Author: jaredmorgs
Date: 2012-07-04 01:05:18 -0400 (Wed, 04 Jul 2012)
New Revision: 8768
Added:
epp/docs/branches/5.2/Reference_Guide/en-US/modules/AuthenticationAndIdentity/CoreOrganizationInitializer.xml
Modified:
epp/docs/branches/5.2/Reference_Guide/en-US/Book_Info.xml
epp/docs/branches/5.2/Reference_Guide/en-US/Reference_Guide.xml
epp/docs/branches/5.2/Reference_Guide/en-US/Revision_History.xml
epp/docs/branches/5.2/Reference_Guide/en-US/modules/AuthenticationAndIdentity.xml
epp/docs/branches/5.2/Reference_Guide/en-US/modules/AuthenticationAndIdentity/LDAP.xml
epp/docs/branches/5.2/Reference_Guide/en-US/modules/AuthenticationAndIdentity/SSO.xml
epp/docs/branches/5.2/Reference_Guide/en-US/modules/PortalDevelopment/LocalizationConfiguration.xml
epp/docs/branches/5.2/Reference_Guide/publican.cfg
Log:
BZ#801424 - Added Organization Initializer section, and reworked from community docs.
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/Book_Info.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/en-US/Book_Info.xml 2012-07-04 04:54:12 UTC (rev
8767)
+++ epp/docs/branches/5.2/Reference_Guide/en-US/Book_Info.xml 2012-07-04 05:05:18 UTC (rev
8768)
@@ -5,11 +5,11 @@
]>
<bookinfo id="book-Reference_Guide-Reference_Guide">
<title>Reference Guide</title>
- <subtitle>An in-depth guide to Enterprise Portal Platform 5.2.0</subtitle>
+ <subtitle>An in-depth guide to Enterprise Portal Platform 5.2, and its patch
releases.</subtitle>
<productname>JBoss Enterprise Portal Platform</productname>
<productnumber>5.2</productnumber>
- <edition>5.2.1</edition>
- <pubsnumber>100</pubsnumber>
+ <edition>5.2.2</edition>
+ <pubsnumber>1</pubsnumber>
<abstract>
<para>
This Reference Guide is a high-level usage document. It deals with more
advanced topics than the Installation and User Guides, adding new content or taking
concepts discussed in the earlier documents further. It aims to provide supporting
documentation for advanced users of the JBoss Enterprise Portal Platform product. Its
primary focus is on advanced use of the product and it assumes an intermediate or advanced
knowledge of the technology and terms.
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/Reference_Guide.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/en-US/Reference_Guide.xml 2012-07-04 04:54:12
UTC (rev 8767)
+++ epp/docs/branches/5.2/Reference_Guide/en-US/Reference_Guide.xml 2012-07-04 05:05:18
UTC (rev 8768)
@@ -1,16 +1,16 @@
<?xml version='1.0' encoding='UTF-8'?>
+<!-- This document was created with Syntext Serna Free. -->
<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "Reference_Guide.ent">
%BOOK_ENTITIES;
]>
-<book>
+<book status="draft">
<xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="Book_Info.xml"/>
<xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="Preface.xml"/>
<xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="modules/Introduction.xml"/>
<xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="modules/PortalDevelopment.xml"/>
<xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="modules/PortletDevelopment.xml"/>
-<!-- <xi:include href="modules/GadgetDevelopment.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" /> -->
- <xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="modules/AuthenticationAndIdentity.xml"/>
+<!-- <xi:include href="modules/GadgetDevelopment.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" /> -->
<xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="modules/AuthenticationAndIdentity.xml"/>
<xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="modules/WSRP.xml"/>
<xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="modules/Advanced.xml"/>
<xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="modules/eXoJCR.xml"/>
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/Revision_History.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/en-US/Revision_History.xml 2012-07-04 04:54:12
UTC (rev 8767)
+++ epp/docs/branches/5.2/Reference_Guide/en-US/Revision_History.xml 2012-07-04 05:05:18
UTC (rev 8768)
@@ -7,8 +7,21 @@
<title>Revision History</title>
<simpara>
<revhistory>
-
<revision>
+ <revnumber>5.2.2-1</revnumber>
+ <date>Tue Jul 3 2012</date>
