+ <code>PortalURL</code> play a similar role at the portal level, its main role is to abstract the creation of an URL for a resource managed by the portal.</para>
+ <programlistingco>
+ <areaspec units="linecolumn"/>
+ <programlisting language="java"><![CDATA[
+public abstract class PortalURL<R, U extends PortalURL<U>>
+{
+ ...
+}
+]]></programlisting>
+ </programlistingco>
+ <para>The <code>PortalURL</code> declaration may seem a bit strange at first sight with two generic types <code>U</code> and <code>R</code> and the circular recursion of the <code>U</code> generic parameter, but it's because most of the time you will not use the <code>PortalURL</code> object but instead subclasses.</para>
+ <itemizedlist>
+ <listitem>
+ <para>The <code>R</code> generic type represents the type of the resource managed by the portal</para>
+ </listitem>
+ <listitem>
+ <para>The <code>U</code> generic type is also described as <emphasis role="bold">self bound generic type</emphasis>. This design pattern allows a class to return subtypes of itself in the class declaring the generic type. Java Enums are based on this principle (<code>class Enum<E extends Enum<E>></code>)</para>
+ </listitem>
+ </itemizedlist>
+ <para>A portal URL has various methods but certainly the most important method is the <code>toString()</code> method that generates an URL representing that will target the resource associated with the url. The remaining methods are getter and setter for mutating the url configuration, those options will affect the URL representation when it is generated.</para>
+ <itemizedlist>
+ <listitem>
+ <para>resource : the mandatory resource associated with the url</para>
+ </listitem>
+ <listitem>
+ <para>locale : the optional locale used in the URL allowing the creation of bookmarkable URL containing a language</para>
+ </listitem>
+ <listitem>
+ <para>confirm : the optional confirm message displayed by the portal in the context of the portal UI</para>
+ </listitem>
+ <listitem>
+ <para>ajax : the optional ajax option allowing an ajax invocation of the URL</para>
+ </listitem>
+ </itemizedlist>
+ <para>
+ <emphasis role="bold">Obtaining a PortalURL</emphasis>
+ </para>
+ <para>
+ <code>PortalURL</code> objects are obtained from <code>RequestContext</code> instance such as the <code>PortalRequestContext</code> or the PortletRequestContext. Usually those are obtained thanks to <code>getCurrentInstance</code> method of the <code>RequestContext</code> class:</para>
+ <programlistingco>
+ <areaspec units="linecolumn"/>
+ <programlisting language="java"><![CDATA[
+RequestContext ctx = RequestContext.getCurrentInstance();
+]]></programlisting>
+ </programlistingco>
+ <para>
+ <code>PortalURL</code> are created via to the <code>createURL</code> method that takes as input a resource type. A resource type is usually a constant and is a type safe object that allow to retrieve <code>PortalURL</code> subclasses:</para>
+ <programlistingco>
+ <areaspec units="linecolumn"/>
+ <programlisting language="java"><![CDATA[
+RequestContext ctx = RequestContext.getCurrentInstance();
+PortalURL<R, U> url = ctx.createURL(type);
+]]></programlisting>
+ </programlistingco>
+ <para>In reality you will use a concrete type constant and have instead more concrete code like:</para>
+ <programlistingco>
+ <areaspec units="linecolumn"/>
+ <programlisting language="java"><![CDATA[
+RequestContext ctx = RequestContext.getCurrentInstance();
+NodeURL url = ctx.createURL(NodeURL.TYPE);
+]]></programlisting>
+ </programlistingco>
+ <note>
+ <para>The <code>NodeURL.TYPE</code> is actually declared as <code>new ResourceType<NavigationResource, NodeURL>()</code> that can be described as a <emphasis role="bold">type literal</emphasis> object emulated by a Java anonymous inner class. Such literal were introduced by Neil Gafter as Super Type Token and popularized by Google Guice as Type Literal. It's an interesting way to create a literal representing a kind of Java type.</para>
+ </note>
+ </section>
+ <section>
+ <title>
+ <emphasis role="bold">Node URL</emphasis>
+ </title>
+ <para>The class <code>NodeURL</code> is one of the subclass of <code>PortalURL</code> that is specialized for navigation node resources:</para>
+ <programlistingco>
+ <areaspec units="linecolumn"/>
+ <programlisting language="java"><![CDATA[
+public class NodeURL extends PortalURL<NavigationResource, NodeURL>
+{
+ ...
+}
+]]></programlisting>
+ </programlistingco>
+ <para>The good news is that the NodeURL does not carry any generic type of its super class, which means that a NodeURL is type safe and one does not have to worry about generic types.</para>
+ <para>Using a NodeURL is pretty straightforward:</para>
+ <programlistingco>
+ <areaspec units="linecolumn"/>
+ <programlisting language="java"><![CDATA[
+NodeURL url = RequestContext.getCurrentInstance().createURL(NodeURL.TYPE);
+url.setResource(new NavigationResource("portal", "classic, "home"));
+String s = url.toString();
+]]></programlisting>
+ </programlistingco>
+ <para>The <code>NodeURL</code> subclass contains specialized setter to make its usage even easier:</para>
+ <programlistingco>
+ <areaspec units="linecolumn"/>
+ <programlisting language="java"><![CDATA[
+UserNode node = ...;
+NodeURL url = RequestContext.getCurrentInstance().createURL(NodeURL.TYPE);
+url.setNode(node);
+String s = url.toString();
+]]></programlisting>
+ </programlistingco>
+ </section>
+ <section>
+ <title>
+ <emphasis role="bold">Component URL</emphasis>
+ </title>
+ <para>The <code>ComponentURL</code> subclass is another specialization of <code>PortalURL</code> that allows the creation of WebUI components URLs. <code>ComponentURL</code> is commonly used to trigger WebUI events from client side:</para>
+ <programlistingco>
+ <areaspec units="linecolumn"/>
+ <programlisting><![CDATA[
+<% def componentURL = uicomponent.event(...); /*or uicomponent.url(...) */ %>
+ <a href=$componentURL>Click me</a>
+]]></programlisting>
+ </programlistingco>
+ <para>Normally you should not have to deal with it as the WebUI framework has already an abstraction for managing URL known as <code>URLBuilder</code>. The <code>URLBuilder</code> implementation delegates URL creation to <code>ComponentURL</code> objects.</para>
+ </section>
+ <section>
+ <title>Portlet URLs</title>
+ <para>Portlet URLs API implementation delegates to the portal <code>ComponentURL</code> (via the portlet container SPI). It is possible to control the language in the URL from a <code>PortletURL</code> object by setting a property named <code>gtn:lang</code>:</para>
+ <itemizedlist>
+ <listitem>
+ <para>when the property value is set to a value returned by <code>Locale#toString()</code> method for locale objects having a non null language value and a null variant value, the url generated by the <code>PortletURL#toString()</code> method will contain the locale in the url.</para>
+ </listitem>
+ <listitem>
+ <para>when the property value is set to an empty string, the generated URL will not contain a language. If the incoming URL was carrying a language, this language will be erased.</para>
+ </listitem>
+ <listitem>
+ <para>when the property value is not set, it will not affect the generated URL.</para>
+ </listitem>
+ </itemizedlist>
+ <programlistingco>
+ <areaspec units="linecolumn"/>
+ <programlisting language="java"><![CDATA[
+PortletURL url = resp.createRenderURL();
+url.setProperty("gtn:lang", "fr");
+writer.print("<a href='" + url + "'>French</a>");
+]]></programlisting>
+ </programlistingco>
+ </section>
+ <section>
+ <title>Webui <code>URLBuilder</code>
+ </title>
+ <para>This internal API for creating URL works as before and delegates to the <code>PortletURL</code> API when the framework is executed in a portlet and to a <code>ComponentURL</code> API when the framework is executed in the portal context. The API has been modified to take in account the language in URL with two properties on the builder:</para>
+ <itemizedlist>
+ <listitem>
+ <para>locale : a locale for setting on the URL</para>
+ </listitem>
+ <listitem>
+ <para>removeLocale : a boolean for removing the locale present on the URL</para>
+ </listitem>
+ </itemizedlist>
+ </section>
+ <section>
+ <title>Groovy Templates</title>
+ <para>Within a Groovy template the mechanism is the same, however a splash of integration has been done to make creation of NodeURL simpler. A closure is bound under the <code>nodeurl</code> name and is available for invocation anytime. It will simply create a NodeURL object and return it:</para>
+ <programlistingco>
+ <areaspec units="linecolumn"/>
+ <programlisting language="java"><![CDATA[
+UserNode node = ...;
+NodeURL url = nodeurl();
+url.setNode(node);
+String s = url.toString();
+]]></programlisting>
+ </programlistingco>
+ <para>The closure <code>nodeurl</code> is bound to Groovy template in <code>WebuiBindingContext</code>
+ </para>
+ <programlistingco>
+ <areaspec units="linecolumn"/>
+ <programlisting language="java"><![CDATA[
+// Closure nodeurl()
+put("nodeurl", new Closure(this)
+{
+ @Override
+ public Object call(Object[] args)
+ {
+ return context.createURL(NodeURL.TYPE);
+ }
+});
+]]></programlisting>
+ </programlistingco>
+ </section>
+ </section>
+ </section>
+ <section>
+ <title>Changes and migration from GateIn 3.1.x</title>
+ <para>The navication controller implies a migration of the client code that is coupled to several internal APIs of GateIn. As far as we know the major impact is related to anything dealing with URL:</para>
+ <itemizedlist>
+ <listitem>
+ <para>Creation of an URL representing a resource managed by the portal: navigation node or ui component.</para>
+ </listitem>
+ <listitem>
+ <para>Using http request related information</para>
+ </listitem>
+ </itemizedlist>
+ <para>There are also changes in the configuration, because there is a change of how things are internally.</para>
+ <section>
+ <title>Migration of navigation node URL</title>
+ <para>
+ <emphasis role="bold">Using free form node</emphasis>
+ </para>
+ <para>Previously code for creating navigation node was like:</para>
+ <programlistingco>
+ <areaspec units="linecolumn"/>
+ <programlisting language="java"><![CDATA[
+String uri = Util.getPortalRequestContext().getPortalURI() + "home";
+]]></programlisting>
+ </programlistingco>
+ <para>The new code will look like</para>
+ <programlistingco>
+ <areaspec units="linecolumn"/>
+ <programlisting language="java"><![CDATA[
+PortalURL nodeURL = nodeurl();
+NavigationResource resource = new NavigationResource(SiteType.PORTAL, pcontext.getPortalOwner(), "home");
+String uri = nodeURL.setResource(resource).toString();
+]]></programlisting>
+ </programlistingco>
+ <para>
+ <emphasis role="bold">Using UserNode object</emphasis>
+ </para>
+ <programlistingco>
+ <areaspec units="linecolumn"/>
+ <programlisting language="java"><![CDATA[
+UserNode node = ...;
+String uri = Util.getPortalRequestContext().getPortalURI() + node.getURI()";
+]]></programlisting>
+ </programlistingco>
+ <para>The new code will look like</para>
+ <programlistingco>
+ <areaspec units="linecolumn"/>
+ <programlisting language="java"><![CDATA[
+UserNode node = ...;
+PortalURL nodeURL = nodeurl();
+String uri = nodeURL.setNode(node).toString();
+]]></programlisting>
+ </programlistingco>
+ </section>
+ <section>
+ <title>Security changes</title>
+ <para>Security configuration change in order to keep with the flexibility added by the navigation controller. In particular the authentication does not depend anymore on path specified in <code>web.xml</code> but instead rely on the security mandated by the underlying resource. Here are the noticeable changes for security</para>
+ <itemizedlist>
+ <listitem>
+ <para>Authentication is now triggered on the /login URL when it does not have a username or a password specified. Therefore the URL <code>/login?initialURI=/classic/home</code> is (more or less) equivalent to <code>/private/classic/home</code>
+ </para>
+ </listitem>
+ <listitem>
+ <para>When a resource cannot be viewed due to security constraint</para>
+ <itemizedlist>
+ <listitem>
+ <para>If the user is not logged, the authentication will be triggered</para>
+ </listitem>
+ <listitem>
+ <para>Otherwise a special page (the usual one) will be displayed instead</para>
+ </listitem>
+ </itemizedlist>
+ </listitem>
+ </itemizedlist>
+ </section>
+ <section>
+ <title>Default handler</title>
+ <para>Redirection to the default portal used to be done by the <code>index.jsp</code> JSP page. This is not the case anymore, the index.jsp has been removed and the welcome file in <code>web.xml</code> was removed too. Instead a specific handler in the routing table has been configured, the sole role of this handler is to redirect the request to default portal when no other request has been matched previously:</para>
+ <programlistingco>
+ <areaspec units="linecolumn"/>
+ <programlisting language="xml"><![CDATA[
+<controller>
+ ...