+ <author>
+ <firstname>Jared</firstname>
+ <surname>Morgan</surname>
+ <email/>
+ </author>
+ <revdescription>
+ <simplelist>
+ <member>BZ#801424 - Added section on Organization Initializer,
including the operations available, and the different methods of interacting with the
initializer.</member>
+ </simplelist>
+ </revdescription>
+ </revision>
+ <revision>
<revnumber>5.2.1-100</revnumber>
<date>Tue Apr 17 2012</date>
<author>
@@ -22,7 +35,6 @@
</simplelist>
</revdescription>
</revision>
-
<revision>
<revnumber>5.2.0-100</revnumber>
<date>Wed Dec 14 2011</date>
@@ -37,7 +49,6 @@
</simplelist>
</revdescription>
</revision>
-
</revhistory>
</simpara>
</appendix>
Added:
epp/docs/branches/5.2/Reference_Guide/en-US/modules/AuthenticationAndIdentity/CoreOrganizationInitializer.xml
===================================================================
---
epp/docs/branches/5.2/Reference_Guide/en-US/modules/AuthenticationAndIdentity/CoreOrganizationInitializer.xml
(rev 0)
+++
epp/docs/branches/5.2/Reference_Guide/en-US/modules/AuthenticationAndIdentity/CoreOrganizationInitializer.xml 2012-07-04
05:05:18 UTC (rev 8768)
@@ -0,0 +1,216 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+
+<!ENTITY % BOOK_ENTITIES SYSTEM "../../Reference_Guide.ent">
+]>
+<section id="sect-CoreOrganizationInitializer">
+ <title><remark>BZ#801424 </remark>Create Users and Groups without
Organization API</title>
+ <para>CoreOrganizationInitializer is a plug-in that creates users and groups
outside the portal user interface, without the Organization API. The plug-in performs the
function of the Organization API with regard to triggering listeners for users and groups
at creation time. The plug-in prevents issues with missing JCR objects, resulting from
incorrectly provisioned users and groups.</para>
+ <para>The plug-in is particularly useful when using the Site Publisher add-on,
and directly adding users or groups to a LDAP server through ldif files, or into a
database using SQL. </para>
+ <section>
+ <title>Enable Initializer</title>
+ <para>The initializer is disabled by default. To activate it, uncomment the
block containing the path to the
<filename>initializer-configuration.xml</filename> file in
<filename><replaceable>EPP_HOME</replaceable>/server/<replaceable>PROFILE</replaceable>/deploy/gatein.ear/02portal.war/conf/configuration.xml</filename>.
+</para>
+ <programlisting language="XML"><!-- Uncomment for enable
initializer (OrganizationListenersInitializerService and related stuff) -->
+
<import>war:/conf/organization/initializer-configuration.xml</import></programlisting>
+ <para>All configuration for the initializer occurs in
<filename><replaceable>EPP_HOME</replaceable>/server/<replaceable>PROFILE</replaceable>/deploy/gatein.ear/02portal.war/conf/organization/initializer-configuration.xml</filename>,
which is the main configuration file
+for this initializer. More details about configuration options, along with alternatives
to XML directive configuration, are described in subsequent sections.</para>
+ </section>
+ <section>
+ <title>Operations</title>
+ <para>There are a number of operations supported by
CoreOrganizationInitializer.</para>
+ <table frame="all" pgwide="1"
id="table-Supported_Operations">
+ <title>Supported Operations</title>
+ <tgroup colsep="1" cols="3">
+ <colspec colname="c1"/>
+ <colspec colname="c2"/>
+ <colspec colname="c3"/>
+ <thead>
+ <row>
+ <entry>Full Operation</entry>
+ <entry>Parameters</entry>
+ <entry>Remarks</entry>
+ </row>
+ </thead>
+ <tbody>
+ <row>
+ <entry>
+ <command>treatUser(username, checkFolders)</command>
+ </entry>
+ <entry>username</entry>
+ <entry>
+ <para>String value containing the user name to query.</para>
+ </entry>
+ </row>
+ <row>
+ <entry/>
+ <entry>checkFolders</entry>
+ <entry>
+ <para>Boolean value (<literal>true | false</literal>)
used by <parameter>treatUser</parameter>,
<parameter>treatGroup</parameter>, and
<parameter>launchAll</parameter> to control when listeners are triggered for
a user or group.</para>
+ <para>Detects whether JCR folders are already present for the
specified user, or group (in the case of <parameter>launchAll</parameter>).