+ <route path="/">
+ <route-param qname="gtn:handler">
+ <value>default</value>
+ </route-param>
+ </route>
+</controller>
+]]></programlisting>
+ </programlistingco>
+ </section>
+ <section>
+ <title>Legacy handler</title>
+ <para>Legacy urls such as <code>/public/...</code> and <code>/private/...</code> are now emulated to determine the best resource with the same resolution algorithm than before but instead of displaying the page, will make an http 302 redirection to the correct URL. This handler is present in the controller configuration. There is a noticeable difference between the two routes</para>
+ <itemizedlist>
+ <listitem>
+ <para>The public redirection attempt to find a node with the legacy resolution algorithm without authentication, which means that secured nodes will not be resolved and the redirection of a secured node will likely redirect to another page. For instance resolving the URL /public/classic/administration/registry path will likely resolve to another node if the user is not authenticated and is not part of the platform administrator group.</para>
+ </listitem>
+ <listitem>
+ <para>The private redirection performs first an authentication before doing the redirection. In that case the /private/classic/administration/registry path will resolve be redirected to the /portal/groups/:platform:administrators/administration/registry page if the user has the sufficient security rights.</para>
+ </listitem>
+ </itemizedlist>
+ </section>
+ <section>
+ <title>Static resource handler</title>
+ <para>The "/" mapping for "default" servlet is now replaced by mapping for org.exoplatform.portal.application.PortalController servlet, that mean we need a handler (<emphasis role="bold">org.exoplatform.portal.application.StaticResourceRequestHandler</emphasis>) to serve static resources like image, css or javascript... files in portal.war. And it should be configured, and extended easily. Thanks to the controller.xml. This file can be overridden and can be changed and reloaded at runtime (WebAppController is MBean with some operations such as : reloadConfiguration() ...)</para>
+ <para>Declare StaticResourceHandler in controller.xml</para>
+ <programlistingco>
+ <areaspec units="linecolumn"/>
+ <programlisting language="xml"><![CDATA[
+<route path="/{gtn:path}">
+ <route-param qname="gtn:handler">
+ <value>staticResource</value>
+ </route-param>
+ <path-param encoding="preserve-path" qname="gtn:path">
+ <pattern>.*\.(jpg|png|gif|ico|css)</pattern>
+ </path-param>
+</route>
+]]></programlisting>
+ </programlistingco>
+ <para>And we don't need these kind of following mapping in portal.war's web.xml anymore :</para>
+ <programlistingco>
+ <areaspec units="linecolumn"/>
+ <programlisting language="xml"><![CDATA[
+<servlet-mapping>
+ <servlet-name>default</servlet-name>
+ <url-pattern>*.jpg</url-pattern>
+</servlet-mapping>
+...
+]]></programlisting>
+ </programlistingco>
+ </section>
+ <section>
+ <title>portal.war's web.xml changes</title>
+ <para>DoLoginServlet declaration</para>
+ <programlistingco>
+ <areaspec units="linecolumn"/>
+ <programlisting language="xml"><![CDATA[
+<servlet>
+ <servlet-name>DoLoginServlet</servlet-name>
+ <servlet-class>org.exoplatform.web.login.DoLoginServlet</servlet-class>
+</servlet>
+<servlet-mapping>
+ <servlet-name>DoLoginServlet</servlet-name>
+ <url-pattern>/dologin</url-pattern>
+</servlet-mapping>
+]]></programlisting>
+ </programlistingco>
+ <para>Delare <emphasis role="bold">portal servlet</emphasis> as default servlet</para>
+ <programlistingco>
+ <areaspec units="linecolumn"/>
+ <programlisting language="xml"><![CDATA[
+<servlet-mapping>
+ <servlet-name>portal</servlet-name>
+ <url-pattern>/</url-pattern>
+</servlet-mapping>
+]]></programlisting>
+ </programlistingco>
+ <para>So there are some mapping declaration for portal servlet are unused, we should also remove them: <emphasis role="bold">
+ <emphasis role="italic">/private/* /public/* /admin/* /upload/* /download/*</emphasis>
+ </emphasis>
+ </para>
+ <para>Add some security constraints</para>
+ <programlistingco>
+ <areaspec units="linecolumn"/>
+ <programlisting language="xml"><![CDATA[
+<security-constraint>
+ <web-resource-collection>
+ <web-resource-name>user authentication</web-resource-name>
+ <url-pattern>/dologin</url-pattern>
+ <url-pattern>/groups/*</url-pattern>
+ <url-pattern>/users/*</url-pattern>
+...
+ </web-resource-collection>
+</security-constraint>
+]]></programlisting>
+ </programlistingco>
+ <para>We can remove the index.jsp, and its declaration in web.xml now, thank to the Default request handler</para>
+ <programlistingco>
+ <areaspec units="linecolumn"/>
+ <programlisting language="xml"><![CDATA[
+<welcome-file-list>
+ <welcome-file>/index.jsp</welcome-file>
+</welcome-file-list>
+]]></programlisting>
+ </programlistingco>
+ </section>
+ <section>
+ <title>Dashboard changes</title>
+ <para>There are several important changes to take in account</para>
+ <itemizedlist>
+ <listitem>
+ <para>dashboard are now bound to a single URL (/users/root by default) and dashboard pages are leaf of this path</para>
+ </listitem>
+ <listitem>
+ <para>dashboard life cycle can be decoupled (create / destroy) from the identity creation in a configurable manner in <code>UserPortalConfigService</code> and exposed in configuration.properties under <code>gatein.portal.idm.createuserportal</code> and <code>gatein.portal.idm.destroyuserportal</code>.</para>
+ </listitem>
+ <listitem>
+ <para>by default dashboard are not created when a user is registered</para>
+ </listitem>
+ <listitem>
+ <para>a dashboard is created when the user access his dashboard URL</para>
+ </listitem>
+ </itemizedlist>
+ </section>
+ <section>
+ <title>Remove unused files</title>
+ <para>1/ portal-unavailable.jsp: this file was presented before if user goes to a non-available portal. Now the server sends a 404 status code instead.</para>
+ <para>2/ portal-warning.jsp: this file is not used in any place</para>
+ </section>
+ </section>
+</section>
Modified: portal/trunk/docs/reference-guide/en-US/modules/PortalDevelopment.xml
===================================================================
--- portal/trunk/docs/reference-guide/en-US/modules/PortalDevelopment.xml 2011-10-05 03:43:29 UTC (rev 7657)
+++ portal/trunk/docs/reference-guide/en-US/modules/PortalDevelopment.xml 2011-10-05 04:12:18 UTC (rev 7658)
@@ -18,5 +18,6 @@
<xi:include href="PortalDevelopment/UploadComponent.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="PortalDevelopment/AjaxLoadingMaskLayerDeactivation.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="PortalDevelopment/JavascriptConfiguration.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="PortalDevelopment/NavigationController.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
</chapter>
13 years, 3 months
- 1
- 0
gatein SVN: r7657 - portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/uiconf/portal/webui/container.