The presence of the folder indicates to the operation that listeners are already triggered
for the user or group.</para>
+ <para>If set to true (recommended), listeners will not be triggered
for the user.</para>
+ <para>If set to false, all listeners are re-triggered for the
specified user or group.</para>
+ </entry>
+ </row>
+ <row>
+ <entry>
+ <command>treatGroup(groupName, checkFolders)</command>
+ </entry>
+ <entry>groupName</entry>
+ <entry>
+ <para>String value containing the group name to query.</para>
+ </entry>
+ </row>
+ <row>
+ <entry>
+ <command>launchAll(checkFolders)</command>
+ </entry>
+ <entry/>
+ <entry>
+ <para>Finds all users and groups and triggers
<parameter>treatUser</parameter> and
<parameter>treatGroup</parameter> as appropriate.</para>
+ <para>Read the following advice for
<parameter>checkFolders</parameter> when using this operation. </para>
+ </entry>
+ </row>
+ <row>
+ <entry/>
+ <entry>checkFolders</entry>
+ <entry>
+ <para>To avoid significant performance impacts, only use
<parameter>checkFolder=true</parameter> for this operation.</para>
+ <para>If this operation is used with
<parameter>checkFolders=false</parameter>, all listeners will be restarted for
all users and groups. This will have a definite impact on performance.</para>
+ </entry>
+ </row>
+ </tbody>
+ </tgroup>
+ </table>
+ </section>
+ <section id="Triggering_Operations">
+ <title>Using configuration directives</title>
+ <para>There are a number of ways of controlling operations associated with
CoreOrganizationInitializer. All parameters are configured in <value-param>
directive blocks in the
<filename><replaceable>EPP_HOME</replaceable>/server/<replaceable>PROFILE</replaceable>/deploy/gatein.ear/02portal.war/conf/organization/initializer-configuration.xml</filename>
file.</para>
+ <example>
+ <title><value-param> block for initializer
directives</title>
+ <programlisting language="XML"><value-param>
+ <name>directiveName</name>
+ <value>[true | false]</value>
+</value-param></programlisting>
+ </example>
+ <procedure>
+ <title>Disable launchAll at Startup</title>
+ <para>For large implementations with many users and groups, consider
disabling <parameter>launchAll</parameter> functionality during start-up for
each portal container. Disabling this operation during start-up will result in a
performance improvement.</para>
+ <step>
+ <para>Open
<filename><replaceable>EPP_HOME</replaceable>/server/<replaceable>PROFILE</replaceable>/deploy/gatein.ear/02portal.war/conf/organization/initializer-configuration.xml</filename></para>
+ </step>
+ <step>
+ <para>Locate the
<parameter>executeAllListenersDuringBoot</parameter>
<value-param> parameter.</para>
+ </step>
+ <step>
+ <para>Set
<parameter><value>false</value></parameter> to
prevent listeners being started for each user and group.</para>
+ </step>
+ </procedure>
+ <procedure>
+ <title>Disable launchAll Job Scheduler</title>
+ <para>A job scheduler is configured to run by default, and executes
<parameter>launchAll</parameter> periodically. For large implementations with
many users and groups, consider disabling the Job scheduler
<parameter>launchAll</parameter> functionality for each portal container.
Disabling this operation may result in a performance improvement.</para>
+ <step>
+ <para>Open
<filename><replaceable>EPP_HOME</replaceable>/server/<replaceable>PROFILE</replaceable>/deploy/gatein.ear/02portal.war/conf/organization/initializer-configuration.xml</filename></para>
+ </step>
+ <step>
+ <para>Search for "scheduler" in the file.</para>
+ </step>
+ <step>
+ <para>Comment out the entire scheduler block to disable the job
permanently.</para>
+ </step>
+ </procedure>
+ <procedure>
+ <title>Alter the way JCR objects are created on-demand, at user login.
</title>
+ <para>When a user logs into the portal, the
<parameter>treatUser</parameter> operation runs on-demand to create the
required JCR objects. This operation (activated by default) improves overall performance
of the portal, because user objects are only created when needed. To disable the operation
(not recommended), follow the guidelines below.</para>
+ <step>
+ <para>Open
<filename><replaceable>EPP_HOME</replaceable>/server/<replaceable>PROFILE</replaceable>/deploy/gatein.ear/02portal.war/conf/organization/initializer-configuration.xml</filename></para>
+ </step>
+ <step>
+ <para>Locate the <parameter>ExtensibleFilter</parameter>
directive block.</para>
+ </step>
+ <step>
+ <para>Within the ExtensibleFilter directive block, locate the
<parameter>triggerListenersForGroups</parameter> <value-param>
parameter.</para>
+ </step>
+ <step>
+ <para>Set
<parameter><value>false</value></parameter> to
prevent the <parameter>treatGroup</parameter> operation from executing for
each group the user is a member of.</para>
+ </step>
+ </procedure>
+ </section>
+ <section>
+ <title>Using JMX Console</title>
+ <para>The JMX Console is available for all CoreOrganizationInitializer
operations.</para>
+ <procedure>
+ <title>Trigger operations through the JMX console . </title>
+ <step>
+ <para>Open
<uri>http://localhost:8080/jmx-console</uri></para>
+ </step>
+ <step>
+ <para>Locate the <parameter>exo</parameter>
domain.</para>
+ </step>
+ <step>
+ <para>Locate the correct MBean, depending on the portal container used.
Substitute the
portal="<replaceable>portal_name</replaceable>" value with
the name of the portal container used in your production environment.</para>
+ <itemizedlist>
+ <listitem>
+ <para>For Enterprise Portal Platform.</para>
+ <para>MBean
<parameter>name=OrganizationInitializerService,portal="portal",
service=OrganizationInitializerService</parameter></para>
+ </listitem>
+ <listitem>
+ <para>For Enterprise Portal Platform, with Site Publisher
add-on.</para>
+ <para>MBean
<parameter>name=OrganizationInitializerService,portal="ecmdemo",
service=OrganizationInitializerService</parameter></para>
+ </listitem>
+ </itemizedlist>
+ </step>
+ <step>
+ <para>Alter the values of the operations as required in the console,
referring to the descriptions in <xref
linkend="table-Supported_Operations"/> for more information.</para>
+ </step>
+ </procedure>
+ </section>
+ <section>
+ <title>Using REST Interface</title>
+ <para>OrganizationInitializerService can be accessed using a REST interface.