by do-not-reply@jboss.org
Author: phuong_vu
Date: 2011-10-04 23:43:29 -0400 (Tue, 04 Oct 2011)
New Revision: 7657
Modified:
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/uiconf/portal/webui/container/ContainerConfigOption.groovy
Log:
GTNPORTAL-2143 Wrong configuration for Mixed Layout container
Modified: portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/uiconf/portal/webui/container/ContainerConfigOption.groovy
===================================================================
--- portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/uiconf/portal/webui/container/ContainerConfigOption.groovy 2011-10-04 22:55:28 UTC (rev 7656)
+++ portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/uiconf/portal/webui/container/ContainerConfigOption.groovy 2011-10-05 03:43:29 UTC (rev 7657)
@@ -112,37 +112,38 @@
"ThreeTabContainerLayout")) ;
templates.add(tabs);
- SelectItemCategory mixed = new SelectItemCategory("mix") ;
- mixed.addSelectItemOption(new SelectItemOption("twoColumnsOneRow",
- "<container template=\"system:/groovy/portal/webui/container/UIContainer.gtmpl\">" +
- " <container template=\"system:/groovy/portal/webui/container/UITableColumnContainer.gtmpl\">" +
- " <container template=\"system:/groovy/portal/webui/container/UIContainer.gtmpl\"></container>" +
- " <container template=\"system:/groovy/portal/webui/container/UIContainer.gtmpl\"></container>" +
- " </container>" +
- " <container template=\"system:/groovy/portal/webui/container/UIContainer.gtmpl\"></container>" +
- "</container>",
- "TwoColumnOneRowContainerLayout")) ;
- mixed.addSelectItemOption(new SelectItemOption("oneRowTwoColumns",
- "<container template=\"system:/groovy/portal/webui/container/UIContainer.gtmpl\">" +
- " <container template=\"system:/groovy/portal/webui/container/UIContainer.gtmpl\"></container>" +
- " <container template=\"system:/groovy/portal/webui/container/UITableColumnContainer.gtmpl\">" +
+ SelectItemCategory mixed = new SelectItemCategory("mix") ;
+ mixed.addSelectItemOption(new SelectItemOption("twoColumnsOneRow",
+ "<container template=\"system:/groovy/portal/webui/container/UIContainer.gtmpl\">" +
+ " <container template=\"system:/groovy/portal/webui/container/UITableColumnContainer.gtmpl\">" +
" <factory-id>TableColumnContainer</factory-id>" +
- " <container template=\"system:/groovy/portal/webui/container/UIContainer.gtmpl\"></container>" +
- " <container template=\"system:/groovy/portal/webui/container/UIContainer.gtmpl\"></container>" +
- " </container>" +
- "</container>",
- "OneRowTwoColumnContainerLayout")) ;
- mixed.addSelectItemOption(new SelectItemOption("oneRow2Column1Row",
- "<container template=\"system:/groovy/portal/webui/container/UIContainer.gtmpl\">" +
- " <container template=\"system:/groovy/portal/webui/container/UIContainer.gtmpl\"></container>" +
- " <container template=\"system:/groovy/portal/webui/container/UITableColumnContainer.gtmpl\">" +
+ " <container template=\"system:/groovy/portal/webui/container/UIColumnContainer.gtmpl\"><factory-id>ColumnContainer</factory-id></container>" +
+ " <container template=\"system:/groovy/portal/webui/container/UIColumnContainer.gtmpl\"><factory-id>ColumnContainer</factory-id></container>" +
+ " </container>" +
+ " <container template=\"system:/groovy/portal/webui/container/UIContainer.gtmpl\"></container>" +
+ "</container>",
+ "TwoColumnOneRowContainerLayout")) ;
+ mixed.addSelectItemOption(new SelectItemOption("oneRowTwoColumns",
+ "<container template=\"system:/groovy/portal/webui/container/UIContainer.gtmpl\">" +
+ " <container template=\"system:/groovy/portal/webui/container/UIContainer.gtmpl\"></container>" +
+ " <container template=\"system:/groovy/portal/webui/container/UITableColumnContainer.gtmpl\">" +
" <factory-id>TableColumnContainer</factory-id>" +
- " <container template=\"system:/groovy/portal/webui/container/UIContainer.gtmpl\"></container>" +
- " <container template=\"system:/groovy/portal/webui/container/UIContainer.gtmpl\"></container>" +
- " </container>" +
- " <container template=\"system:/groovy/portal/webui/container/UIContainer.gtmpl\"></container>" +
- "</container>",
- "OneRow2Column1RowContainerLayout")) ;
+ " <container template=\"system:/groovy/portal/webui/container/UIColumnContainer.gtmpl\"><factory-id>ColumnContainer</factory-id></container>" +
+ " <container template=\"system:/groovy/portal/webui/container/UIColumnContainer.gtmpl\"><factory-id>ColumnContainer</factory-id></container>" +
+ " </container>" +
+ "</container>",
+ "OneRowTwoColumnContainerLayout")) ;
+ mixed.addSelectItemOption(new SelectItemOption("oneRow2Column1Row",
+ "<container template=\"system:/groovy/portal/webui/container/UIContainer.gtmpl\">" +
+ " <container template=\"system:/groovy/portal/webui/container/UIContainer.gtmpl\"></container>" +
+ " <container template=\"system:/groovy/portal/webui/container/UITableColumnContainer.gtmpl\">" +
+ " <factory-id>TableColumnContainer</factory-id>" +
+ " <container template=\"system:/groovy/portal/webui/container/UIColumnContainer.gtmpl\"><factory-id>ColumnContainer</factory-id></container>" +
+ " <container template=\"system:/groovy/portal/webui/container/UIColumnContainer.gtmpl\"><factory-id>ColumnContainer</factory-id></container>" +
+ " </container>" +
+ " <container template=\"system:/groovy/portal/webui/container/UIContainer.gtmpl\"></container>" +
+ "</container>",
+ "OneRow2Column1RowContainerLayout")) ;
templates.add(mixed);
return templates;
\ No newline at end of file
13 years, 3 months
- 1
- 0
gatein SVN: r7656 - portal/trunk/docs/reference-guide/en-US/modules/AuthenticationAndIdentity.
by do-not-reply@jboss.org
Author: smumford
Date: 2011-10-04 18:55:28 -0400 (Tue, 04 Oct 2011)
New Revision: 7656
Modified:
portal/trunk/docs/reference-guide/en-US/modules/AuthenticationAndIdentity/SSO.xml
Log:
GTNPORTAL-2130: Corrected SPNEGO web.xml sample
Modified: portal/trunk/docs/reference-guide/en-US/modules/AuthenticationAndIdentity/SSO.xml
===================================================================
--- portal/trunk/docs/reference-guide/en-US/modules/AuthenticationAndIdentity/SSO.xml 2011-10-04 18:57:00 UTC (rev 7655)
+++ portal/trunk/docs/reference-guide/en-US/modules/AuthenticationAndIdentity/SSO.xml 2011-10-04 22:55:28 UTC (rev 7656)
@@ -4,85 +4,85 @@
%BOOK_ENTITIES;
]>
<section id="chap-Reference_Guide-SSO_Single_Sign_On">
- <title>Single-Sign-On (SSO)</title>
- <section id="sect-Reference_Guide-Single_Sign_On-Overview">
- <title>Overview</title>
- <para>
- &PRODUCT; provides some form of Single Sign On (<literal>SSO</literal>) as an integration and aggregation platform.
- </para>
- <para>
- When logging into the portal users gain access to many systems through portlets using a single identity. In many cases, however, the portal infrastructure must be integrated with other SSO enabled systems. There are many different Identity Management solutions available. In most cases each SSO framework provides a unique way to plug into a Java EE application.
- </para>
- <section id="sect-Reference_Guide-Overview_of_SSO-Prerequisite">
- <title>Prerequisites</title>
- <para>
- In this tutorial, the SSO server is installed in a Tomcat installation. Tomcat can be obtained from <ulink type="http" url="http://tomcat.apache.org">http://tomcat.apache.org</ulink>.
- </para>
- <para>
- All the packages required for setup can be found in a zip file located at: <ulink type="http" url="https://repository.jboss.org/nexus/content/groups/public/org/gatein/sso/s...">https://repository.jboss.org/nexus/content/groups/public/org/gatein/sso/s...</ulink>. In this document we will call $GATEIN_SSO_HOME the directory where the file is extracted.
- </para>
- <para>
- Users are advised to not run any portal extensions that could override the data when manipulating the <filename>gatein.ear</filename> file directly.
- </para>
- <para>
- Remove <literal>$JBOSS_HOME/server/default/deploy/gatein-sample-extension.ear</literal> and <literal>$JBOSS_HOME/server/default/deploy/gatein-sample-portal.ear</literal> which are packaged by default with &PRODUCT;.
- </para>
- </section>
+ <title>Single-Sign-On (SSO)</title>
+ <section id="sect-Reference_Guide-Single_Sign_On-Overview">
+ <title>Overview</title>
+ <para>
+ &PRODUCT; provides some form of Single Sign On (<literal>SSO</literal>) as an integration and aggregation platform.
+ </para>
+ <para>
+ When logging into the portal users gain access to many systems through portlets using a single identity. In many cases, however, the portal infrastructure must be integrated with other SSO enabled systems. There are many different Identity Management solutions available. In most cases each SSO framework provides a unique way to plug into a Java EE application.
+ </para>
+ <section id="sect-Reference_Guide-Overview_of_SSO-Prerequisite">
+ <title>Prerequisites</title>
+ <para>
+ In this tutorial, the SSO server is installed in a Tomcat installation. Tomcat can be obtained from <ulink type="http" url="http://tomcat.apache.org">http://tomcat.apache.org</ulink>.
+ </para>
+ <para>
+ All the packages required for setup can be found in a zip file located at: <ulink type="http" url="https://repository.jboss.org/nexus/content/groups/public/org/gatein/sso/s...">https://repository.jboss.org/nexus/content/groups/public/org/gatein/sso/s...</ulink>. In this document we will call $GATEIN_SSO_HOME the directory where the file is extracted.
+ </para>
+ <para>
+ Users are advised to not run any portal extensions that could override the data when manipulating the <filename>gatein.ear</filename> file directly.
+ </para>
+ <para>
+ Remove <literal>$JBOSS_HOME/server/default/deploy/gatein-sample-extension.ear</literal> and <literal>$JBOSS_HOME/server/default/deploy/gatein-sample-portal.ear</literal> which are packaged by default with &PRODUCT;.
+ </para>
+ </section>
- </section>
-
- <section id="sect-Reference_Guide-Single_Sign_On-CAS_Central_Authentication_Service">
- <title>Central Authentication Service (CAS)</title>
- <para>
- This Single Sign On plugin enables seamless integration between &PRODUCT; and the CAS Single Sign On Framework. Details about CAS can be found <ulink url="http://www.ja-sig.org/products/cas/">here</ulink>.
- </para>
- <para>
- The integration consists of two parts; the first part consists of installing or configuring a CAS server, the second part consists of setting up the portal to use the CAS server.
- </para>
- <section id="sect-Reference_Guide-CAS_Central_Authentication_Service-CAS_server">
- <title>CAS server</title>
- <para>
- First, set up the server to authenticate against the portal login module. In this example the CAS server will be installed on Tomcat.
- </para>
- <section id="sect-Reference_Guide-CAS_server-Obtaining_CAS">
- <title>Obtaining CAS</title>
- <para>
- CAS can be downloaded from <ulink type="http" url="http://www.jasig.org/cas/download">http://www.jasig.org/cas/download</ulink>.
- </para>
- <para>
- Extract the downloaded file into a suitable location. This location will be referred to as <literal>$CAS_HOME</literal> in the following example.
- </para>
- </section>
-
- <section id="sect-Reference_Guide-CAS_server-Modifying_CAS_server">
- <title>Modifying the CAS server</title>
- <para>
- To configure the web archive as desired, the simplest way is to make the necessary changes directly in CAS codebase.
- </para>
+ </section>
+
+ <section id="sect-Reference_Guide-Single_Sign_On-CAS_Central_Authentication_Service">
+ <title>Central Authentication Service (CAS)</title>
+ <para>
+ This Single Sign On plugin enables seamless integration between &PRODUCT; and the CAS Single Sign On Framework. Details about CAS can be found <ulink url="http://www.ja-sig.org/products/cas/">here</ulink>.
+ </para>
+ <para>
+ The integration consists of two parts; the first part consists of installing or configuring a CAS server, the second part consists of setting up the portal to use the CAS server.
+ </para>
+ <section id="sect-Reference_Guide-CAS_Central_Authentication_Service-CAS_server">
+ <title>CAS server</title>
+ <para>
+ First, set up the server to authenticate against the portal login module. In this example the CAS server will be installed on Tomcat.
+ </para>
+ <section id="sect-Reference_Guide-CAS_server-Obtaining_CAS">
+ <title>Obtaining CAS</title>
+ <para>
+ CAS can be downloaded from <ulink type="http" url="http://www.jasig.org/cas/download">http://www.jasig.org/cas/download</ulink>.
+ </para>
+ <para>
+ Extract the downloaded file into a suitable location. This location will be referred to as <literal>$CAS_HOME</literal> in the following example.
+ </para>
+ </section>
+
+ <section id="sect-Reference_Guide-CAS_server-Modifying_CAS_server">
+ <title>Modifying the CAS server</title>
+ <para>
+ To configure the web archive as desired, the simplest way is to make the necessary changes directly in CAS codebase.
+ </para>
<note>
<para>
To complete these instructions, and perform the final build step, you will need the Apache Maven 2.
You can get it <ulink type="http" url="http://maven.apache.org/download.html">here</ulink>.
</para>
</note>
- <para>
- First, we need to change the default authentication handler with the one provided by &PRODUCT;.
- </para>
- <para>
- The CAS Server Plugin makes secure authentication callbacks to a RESTful service installed on the remote GateIn server in order to authenticate a user.
- </para>
- <para>
- In order for the plugin to function correctly, it needs to be properly configured to connect to this service. This configuration is done via the <filename>cas.war/WEB-INF/deployerConfigContext.xml </filename> file.
- </para>
- <procedure>
- <step>
- <para>
- Open <filename>CAS_HOME/cas-server-webapp/src/main/webapp/WEB-INF/deployerConfigContext.xml</filename>
- </para>
- </step>
- <step>
- <para>
- Replace:
+ <para>
+ First, we need to change the default authentication handler with the one provided by &PRODUCT;.
+ </para>
+ <para>
+ The CAS Server Plugin makes secure authentication callbacks to a RESTful service installed on the remote GateIn server in order to authenticate a user.
+ </para>
+ <para>
+ In order for the plugin to function correctly, it needs to be properly configured to connect to this service. This configuration is done via the <filename>cas.war/WEB-INF/deployerConfigContext.xml </filename> file.
+ </para>
+ <procedure>
+ <step>
+ <para>
+ Open <filename>CAS_HOME/cas-server-webapp/src/main/webapp/WEB-INF/deployerConfigContext.xml</filename>
+ </para>
+ </step>
+ <step>
+ <para>
+ Replace:
<programlisting> <!--
| Whereas CredentialsToPrincipalResolvers identify who it is some Credentials might authenticate,
| AuthenticationHandlers actually authenticate credentials. Here e declare the AuthenticationHandlers that
@@ -109,13 +109,13 @@
</list>
</property>
</programlisting>
- </para>
- </step>
- <step>
- <para>
- With the following (Make sure to set the host, port and context with the values corresponding to your portal). Also available in <filename>GATEIN_SSO_HOME/cas/plugin/WEB-INF/deployerConfigContext.xml</filename>.
- </para>
- <para>
+ </para>
+ </step>
+ <step>
+ <para>
+ With the following (Make sure to set the host, port and context with the values corresponding to your portal). Also available in <filename>GATEIN_SSO_HOME/cas/plugin/WEB-INF/deployerConfigContext.xml</filename>.
+ </para>
+ <para>
<programlisting><!--
| Whereas CredentialsToPrincipalResolvers identify who it is some Credentials might authenticate,
@@ -151,49 +151,49 @@
</list>
</property>
</programlisting>
- </para>
- </step>
- <step>
- <para>
- Copy <filename>GATEIN_SSO_HOME/cas/plugin/WEB-INF/lib/sso-cas-plugin-<VERSION>.jar</filename> and <filename>GATEIN_SSO_HOME/cas/plugin/WEB-INF/lib/commons-httpclient-<VERSION>.jar</filename> into the <filename>CAS_HOME/cas-server-webapp/src/main/webapp/WEB-INF/lib</filename> created directory.
- </para>
- </step>
- <step>
- <para>
- Get an installation of Tomcat and extract it into a suitable location (which will be called <filename>TOMCAT_HOME</filename> for these instructions).
- </para>
- <para>
- Change the default port to avoid a conflict with the default &PRODUCT; (for testing purposes). Edit <filename>TOMCAT_HOME/conf/server.xml</filename> and replace the 8080 port to 8888.
- <note>
- <para>
- If &PRODUCT; is running on the same machine as Tomcat, other ports need to be changed in addition to 8080 in order to avoid port conflicts.
+ </para>
+ </step>
+ <step>
+ <para>
+ Copy <filename>GATEIN_SSO_HOME/cas/plugin/WEB-INF/lib/sso-cas-plugin-<VERSION>.jar</filename> and <filename>GATEIN_SSO_HOME/cas/plugin/WEB-INF/lib/commons-httpclient-<VERSION>.jar</filename> into the <filename>CAS_HOME/cas-server-webapp/src/main/webapp/WEB-INF/lib</filename> created directory.
+ </para>
+ </step>
+ <step>
+ <para>
+ Get an installation of Tomcat and extract it into a suitable location (which will be called <filename>TOMCAT_HOME</filename> for these instructions).
+ </para>
+ <para>
+ Change the default port to avoid a conflict with the default &PRODUCT; (for testing purposes). Edit <filename>TOMCAT_HOME/conf/server.xml</filename> and replace the 8080 port to 8888.
+ <note>
+ <para>
+ If &PRODUCT; is running on the same machine as Tomcat, other ports need to be changed in addition to 8080 in order to avoid port conflicts.
They can be changed to any free port. For example, you can change admin port from 8005 to 8805, and AJP port from 8009 to 8809.
- </para>
- </note>
- </para>
- </step>
- <step>
- <para>
- Go to <filename>CAS_HOME/cas-server-webapp</filename> and execute the command:
+ </para>
+ </note>
+ </para>
+ </step>
+ <step>
+ <para>
+ Go to <filename>CAS_HOME/cas-server-webapp</filename> and execute the command:
<programlisting>mvn install
</programlisting>
- </para>
- </step>
- <step>
- <para>
- Copy <filename>CAS_HOME/cas-server-webapp/target/cas.war</filename> into <filename>TOMCAT_HOME/webapps</filename>.
- </para>
- <para>
- Tomcat should start and be accessible at <ulink type="http" url="http://localhost:8888/cas">http://localhost:8888/cas</ulink>. Note that at this stage login won't be available.
- </para>
- <mediaobject>
- <imageobject>
- <imagedata fileref="images/AuthenticationAndIdentity/SSO/cas.png" format="PNG" width="444" />
- </imageobject>
- </mediaobject>
- </step>
- </procedure>
- </section>
+ </para>
+ </step>
+ <step>
+ <para>
+ Copy <filename>CAS_HOME/cas-server-webapp/target/cas.war</filename> into <filename>TOMCAT_HOME/webapps</filename>.
+ </para>
+ <para>
+ Tomcat should start and be accessible at <ulink type="http" url="http://localhost:8888/cas">http://localhost:8888/cas</ulink>. Note that at this stage login won't be available.
+ </para>
+ <mediaobject>
+ <imageobject>
+ <imagedata fileref="images/AuthenticationAndIdentity/SSO/cas.png" format="PNG" width="444" />
+ </imageobject>
+ </mediaobject>
+ </step>
+ </procedure>
+ </section>
<note>
<para>
By default on logout the CAS server will display the CAS logout page with a link to return to the portal. To make the CAS server redirect to the portal page after a logout, modify the
@@ -235,50 +235,50 @@
</authentication>
</programlisting>
- </listitem>
- <listitem>
- <para>
- In Tomcat, edit <filename>GATEIN_HOME/conf/jaas.conf</filename> and uncomment this section:
- </para>
+ </listitem>
+ <listitem>
+ <para>
+ In Tomcat, edit <filename>GATEIN_HOME/conf/jaas.conf</filename> and uncomment this section:
+ </para>
<programlisting>org.gatein.sso.agent.login.SSOLoginModule required;
org.exoplatform.services.security.j2ee.TomcatLoginModule required
portalContainerName=portal
realmName=gatein-domain;
</programlisting>
- </listitem>
- </itemizedlist>
- </step>
- <step>
- <para>
- The installation can be tested at this point:
- </para>
- <procedure>
- <step>
- <para>
- Start (or restart) &PRODUCT;, and (assuming the CAS server on Tomcat is running) direct your browser to <ulink type="http" url="http://localhost:8888/cas">http://localhost:8888/cas</ulink>.
- </para>
- </step>
- <step>
- <para>
- Login with the username <literal>root</literal> and the password <literal>gtn</literal> (or any account created through the portal).
- </para>
- </step>
- </procedure>
- </step>
- </procedure>
- </section>
-
- <section id="sect-Reference_Guide-CAS_Central_Authentication_Service-Redirect_to_CAS">
- <title>Redirect to CAS</title>
- <para>
- To utilize the Central Authentication Service, &PRODUCT; needs to redirect all user authentication to the CAS server.
- </para>
- <para>
- Information about where the CAS is hosted must be properly configured within the &PRODUCT; instance. The required configuration is done by modifying three files:
- <itemizedlist>
- <listitem>
- <para>
- In the <filename>gatein.ear/web.war/groovy/groovy/webui/component/UIBannerPortlet.gtml</filename> file modify the 'Sign In' link as follows:
+ </listitem>
+ </itemizedlist>
+ </step>
+ <step>
+ <para>
+ The installation can be tested at this point:
+ </para>
+ <procedure>
+ <step>
+ <para>
+ Start (or restart) &PRODUCT;, and (assuming the CAS server on Tomcat is running) direct your browser to <ulink type="http" url="http://localhost:8888/cas">http://localhost:8888/cas</ulink>.
+ </para>
+ </step>
+ <step>
+ <para>
+ Login with the username <literal>root</literal> and the password <literal>gtn</literal> (or any account created through the portal).
+ </para>
+ </step>
+ </procedure>
+ </step>
+ </procedure>
+ </section>
+
+ <section id="sect-Reference_Guide-CAS_Central_Authentication_Service-Redirect_to_CAS">
+ <title>Redirect to CAS</title>
+ <para>
+ To utilize the Central Authentication Service, &PRODUCT; needs to redirect all user authentication to the CAS server.
+ </para>
+ <para>
+ Information about where the CAS is hosted must be properly configured within the &PRODUCT; instance. The required configuration is done by modifying three files:
+ <itemizedlist>
+ <listitem>
+ <para>
+ In the <filename>gatein.ear/web.war/groovy/groovy/webui/component/UIBannerPortlet.gtml</filename> file modify the 'Sign In' link as follows:
<programlisting>
<![CDATA[
<!--
@@ -287,11 +287,11 @@
<a class="Login" href="/portal/sso"><%=_ctx.appRes("UILoginForm.label.Signin")%></a>
]]>
</programlisting>
- </para>
- </listitem>
- <listitem>
- <para>
- In the <filename>gatein.ear/web.war/groovy/portal/webui/component/UILogoPortlet.gtmpl</filename> file modify the 'Sign In' link as follows:
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ In the <filename>gatein.ear/web.war/groovy/portal/webui/component/UILogoPortlet.gtmpl</filename> file modify the 'Sign In' link as follows:
<programlisting>
<![CDATA[
<!--
@@ -300,12 +300,12 @@
<a href="/portal/sso"><%=_ctx.appRes("UILogoPortlet.action.signin")%></a>
]]>
</programlisting>
- </para>
- </listitem>
- <listitem>
- <para>
- Replace the entire contents of <filename>gatein.ear/02portal.war/login/jsp/login.jsp</filename> with:
- </para>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Replace the entire contents of <filename>gatein.ear/02portal.war/login/jsp/login.jsp</filename> with:
+ </para>
<programlisting><html>
<head>
<script type="text/javascript">
@@ -316,10 +316,10 @@
</body>
</html>
</programlisting>
- </listitem>
- <listitem>
- <para>
- Add the following Filters at the top of the filter chain in <filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename>:
+ </listitem>
+ <listitem>
+ <para>
+ Add the following Filters at the top of the filter chain in <filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename>:
<programlisting>
@@ -398,116 +398,116 @@
</para>
</section>
- </section>
-
- <section id="sect-Reference_Guide-Single_Sign_On-JOSSO">
- <title>JOSSO</title>
- <para>
- This Single Sign On plugin enables seamless integration between &PRODUCT; and the JOSSO Single Sign On Framework. Details about JOSSO can be found <ulink url="http://www.josso.org">here</ulink>.
- </para>
- <para>
- Setting up this integration involves two steps. The first step is to install or configure a JOSSO server, and the second is to set up the portal to use the JOSSO server.