Some examples of commands are provided, as a practical way of demonstrating the REST
syntax required. Pay particular attention to how forward slash symbols are escaped in
directory paths featured in some REST syntax examples.</para>
+ <variablelist>
+ <varlistentry>
+
<term>http://localhost:8080/rest/initializer/launchAllListeners/true</term>
+ <listitem>
+ <para> Trigger <parameter>launchAll</parameter> for portal
container "portal", with
<parameter>checkFolders=true</parameter>.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+
<term>http://localhost:8080/rest-ecmdemo/initializer/launchAllListeners/true</term>
+ <listitem>
+ <para> Trigger <parameter>launchAll</parameter> for portal
container "ecmdemo", with
<parameter>checkFolders=true</parameter>.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+
<term>http://localhost:8080/rest-ecmdemo/initializer/launchAllListeners/false</term>
+ <listitem>
+ <para> Trigger <parameter>launchAll</parameter> for portal
container "ecmdemo", with
<parameter>checkFolders=false</parameter>.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>http://localhost:8080/rest/initializer/launchUserListeners/jduke/true
</term>
+ <listitem>
+ <para>Trigger <parameter>treatUser</parameter> for portal
container "portal", for user "jduke"with
<parameter>checkFolders=true</parameter>.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+
<term>http://localhost:8080/rest-ecmdemo/initializer/launchUserListeners/jduke/true</term>
+ <listitem>
+ <para> Trigger <parameter>treatUser</parameter> for portal
container "portal", for user "jduke"with
<parameter>checkFolders=false</parameter>.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+
<term>http://localhost:8080/rest/initializer/launchGroupListeners/@platform@users/true</term>
+ <listitem>
+ <para> Trigger
"<parameter>treatGroup</parameter>" for group
"/platform/users" in the portal container
"portal".</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+
<term>http://localhost:8080/rest-ecmdemo/initializer/launchGroupListeners/@acme@roles@employees/true</term>
+ <listitem>
+ <para> Trigger
"<parameter>treatGroup</parameter>" for group
"/acme/roles/employee" in the portal container
"ecmdemo".</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </section>
+</section>
Modified:
epp/docs/branches/5.2/Reference_Guide/en-US/modules/AuthenticationAndIdentity/LDAP.xml
===================================================================
---
epp/docs/branches/5.2/Reference_Guide/en-US/modules/AuthenticationAndIdentity/LDAP.xml 2012-07-04
04:54:12 UTC (rev 8767)
+++
epp/docs/branches/5.2/Reference_Guide/en-US/modules/AuthenticationAndIdentity/LDAP.xml 2012-07-04
05:05:18 UTC (rev 8768)
@@ -1,333 +1,257 @@
-<?xml version='1.0' encoding='utf-8' ?>
+<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
-%BOOK_ENTITIES;
+
<!ENTITY % BOOK_ENTITIES SYSTEM "../../Reference_Guide.ent">
]>
-
<section id="sect-Reference_Guide_eXo_JCR_1.14-LDAP_Integration">
<title>LDAP Integration</title>
- <note>
- <title>Notational Device</title>
- <para>
- For ease of readability the following section uses the notational device
<replaceable>ID_HOME</replaceable> to represent the file path
<filename><replaceable>JBOSS_HOME</replaceable>/server/<replaceable><PROFILE></replaceable>/deploy/gatein.ear/02portal.war/WEB-INF/conf/organization/</filename>,
as this directory is the root of all JBoss Enterprise Portal Platform's
identity-related configuration.
+ <note>
+ <title>Notational Device</title>
+ <para>
+ For ease of readability the following section uses the notational device
<replaceable>ID_HOME</replaceable> to represent the file path
<filename><replaceable>JBOSS_HOME</replaceable>/server/<replaceable><PROFILE></replaceable>/deploy/gatein.ear/02portal.war/WEB-INF/conf/organization/</filename>,
as this directory is the root of all JBoss Enterprise Portal Platform's
identity-related configuration.
</para>
- </note>
- <para>
+ </note>
+ <para>
<emphasis role="bold">LDAP</emphasis> (Lightweight
Directory Access Protocol) is a set of open protocols used to access centrally stored
information over a network. It is based on the X.500 standard for directory sharing, but
is less complex and resource-intensive.