- </para>
- <section id="sect-Reference_Guide-JOSSO-JOSSO_server">
- <title>JOSSO server</title>
- <para>
- This section details setting up the JOSSO server to authenticate against the &PRODUCT; login module.
- </para>
- <para>
- In this example the JOSSO server will be installed on Tomcat.
- </para>
- <section id="sect-Reference_Guide-JOSSO_server-Obtaining_JOSSO">
- <title>Obtaining JOSSO</title>
- <para>
- JOSSO can be downloaded from <ulink type="http" url="http://sourceforge.net/projects/josso/files/">http://sourceforge.net/projects/josso/files/</ulink>. Use the package that embeds Apache Tomcat.
- </para>
- <para>
- Once downloaded, extract the package into what will be called <filename>JOSSO_HOME</filename> in this example.
- </para>
+ </section>
+
+ <section id="sect-Reference_Guide-Single_Sign_On-JOSSO">
+ <title>JOSSO</title>
+ <para>
+ This Single Sign On plugin enables seamless integration between &PRODUCT; and the JOSSO Single Sign On Framework. Details about JOSSO can be found <ulink url="http://www.josso.org">here</ulink>.
+ </para>
+ <para>
+ Setting up this integration involves two steps. The first step is to install or configure a JOSSO server, and the second is to set up the portal to use the JOSSO server.
+ </para>
+ <section id="sect-Reference_Guide-JOSSO-JOSSO_server">
+ <title>JOSSO server</title>
+ <para>
+ This section details setting up the JOSSO server to authenticate against the &PRODUCT; login module.
+ </para>
+ <para>
+ In this example the JOSSO server will be installed on Tomcat.
+ </para>
+ <section id="sect-Reference_Guide-JOSSO_server-Obtaining_JOSSO">
+ <title>Obtaining JOSSO</title>
+ <para>
+ JOSSO can be downloaded from <ulink type="http" url="http://sourceforge.net/projects/josso/files/">http://sourceforge.net/projects/josso/files/</ulink>. Use the package that embeds Apache Tomcat.
+ </para>
+ <para>
+ Once downloaded, extract the package into what will be called <filename>JOSSO_HOME</filename> in this example.
+ </para>
<warning>
<para>The steps described later are only correct in case of JOSSO v.1.8.1.</para>
</warning>
- </section>
-
- <section id="sect-Reference_Guide-JOSSO_server-Modifying_JOSSO_server">
- <title>Modifying the JOSSO server</title>
- <procedure>
- <step>
- <para>
- Copy the files from <filename>GATEIN_SSO_HOME/josso/plugin</filename> into the Tomcat directory (<filename>JOSSO_HOME</filename>).
- </para>
- <para>
- This action should replace or add the following files to the <filename>JOSSO_HOME/webapps/josso/WEB-INF/lib</filename> directory:
- </para>
- <itemizedlist>
- <listitem>
- <para>
- <filename>JOSSO_HOME/lib/josso-gateway-config.xml</filename>
- </para>
- </listitem>
- <listitem>
- <para>
- <filename>JOSSO_HOME/lib/josso-gateway-gatein-stores.xml</filename>
- </para>
- </listitem>
- </itemizedlist>
- <para>
- and
- </para>
- <itemizedlist>
- <listitem>
- <para>
- <filename>JOSSO_HOME/webapps/josso/WEB-INF/classes/gatein.properties</filename>
- </para>
- </listitem>
- </itemizedlist>
- </step>
- <step>
- <para>
- Edit <filename>TOMCAT_HOME/conf/server.xml</filename> and replace the 8080 port to 8888 to change the default Tomcat port and avoid a conflict with the default &PRODUCT; port (for testing purposes).
- <note>
- <title>Port Conflicts</title>
- <para>
+ </section>
+
+ <section id="sect-Reference_Guide-JOSSO_server-Modifying_JOSSO_server">
+ <title>Modifying the JOSSO server</title>
+ <procedure>
+ <step>
+ <para>
+ Copy the files from <filename>GATEIN_SSO_HOME/josso/plugin</filename> into the Tomcat directory (<filename>JOSSO_HOME</filename>).
+ </para>
+ <para>
+ This action should replace or add the following files to the <filename>JOSSO_HOME/webapps/josso/WEB-INF/lib</filename> directory:
+ </para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ <filename>JOSSO_HOME/lib/josso-gateway-config.xml</filename>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <filename>JOSSO_HOME/lib/josso-gateway-gatein-stores.xml</filename>
+ </para>
+ </listitem>
+ </itemizedlist>
+ <para>
+ and
+ </para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ <filename>JOSSO_HOME/webapps/josso/WEB-INF/classes/gatein.properties</filename>
+ </para>
+ </listitem>
+ </itemizedlist>
+ </step>
+ <step>
+ <para>
+ Edit <filename>TOMCAT_HOME/conf/server.xml</filename> and replace the 8080 port to 8888 to change the default Tomcat port and avoid a conflict with the default &PRODUCT; port (for testing purposes).
+ <note>
+ <title>Port Conflicts</title>
+ <para>
If &PRODUCT; is running on the same machine as Tomcat, other ports need to be changed in addition to 8080 in order to avoid port conflicts.
They can be changed to any free port. For example, you can change admin port from 8005 to 8805, and AJP port from 8009 to 8809.
- </para>
- </note>
- </para>
- </step>
- <step>
- <para>
- Tomcat should now start and allow access to <ulink type="http" url="http://localhost:8888/josso/signon/login.do">http://localhost:8888/josso/signon/login.do</ulink> but at this stage login will not be available.
- </para>
- <mediaobject>
- <imageobject>
- <imagedata fileref="images/AuthenticationAndIdentity/SSO/opensso.png" format="PNG" width="444" />
- </imageobject>
- </mediaobject>
- </step>
- </procedure>
- </section>
+ </para>
+ </note>
+ </para>
+ </step>
+ <step>
+ <para>
+ Tomcat should now start and allow access to <ulink type="http" url="http://localhost:8888/josso/signon/login.do">http://localhost:8888/josso/signon/login.do</ulink> but at this stage login will not be available.
+ </para>
+ <mediaobject>
+ <imageobject>
+ <imagedata fileref="images/AuthenticationAndIdentity/SSO/opensso.png" format="PNG" width="444" />
+ </imageobject>
+ </mediaobject>
+ </step>
+ </procedure>
+ </section>
- </section>
-
- <section id="sect-Reference_Guide-JOSSO-Setup_the_JOSSO_client">
- <title>Setup the JOSSO client</title>
- <procedure>
- <step>
- <para>
- Copy the library files from <filename>GATEIN_SSO_HOME/josso/gatein.ear/lib</filename> into <filename>gatein.ear/lib</filename> (or into <filename>GATEIN_HOME/lib</filename> if &PRODUCT; is running in Tomcat)
- </para>
- </step>
+ </section>
+
+ <section id="sect-Reference_Guide-JOSSO-Setup_the_JOSSO_client">
+ <title>Setup the JOSSO client</title>
+ <procedure>
+ <step>
+ <para>
+ Copy the library files from <filename>GATEIN_SSO_HOME/josso/gatein.ear/lib</filename> into <filename>gatein.ear/lib</filename> (or into <filename>GATEIN_HOME/lib</filename> if &PRODUCT; is running in Tomcat)
+ </para>
+ </step>
<step>
<para>
Copy the file <filename>GATEIN_SSO_HOME/josso/gatein.ear/portal.war/WEB-INF/classes/josso-agent-config.xml</filename> into <filename>gatein.ear/02portal.war/WEB-INF/classes</filename> (or into <filename>GATEIN_HOME/webapps/portal.war/WEB-INF/classes</filename>, or <filename>GATEIN_HOME/conf</filename> if &PRODUCT; is running in Tomcat)
</para>
</step>
- <step>
- <itemizedlist>
- <listitem>
- <para>
- In JBoss AS, edit <filename>gatein.ear/META-INF/gatein-jboss-beans.xml</filename> and uncomment this section:
- </para>
+ <step>
+ <itemizedlist>
+ <listitem>
+ <para>
+ In JBoss AS, edit <filename>gatein.ear/META-INF/gatein-jboss-beans.xml</filename> and uncomment this section:
+ </para>
<programlisting><authentication>
<login-module code="org.gatein.sso.agent.login.SSOLoginModule" flag="required">
</login-module>
@@ -517,50 +517,50 @@
</login-module>
</authentication>
</programlisting>
- </listitem>
- <listitem>
- <para>
- In Tomcat, edit <filename>GATEIN_HOME/conf/jaas.conf</filename> and uncomment this section:
- </para>
+ </listitem>
+ <listitem>
+ <para>
+ In Tomcat, edit <filename>GATEIN_HOME/conf/jaas.conf</filename> and uncomment this section:
+ </para>
<programlisting>org.gatein.sso.agent.login.SSOLoginModule required;
-org.exoplatform.services.security.j2ee.TomcatLoginModule requiredtm
+org.exoplatform.services.security.j2ee.TomcatLoginModule requiredtm
portalContainerName=portal
realmName=gatein-domain;
</programlisting>
- </listitem>
- </itemizedlist>
- </step>
- <step>
- <para>
- The installation can be tested at this point.
- </para>
- <procedure>
- <step>
- <para>
- Start (or restart) &PRODUCT;, and (assuming the JOSSO server on Tomcat is running) direct your browser to <ulink type="http" url="http://localhost:8888/josso/signon/login.do">http://localhost:8888/josso/signon/login.do</ulink>.
- </para>
- </step>
- <step>
- <para>
- Login with the username <literal>root</literal> and the password <literal>gtn</literal> or any account created through the portal.
- </para>
- </step>
- </procedure>
- </step>
- </procedure>
- </section>
-
- <section id="sect-Reference_Guide-JOSSO-Setup_the_portal_to_redirect_to_JOSSO">
- <title>Setup the portal to redirect to JOSSO</title>
- <para>
- The next part of the process is to redirect all user authentication to the JOSSO server.
- </para>
- <para>
- Information about where the JOSSO server is hosted must be properly configured within the &PRODUCT; instance. The required configuration is done by modifying four files:
- <itemizedlist>
- <listitem>
- <para>
- In the <filename>gatein.ear/web.war/groovy/groovy/webui/component/UIBannerPortlet.gtml</filename> file modify the 'Sign In' link as follows:
+ </listitem>
+ </itemizedlist>
+ </step>
+ <step>
+ <para>
+ The installation can be tested at this point.
+ </para>
+ <procedure>
+ <step>
+ <para>
+ Start (or restart) &PRODUCT;, and (assuming the JOSSO server on Tomcat is running) direct your browser to <ulink type="http" url="http://localhost:8888/josso/signon/login.do">http://localhost:8888/josso/signon/login.do</ulink>.
+ </para>
+ </step>
+ <step>
+ <para>
+ Login with the username <literal>root</literal> and the password <literal>gtn</literal> or any account created through the portal.
+ </para>
+ </step>
+ </procedure>
+ </step>
+ </procedure>
+ </section>
+
+ <section id="sect-Reference_Guide-JOSSO-Setup_the_portal_to_redirect_to_JOSSO">
+ <title>Setup the portal to redirect to JOSSO</title>
+ <para>
+ The next part of the process is to redirect all user authentication to the JOSSO server.
+ </para>
+ <para>
+ Information about where the JOSSO server is hosted must be properly configured within the &PRODUCT; instance. The required configuration is done by modifying four files:
+ <itemizedlist>
+ <listitem>
+ <para>
+ In the <filename>gatein.ear/web.war/groovy/groovy/webui/component/UIBannerPortlet.gtml</filename> file modify the 'Sign In' link as follows:
<programlisting>
<![CDATA[
<!--
@@ -569,11 +569,11 @@
<a class="Login" href="/portal/sso"><%=_ctx.appRes("UILoginForm.label.Signin")%></a>
]]>
</programlisting>
- </para>
- </listitem>
- <listitem>
- <para>
- In the <filename>gatein.ear/web.war/groovy/portal/webui/component/UILogoPortlet.gtmpl</filename> file modify the 'Sign In' link as follows:
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ In the <filename>gatein.ear/web.war/groovy/portal/webui/component/UILogoPortlet.gtmpl</filename> file modify the 'Sign In' link as follows:
<programlisting>
<![CDATA[
<!--
@@ -582,12 +582,12 @@
<a href="/portal/sso"><%=_ctx.appRes("UILogoPortlet.action.signin")%></a>
]]>
</programlisting>
- </para>
- </listitem>
- <listitem>
- <para>
- Replace the entire contents of <filename>gatein.ear/02portal.war/login/jsp/login.jsp</filename> with:
- </para>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Replace the entire contents of <filename>gatein.ear/02portal.war/login/jsp/login.jsp</filename> with:
+ </para>
<programlisting><html>
<head>
<script type="text/javascript">
@@ -598,10 +598,10 @@
</body>
</html>
</programlisting>
- </listitem>
- <listitem>
- <para>
- Add the following Filters at the top of the filter chain in <filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename>:
+ </listitem>
+ <listitem>
+ <para>
+ Add the following Filters at the top of the filter chain in <filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename>:
<programlisting>
@@ -640,9 +640,9 @@
<!-- filters should be placed at the very top of the filter chain -->
<filter-mapping>
- <filter-name>LoginRedirectFilter</filter-name>
- <url-pattern>/*</url-pattern>
- </filter-mapping>
+ <filter-name>LoginRedirectFilter</filter-name>
+ <url-pattern>/*</url-pattern>
+ </filter-mapping>
<filter-mapping>
<filter-name>JOSSOLogoutFilter</filter-name>
<url-pattern>/*</url-pattern>
@@ -662,68 +662,68 @@
</para>
</section>
- </section>
-
- <section id="sect-Reference_Guide-Single_Sign_On-OpenSSO_The_Open_Web_SSO_project">
- <title>OpenSSO - The Open Web SSO project</title>
- <para>
- This Single Sign On plugin enables seamless integration between &PRODUCT; and the OpenSSO Single Sign On Framework. Details about OpenSSO can be found <ulink url="https://opensso.dev.java.net/">here</ulink>.
- </para>
- <para>
- Setting up this integration involves two steps. The first step is to install or configure an OpenSSO server, and the second is to set up the portal to use the OpenSSO server.
- </para>
- <section id="sect-Reference_Guide-OpenSSO_The_Open_Web_SSO_project-OpenSSO_server">
- <title>OpenSSO server</title>
- <para>
- This section details the setting up of OpenSSO server to authenticate against the &PRODUCT; login module.
- </para>
- <para>
- In this example the OpenSSO server will be installed on Tomcat.
- </para>
- <section id="sect-Reference_Guide-OpenSSO_server-Obtaining_OpenSSO">
- <title>Obtaining OpenSSO</title>
- <para>
- OpenSSO can be downloaded from <ulink type="http" url="http://download.oracle.com/otn/nt/middleware/11g/oracle_opensso_80U2.zip">http://download.oracle.com/otn/nt/middleware/11g/oracle_opensso_80U2.zip</ulink>.
- </para>
- <para>
- Once downloaded, extract the package into a suitable location. This location will be referred to as <filename>OPENSSO_HOME</filename> in this example.
- </para>
- </section>
-
- <section id="sect-Reference_Guide-OpenSSO_server-Modifying_OpenSSO_server">
- <title>Modifying OpenSSO server</title>
- <para>
- To configure the web server as desired, it is simpler to directly modify the sources.
- </para>
- <para>
- The first step is to add the &PRODUCT; Authentication Plugin:
- </para>
- <para>
- The plugin makes secure authentication callbacks to a RESTful service installed on the remote &PRODUCT; server in order to authenticate a user.
- </para>
- <para>
- In order for the plugin to function correctly, it needs to be properly configured to connect to this service. This configuration is done via the <filename>opensso.war/config/auth/default/AuthenticationPlugin.xml</filename> file.
- </para>
- <procedure>
- <step>
- <para>
- Obtain a copy of Tomcat and extract it into a suitable location (this location will be referred to as <filename>TOMCAT_HOME</filename> in this example).
- </para>
- </step>
- <step>
- <para>
- Change the default port to avoid a conflict with the default &PRODUCT; port (for testing purposes). Do this by editing <filename>TOMCAT_HOME/conf/server.xml</filename> and replacing the 8080 port to 8888.
- <note>
- <para>
+ </section>
+
+ <section id="sect-Reference_Guide-Single_Sign_On-OpenSSO_The_Open_Web_SSO_project">
+ <title>OpenSSO - The Open Web SSO project</title>
+ <para>
+ This Single Sign On plugin enables seamless integration between &PRODUCT; and the OpenSSO Single Sign On Framework. Details about OpenSSO can be found <ulink url="https://opensso.dev.java.net/">here</ulink>.
+ </para>
+ <para>
+ Setting up this integration involves two steps. The first step is to install or configure an OpenSSO server, and the second is to set up the portal to use the OpenSSO server.
+ </para>
+ <section id="sect-Reference_Guide-OpenSSO_The_Open_Web_SSO_project-OpenSSO_server">
+ <title>OpenSSO server</title>
+ <para>
+ This section details the setting up of OpenSSO server to authenticate against the &PRODUCT; login module.
+ </para>
+ <para>
+ In this example the OpenSSO server will be installed on Tomcat.
+ </para>
+ <section id="sect-Reference_Guide-OpenSSO_server-Obtaining_OpenSSO">
+ <title>Obtaining OpenSSO</title>
+ <para>
+ OpenSSO can be downloaded from <ulink type="http" url="http://download.oracle.com/otn/nt/middleware/11g/oracle_opensso_80U2.zip">http://download.oracle.com/otn/nt/middleware/11g/oracle_opensso_80U2.zip</ulink>.
+ </para>
+ <para>
+ Once downloaded, extract the package into a suitable location. This location will be referred to as <filename>OPENSSO_HOME</filename> in this example.
+ </para>
+ </section>
+
+ <section id="sect-Reference_Guide-OpenSSO_server-Modifying_OpenSSO_server">
+ <title>Modifying OpenSSO server</title>
+ <para>
+ To configure the web server as desired, it is simpler to directly modify the sources.
+ </para>
+ <para>
+ The first step is to add the &PRODUCT; Authentication Plugin:
+ </para>
+ <para>
+ The plugin makes secure authentication callbacks to a RESTful service installed on the remote &PRODUCT; server in order to authenticate a user.
+ </para>
+ <para>
+ In order for the plugin to function correctly, it needs to be properly configured to connect to this service. This configuration is done via the <filename>opensso.war/config/auth/default/AuthenticationPlugin.xml</filename> file.
+ </para>
+ <procedure>
+ <step>
+ <para>
+ Obtain a copy of Tomcat and extract it into a suitable location (this location will be referred to as <filename>TOMCAT_HOME</filename> in this example).
+ </para>
+ </step>
+ <step>
+ <para>
+ Change the default port to avoid a conflict with the default &PRODUCT; port (for testing purposes). Do this by editing <filename>TOMCAT_HOME/conf/server.xml</filename> and replacing the 8080 port to 8888.
+ <note>
+ <para>
If &PRODUCT; is running on the same machine as Tomcat, other ports need to be changed in addition to 8080 in order to avoid port conflicts.
They can be changed to any free port. For example, you can change admin port from 8005 to 8805, and AJP port from 8009 to 8809.
- </para>
- </note>
- </para>
- </step>
- <step>
- <para>
- Ensure the <filename>TOMCAT_HOME/webapps/opensso/config/auth/default/AuthenticationPlugin.xml</filename> file looks like this:
+ </para>
+ </note>
+ </para>
+ </step>
+ <step>
+ <para>
+ Ensure the <filename>TOMCAT_HOME/webapps/opensso/config/auth/default/AuthenticationPlugin.xml</filename> file looks like this:
<programlisting>
<?xml version='1.0' encoding="UTF-8"?>
@@ -735,40 +735,40 @@
header="GateIn OpenSSO Login" >
<NameCallback>
<Prompt>
- Username
+ Username
</Prompt>
</NameCallback>
<PasswordCallback echoPassword="false" >
<Prompt>
- Password
+ Password
</Prompt>
</PasswordCallback>
</Callbacks>
</ModuleProperties>
</programlisting>
- </para>
- </step>
- <step>
- <para>
- Copy <filename>GATEIN_SSO_HOME/opensso/plugin/WEB-INF/lib/sso-opensso-plugin-<VERSION>.jar</filename>, <filename>GATEIN_SSO_HOME/opensso/plugin/WEB-INF/lib/commons-httpclient-<VERSION>.jar</filename>, and <filename>GATEIN_SSO_HOME/opensso/plugin/WEB-INF/lib/commons-logging-<VERSION>.jar</filename> into the Tomcat directory at <filename>TOMCAT_HOME/webapps/opensso/WEB-INF/lib</filename>.
- </para>
- </step>
- <step>
- <para>
- Copy <filename>GATEIN_SSO_HOME/opensso/plugin/WEB-INF/classes/gatein.properties</filename> into <filename>TOMCAT_HOME/webapps/opensso/WEB-INF/classes</filename>
- </para>
- </step>
+ </para>
+ </step>
+ <step>
+ <para>
+ Copy <filename>GATEIN_SSO_HOME/opensso/plugin/WEB-INF/lib/sso-opensso-plugin-<VERSION>.jar</filename>, <filename>GATEIN_SSO_HOME/opensso/plugin/WEB-INF/lib/commons-httpclient-<VERSION>.jar</filename>, and <filename>GATEIN_SSO_HOME/opensso/plugin/WEB-INF/lib/commons-logging-<VERSION>.jar</filename> into the Tomcat directory at <filename>TOMCAT_HOME/webapps/opensso/WEB-INF/lib</filename>.
+ </para>
+ </step>
+ <step>
+ <para>
+ Copy <filename>GATEIN_SSO_HOME/opensso/plugin/WEB-INF/classes/gatein.properties</filename> into <filename>TOMCAT_HOME/webapps/opensso/WEB-INF/classes</filename>
+ </para>
+ </step>
- <step>
- <para>
- Tomcat should start and be able to access <ulink type="http" url="http://localhost:8888/opensso/UI/Login?realm=gatein">http://localhost:8888/opensso/UI/Login?realm=gatein</ulink>. Login will not be available at this point.
- </para>
- <mediaobject>
- <imageobject>
- <imagedata fileref="images/AuthenticationAndIdentity/SSO/opensso-shot.png" format="PNG" />
- </imageobject>
- </mediaobject>
- </step>
+ <step>
+ <para>
+ Tomcat should start and be able to access <ulink type="http" url="http://localhost:8888/opensso/UI/Login?realm=gatein">http://localhost:8888/opensso/UI/Login?realm=gatein</ulink>. Login will not be available at this point.
+ </para>
+ <mediaobject>
+ <imageobject>
+ <imagedata fileref="images/AuthenticationAndIdentity/SSO/opensso-shot.png" format="PNG" />
+ </imageobject>
+ </mediaobject>
+ </step>
</procedure>
<para>Configure "gatein" realm:</para>
@@ -817,22 +817,22 @@
</procedure>
<para>Also, instead of configuring OpenSSO manually as above, you can refer to the available configuration files <ulink url="https://repository.jboss.org/nexus/content/groups/public/org/gatein/sso/s...">here</ulink>.</para>
</section>
- </section>
-
- <section id="sect-Reference_Guide-OpenSSO_The_Open_Web_SSO_project-Setup_the_OpenSSO_client">
- <title>Setup the OpenSSO client</title>
- <procedure>
- <step>
- <para>
- Copy all libraries from <filename>GATEIN_SSO_HOME/opensso/gatein.ear/lib</filename> into <filename>JBOSS_HOME/server/default/deploy/gatein.ear/lib</filename> (Or, in Tomcat, into <filename>GATEIN_HOME/lib</filename>)
- </para>
- </step>
- <step>
- <itemizedlist>
- <listitem>
- <para>
- In JBoss AS, edit gatein.ear/META-INF/gatein-jboss-beans.xml and uncomment this section
- </para>
+ </section>
+
+ <section id="sect-Reference_Guide-OpenSSO_The_Open_Web_SSO_project-Setup_the_OpenSSO_client">
+ <title>Setup the OpenSSO client</title>
+ <procedure>
+ <step>
+ <para>
+ Copy all libraries from <filename>GATEIN_SSO_HOME/opensso/gatein.ear/lib</filename> into <filename>JBOSS_HOME/server/default/deploy/gatein.ear/lib</filename> (Or, in Tomcat, into <filename>GATEIN_HOME/lib</filename>)
+ </para>
+ </step>
+ <step>
+ <itemizedlist>
+ <listitem>
+ <para>
+ In JBoss AS, edit gatein.ear/META-INF/gatein-jboss-beans.xml and uncomment this section
+ </para>
<programlisting><authentication>
<login-module code="org.gatein.sso.agent.login.SSOLoginModule" flag="required">
</login-module>
@@ -843,49 +843,49 @@
</authentication>
</programlisting>
- </listitem>
- <listitem>
- <para>
- If you are running &PRODUCT; in Tomcat, edit $GATEIN_HOME/conf/jaas.conf and uncomment this section
- </para>
+ </listitem>
+ <listitem>
+ <para>
+ If you are running &PRODUCT; in Tomcat, edit $GATEIN_HOME/conf/jaas.conf and uncomment this section
+ </para>
<programlisting>org.gatein.sso.agent.login.SSOLoginModule required;
org.exoplatform.services.security.j2ee.TomcatLoginModule required
portalContainerName=portal
realmName=gatein-domain;
</programlisting>
- </listitem>
- </itemizedlist>
- <para>
- At this point the installation can be tested:
- </para>
- <procedure>
- <step>
- <para>
- Access &PRODUCT; by going to <ulink type="http" url="http://localhost:8888/opensso/UI/Login?realm=gatein">http://localhost:8888/opensso/UI/Login?realm=gatein</ulink> (assuming that the OpenSSO server using Tomcat is still running).
- </para>
- </step>
- <step>
- <para>
- Login with the username <literal>root</literal> and the password <literal>gtn</literal> or any account created through the portal.
- </para>
- </step>
- </procedure>
- </step>
- </procedure>
- </section>
-
- <section id="sect-Reference_Guide-OpenSSO_The_Open_Web_SSO_project-Setup_the_portal_to_redirect_to_OpenSSO">
- <title>Setup the portal to redirect to OpenSSO</title>
- <para>
- The next part of the process is to redirect all user authentication to the OpenSSO server.
- </para>
- <para>
- Information about where the OpenSSO server is hosted must be properly configured within the Enterprise Portal Platform instance. The required configuration is done by modifying three files:
- <itemizedlist>
- <listitem>
- <para>
- In the <filename>gatein.ear/web.war/groovy/groovy/webui/component/UIBannerPortlet.gtml</filename> file modify the 'Sign In' link as follows:
+ </listitem>
+ </itemizedlist>
+ <para>
+ At this point the installation can be tested:
+ </para>
+ <procedure>
+ <step>
+ <para>
+ Access &PRODUCT; by going to <ulink type="http" url="http://localhost:8888/opensso/UI/Login?realm=gatein">http://localhost:8888/opensso/UI/Login?realm=gatein</ulink> (assuming that the OpenSSO server using Tomcat is still running).
+ </para>
+ </step>
+ <step>
+ <para>
+ Login with the username <literal>root</literal> and the password <literal>gtn</literal> or any account created through the portal.
+ </para>
+ </step>
+ </procedure>
+ </step>
+ </procedure>
+ </section>
+
+ <section id="sect-Reference_Guide-OpenSSO_The_Open_Web_SSO_project-Setup_the_portal_to_redirect_to_OpenSSO">
+ <title>Setup the portal to redirect to OpenSSO</title>
+ <para>
+ The next part of the process is to redirect all user authentication to the OpenSSO server.
+ </para>
+ <para>
+ Information about where the OpenSSO server is hosted must be properly configured within the Enterprise Portal Platform instance. The required configuration is done by modifying three files:
+ <itemizedlist>
+ <listitem>
+ <para>
+ In the <filename>gatein.ear/web.war/groovy/groovy/webui/component/UIBannerPortlet.gtml</filename> file modify the 'Sign In' link as follows:
<programlisting>
<![CDATA[
<!--
@@ -894,11 +894,11 @@
<a class="Login" href="/portal/sso"><%=_ctx.appRes("UILoginForm.label.Signin")%></a>
]]>
</programlisting>
- </para>
- </listitem>
- <listitem>
- <para>
- In the <filename>gatein.ear/web.war/groovy/portal/webui/component/UILogoPortlet.gtmpl</filename> file modify the 'Sign In' link as follows:
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ In the <filename>gatein.ear/web.war/groovy/portal/webui/component/UILogoPortlet.gtmpl</filename> file modify the 'Sign In' link as follows:
<programlisting>
<![CDATA[
<!--
@@ -907,12 +907,12 @@
<a href="/portal/sso"><%=_ctx.appRes("UILogoPortlet.action.signin")%></a>
]]>
</programlisting>
- </para>
- </listitem>
- <listitem>
- <para>
- Replace the entire contents of <filename>gatein.ear/02portal.war/login/jsp/login.jsp</filename> with:
- </para>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Replace the entire contents of <filename>gatein.ear/02portal.war/login/jsp/login.jsp</filename> with:
+ </para>
<programlisting><html>
<head>
<script type="text/javascript">
@@ -923,10 +923,10 @@
</body>
</html>
</programlisting>
- </listitem>
- <listitem>
- <para>
- Add the following Filters at the top of the filter chain in <filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename>:
+ </listitem>
+ <listitem>
+ <para>
+ Add the following Filters at the top of the filter chain in <filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename>:
<programlisting>
@@ -941,7 +941,7 @@
realm=gatein&goto=http://localhost:8080/portal/initiatessologin</param-value>
</init-param>
</filter>
- <filter>
+ <filter>
<filter-name>OpenSSOLogoutFilter</filter-name>
<filter-class>org.gatein.sso.agent.filter.OpenSSOLogoutFilter</filter-class>
<init-param>
@@ -969,8 +969,8 @@
<!-- place the filters at the top of the filter chain -->
<filter-mapping>
- <filter-name>LoginRedirectFilter</filter-name>
- <url-pattern>/*</url-pattern>
+ <filter-name>LoginRedirectFilter</filter-name>
+ <url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>OpenSSOLogoutFilter</filter-name>
@@ -991,37 +991,37 @@
</para>
</section>
- </section>
+ </section>
- <section id="Single_Sign_On-SPNEGO">
- <title>SPNEGO</title>
- <para>SPNEGO (Simple and Protected GSSAPI Negotiation Mechanism) is
- used to authenticate transparently through the web browser after the
- user has been authenticated when logging-in his session.</para>
- <para>A typical use case is the following:</para>
- <procedure>
- <step>
- <para>Users logs into his desktop (Such as a Windows machine).</para>
- </step>
- <step>
- <para>The desktop login is governed by Active Directory domain.</para>
- </step>
- <step>
- <para>User then uses his browser (IE/Firefox) to access a web
- application (that uses JBoss Negotiation) hosted on JBoss EPP.</para>
- </step>
- <step>
- <para>The Browser transfers the desktop sign on information to the
- web application.</para>
- </step>
- <step>
- <para>JBoss EAP/AS uses background GSS messages with the Active
- Directory (or any Kerberos Server) to validate the user.</para>
- </step>
- <step>
- <para>The User has seamless SSO into the web application.</para>
- </step>
- </procedure>
+ <section id="Single_Sign_On-SPNEGO">
+ <title>SPNEGO</title>
+ <para>SPNEGO (Simple and Protected GSSAPI Negotiation Mechanism) is
+ used to authenticate transparently through the web browser after the
+ user has been authenticated when logging-in his session.</para>
+ <para>A typical use case is the following:</para>
+ <procedure>
+ <step>
+ <para>Users logs into his desktop (Such as a Windows machine).</para>
+ </step>
+ <step>
+ <para>The desktop login is governed by Active Directory domain.</para>
+ </step>
+ <step>
+ <para>User then uses his browser (IE/Firefox) to access a web
+ application (that uses JBoss Negotiation) hosted on JBoss EPP.</para>
+ </step>
+ <step>
+ <para>The Browser transfers the desktop sign on information to the
+ web application.</para>
+ </step>
+ <step>
+ <para>JBoss EAP/AS uses background GSS messages with the Active
+ Directory (or any Kerberos Server) to validate the user.</para>
+ </step>
+ <step>
+ <para>The User has seamless SSO into the web application.</para>
+ </step>
+ </procedure>
<section id="SPNEGO_server_configuration">
<title>SPNEGO Server Configuration</title>
@@ -1204,19 +1204,19 @@
</procedure>
</section>
<section id="Single_Sign_On-SPNEGO-GateIn_Configuration">
- <title>&PRODUCT; Configuration</title>
+ <title>&PRODUCT; Configuration</title>
<para>&PRODUCT; uses JBoss Negotiation to enable SPNEGO-based desktop
- SSO for the portal. Here are the steps to integrate SPNEGO with
- &PRODUCT;.
+ SSO for the portal. Here are the steps to integrate SPNEGO with
+ &PRODUCT;.
</para>
- <procedure>
- <step>
- <para>
- Activate the Host authentication under the <emphasis role="bold">conf/login-config.xml </emphasis> file adding the following host login module:
+ <procedure>
+ <step>
+ <para>
+ Activate the Host authentication under the <emphasis role="bold">conf/login-config.xml </emphasis> file adding the following host login module:
</para>
-
- Under conf/login-config.xml, add the following host login module:
- <programlisting><![CDATA[<!-- SPNEGO domain -->
+
+ Under conf/login-config.xml, add the following host login module:
+ <programlisting><![CDATA[<!-- SPNEGO domain -->
<application-policy name="host">
<authentication>
<login-module code="com.sun.security.auth.module.Krb5LoginModule"
@@ -1232,16 +1232,16 @@
</application-policy>
]]></programlisting>
- <para>The 'keyTab' value should point to the keytab file that was
- generated by the kadmin kerberos tool. See the <xref linkend="SPNEGO_server_configuration"/> section for more details.
+ <para>The 'keyTab' value should point to the keytab file that was
+ generated by the kadmin kerberos tool. See the <xref linkend="SPNEGO_server_configuration"/> section for more details.
</para>
- </step>
-
+ </step>
+
<step>
- <para>
- Extend the core authentication mechanisms to support SPNEGO under
- <emphasis role="bold">deployers/jbossweb.deployer/META-INF/war-deployers-jboss-beans.xml</emphasis> by
- adding the 'SPNEGO' authenticators property.
+ <para>
+ Extend the core authentication mechanisms to support SPNEGO under
+ <emphasis role="bold">deployers/jbossweb.deployer/META-INF/war-deployers-jboss-beans.xml</emphasis> by
+ adding the 'SPNEGO' authenticators property.
</para>
<programlisting language="xml">
@@ -1278,17 +1278,17 @@
</property>
]]>
</programlisting>
- </step>
- <step>
- <para>Add the GateIn SSO module binaries by copying <emphasis role="bold">$GATEIN_SSO_HOME/spnego/gatein.ear/lib/sso-agent.jar</emphasis>, and <emphasis role="bold">$GATEIN_SSO_HOME/spnego/gatein.ear/lib/sso-spnego.jar</emphasis> to the <emphasis role="bold">deploy/gatein.ear/lib</emphasis> directory.
+ </step>
+ <step>
+ <para>Add the GateIn SSO module binaries by copying <emphasis role="bold">$GATEIN_SSO_HOME/spnego/gatein.ear/lib/sso-agent.jar</emphasis>, and <emphasis role="bold">$GATEIN_SSO_HOME/spnego/gatein.ear/lib/sso-spnego.jar</emphasis> to the <emphasis role="bold">deploy/gatein.ear/lib</emphasis> directory.
</para>
- </step>
- <step>
- <para>
- Modify the <emphasis role="bold">deploy/gatein.ear/META-INF/gatein-jboss-beans.xml</emphasis> file as below, then comment on other parts.
+ </step>
+ <step>
+ <para>
+ Modify the <emphasis role="bold">deploy/gatein.ear/META-INF/gatein-jboss-beans.xml</emphasis> file as below, then comment on other parts.
</para>
- <programlisting language="xml"><![CDATA[
+ <programlisting language="xml"><![CDATA[
<login-module code="org.gatein.sso.spnego.SPNEGOLoginModule" flag="required">
<module-option name="password-stacking">useFirstPass</module-option>
<module-option name="serverSecurityDomain">host</module-option>
@@ -1299,12 +1299,12 @@
<module-option name="realmName">gatein-domain</module-option>
</login-module>]]>
</programlisting>
- </step>
- <step>
- <para>
- Modify <emphasis role="bold">gatein.ear/02portal.war/WEB-INF/web.xml</emphasis> as below.</para>
+ </step>
+ <step>
+ <para>
+ Modify <emphasis role="bold">gatein.ear/02portal.war/WEB-INF/web.xml</emphasis> as below.</para>
- <programlisting language="xml"><![CDATA[
+ <programlisting language="xml"><![CDATA[
<!--
<login-config>
<auth-method>FORM</auth-method>
@@ -1322,51 +1322,43 @@
</login-config>]]>
</programlisting>
<para>This integrates SPNEGO support into the Portal web archive by switching the authentication mechanism from the default "FORM"-based to "SPNEGO"-based authentication.</para>
- </step>
- <step>
- <para>Integrate the request pre-processing needed for SPNEGO via filters by adding the following filters to the <emphasis role="bold">web.xml </emphasis> at the top of the Filter chain.</para>
+ </step>
+ <step>
+ <para>Integrate the request pre-processing needed for SPNEGO via filters by adding the following filters to the <emphasis role="bold">web.xml </emphasis> at the top of the Filter chain.</para>
<programlisting><![CDATA[
<filter>
<filter-name>LoginRedirectFilter</filter-name>
<filter-class>org.gatein.sso.agent.filter.LoginRedirectFilter</filter-class>
<init-param>
- <!-- This should point to your SSO authentication server -->
+ <!-- This should point to your SSO authentication server -->
<param-name>LOGIN_URL</param-name>
<param-value>/portal/private/classic</param-value>
- </init-param>
+ </init-param>
</filter>
-<filter>
- <filter-name>SPNEGOFilter</filter-name>
- <filter-class>org.gatein.sso.agent.filter.SPNEGOFilter</filter-class>
-</filter>
<filter-mapping>
<filter-name>LoginRedirectFilter</filter-name>
<url-pattern>/*</url-pattern>
-</filter-mapping>
-<filter-mapping>
- <filter-name>SPNEGOFilter</filter-name>
- <url-pattern>/*</url-pattern>
</filter-mapping>]]>
</programlisting>
-
- </step>
- <step>
- <para>
- Start the &PRODUCT; portal using the command below.</para>
- <programlisting>sudo ./run.sh -Djava.security.krb5.realm=LOCAL.NETWORK -Djava.security.krb5.kdc=server.local.network -c PROFILE -b server.local.network</programlisting>
+
+ </step>
+ <step>
+ <para>
+ Start the &PRODUCT; portal using the command below.</para>
+ <programlisting>sudo ./run.sh -Djava.security.krb5.realm=LOCAL.NETWORK -Djava.security.krb5.kdc=server.local.network -c PROFILE -b server.local.network</programlisting>
<para>The PROFILE parameter in the above command should be replaced with the server profile modified in the above configuration. For example, if you are configuring the default profile, your command will be.</para>
<programlisting>sudo ./run.sh -Djava.security.krb5.realm=LOCAL.NETWORK -Djava.security.krb5.kdc=server.local.network -c default -b server.local.network</programlisting>
- </step>
- <step>
- <para>Login to Kerberos with the command.</para>
- <programlisting>kinit -A demo</programlisting>
- <para>You should be able to click the 'Sign In' link on the &PRODUCT; portal
- and the 'demo' user from the &PRODUCT; portal should be automatically
- logged in.</para>
- </step>
- </procedure>
- </section>
+ </step>
+ <step>
+ <para>Login to Kerberos with the command.</para>
+ <programlisting>kinit -A demo</programlisting>
+ <para>You should be able to click the 'Sign In' link on the &PRODUCT; portal
+ and the 'demo' user from the &PRODUCT; portal should be automatically
+ logged in.</para>
+ </step>
+ </procedure>
+ </section>
<section id="Single_Sign_On-CAS_Central_Clients">
<title>Clients</title>
<para>After performing all configurations above, you need to enable the <emphasis role="bold">Negotiate authentication </emphasis> of Firefox in clients so that clients could be authenticated by &PRODUCT; as follows:
@@ -1387,6 +1379,6 @@
</step>
</procedure>
</section>
- </section>
+ </section>
</section>
13 years, 3 months
- 1
- 0
gatein SVN: r7655 - epp/portal/branches/EPP_5_2_Branch/portlet/exoadmin/src/main/java/org/exoplatform/toolbar/webui/component.
by do-not-reply@jboss.org
Author: mwringe
Date: 2011-10-04 14:57:00 -0400 (Tue, 04 Oct 2011)
New Revision: 7655
Modified:
epp/portal/branches/EPP_5_2_Branch/portlet/exoadmin/src/main/java/org/exoplatform/toolbar/webui/component/UIUserToolBarGroupPortlet.java
Log:
JBEPP-1161: add missing EventConfig to UIUsetToolBarGroupPortlet. Fixes an NPE when an event is created for it.
Modified: epp/portal/branches/EPP_5_2_Branch/portlet/exoadmin/src/main/java/org/exoplatform/toolbar/webui/component/UIUserToolBarGroupPortlet.java
===================================================================
--- epp/portal/branches/EPP_5_2_Branch/portlet/exoadmin/src/main/java/org/exoplatform/toolbar/webui/component/UIUserToolBarGroupPortlet.java 2011-10-04 18:37:25 UTC (rev 7654)
+++ epp/portal/branches/EPP_5_2_Branch/portlet/exoadmin/src/main/java/org/exoplatform/toolbar/webui/component/UIUserToolBarGroupPortlet.java 2011-10-04 18:57:00 UTC (rev 7655)
@@ -42,8 +42,9 @@
* thanhtungty(a)gmail.com
* May 26, 2009
*/
-@ComponentConfig(lifecycle = UIApplicationLifecycle.class, template = "app:/groovy/admintoolbar/webui/component/UIUserToolBarGroupPortlet.gtmpl"
-)
+@ComponentConfig(lifecycle = UIApplicationLifecycle.class, template = "app:/groovy/admintoolbar/webui/component/UIUserToolBarGroupPortlet.gtmpl",
+ events = {
+ @EventConfig(listeners = UIUserToolBarGroupPortlet.NavigationChangeActionListener.class)})
public class UIUserToolBarGroupPortlet extends BasePartialUpdateToolbar
{
13 years, 3 months
- 1
- 0
gatein SVN: r7654 - portal/trunk/portlet/exoadmin/src/main/java/org/exoplatform/toolbar/webui/component.
by do-not-reply@jboss.org
Author: mwringe
Date: 2011-10-04 14:37:25 -0400 (Tue, 04 Oct 2011)
New Revision: 7654
Modified:
portal/trunk/portlet/exoadmin/src/main/java/org/exoplatform/toolbar/webui/component/UIUserToolBarGroupPortlet.java
Log:
GTNPORTAL-2149: add missing EventConfig to UIUsetToolBarGroupPortlet. Fixes an NPE when an event is created for it.
Modified: portal/trunk/portlet/exoadmin/src/main/java/org/exoplatform/toolbar/webui/component/UIUserToolBarGroupPortlet.java
===================================================================
--- portal/trunk/portlet/exoadmin/src/main/java/org/exoplatform/toolbar/webui/component/UIUserToolBarGroupPortlet.java 2011-10-04 15:26:12 UTC (rev 7653)
+++ portal/trunk/portlet/exoadmin/src/main/java/org/exoplatform/toolbar/webui/component/UIUserToolBarGroupPortlet.java 2011-10-04 18:37:25 UTC (rev 7654)
@@ -42,8 +42,9 @@
* thanhtungty(a)gmail.com
* May 26, 2009
*/
-@ComponentConfig(lifecycle = UIApplicationLifecycle.class, template = "app:/groovy/admintoolbar/webui/component/UIUserToolBarGroupPortlet.gtmpl"
-)
+@ComponentConfig(lifecycle = UIApplicationLifecycle.class, template = "app:/groovy/admintoolbar/webui/component/UIUserToolBarGroupPortlet.gtmpl",
+ events = {
+ @EventConfig(listeners = UIUserToolBarGroupPortlet.NavigationChangeActionListener.class)})
public class UIUserToolBarGroupPortlet extends BasePartialUpdateToolbar
{
13 years, 3 months
- 1
- 0