</para>
- <para>
+ <para>
Using a client/server architecture, LDAP provides a reliable means to create a
central information directory accessible from the network. When a client attempts to
modify information within this directory, the server verifies the user has permission to
make the change, and then adds or updates the entry as requested. To ensure the
communication is secure, the Secure Sockets Layer (<emphasis>SSL</emphasis>)
or Transport Layer Security (<emphasis>TLS</emphasis>) cryptographic protocols
can be used to prevent an attacker from intercepting the transmission.
</para>
<!-- Source Metadata
URL:
http://documentation-stage.bne.redhat.com/docs/en-US/Red_Hat_Enterprise_L...
Author [email]: Red Hat ECS Platform Team
License: Copyright © 2010, 2011 Red Hat, Inc.
--->
- <para>
+--> <para>
LDAP provides the protocols required to manage the data stored in a Directory
Server. A Directory Server contains information about resources available (user accounts
and printers for example) and their location on the network.
</para>
- <para>
+ <para>
The following table is a list of Directory Servers that are supported and
certified in JBoss Enterprise Portal Platform.
</para>
-
- <table>
- <title>Supported and Certified directory servers</title>
- <tgroup cols="2">
- <colspec colnum="1" colname="LDAP"
colwidth="1*"></colspec>
- <thead>
- <row>
+ <table>
+ <title>Supported and Certified directory servers</title>
+ <tgroup cols="2">
+ <colspec colnum="1" colname="LDAP"
colwidth="1*"/>
+ <thead>
+ <row>
+ <entry>
+ <emphasis>Directory Server</emphasis>
+ </entry>
+ <entry>
+ <emphasis>Version</emphasis>
+ </entry>
+ </row>
+ </thead>
+ <tbody>
+ <row>
+ <entry> OpenDS </entry>
+ <entry> 1.2 </entry>
+ </row>
+ <row>
+ <entry> OpenDS </entry>
+ <entry> 2.0 </entry>
+ </row>
+ <row>
+ <entry> OpenLDAP </entry>
+ <entry> 2.4 </entry>
+ </row>
+ <row>
+ <entry> Red Hat Directory Server (RHDS) </entry>
+ <entry> 7.1 </entry>
+ </row>
+ <row>
+ <entry> Microsoft Active Directory (MSAD) </entry>
+ <entry> Windows Server 2008 </entry>
+ </row>
+ </tbody>
+ </tgroup>
+ </table>
+<!-- Source Metadata
+URL:
http://www.jboss.com/products/platforms/portals/testedconfigurations/
+Author [w/email]: Red Hat Inc
+License:
+--> <note>
+ <title>Examples</title>
+ <para>
+ JBoss Enterprise Portal Platform includes several example LDAP
configuration <filename>.xml</filename> files and
<filename>.ldif</filename> (LDAP Data Interchange Format) data files.
+ </para>
+ <para>
+ These examples are in the
<filename><replaceable>ID_HOME</replaceable>/picketlink-idm/examples</filename>
directory and can be deployed in a testing environment to assist in configuring LDAP.
+ </para>
+ </note>
+ <procedure id="proc-Reference_Guide-LDAP_Integration-LDAP_Set_Up">
+ <title>LDAP Set Up</title>
+ <step>
+ <substeps>
+ <step>
+ <para>
+ Install your <application>LDAP</application>
server by following the installation instructions provided for the product you are using.
+ </para>
+ <para>
+ If you are installing the <application>Red Hat
Directory Server</application> (RHDS), you should refer to the Installation Guide at
<ulink
url="http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/inde...
type="http"/>.
+ </para>
+ <para>
+ If you are using a third party directory server
(<application>OpenDS</application>,
<application>OpenLDAP</application> or <application>Miscrosoft Active
Directory</application> (MSAD)), refer the appropriate documentation for that
product.
+ </para>
+ <para>
+ The following values provide an example of working
configuration settings for the different Directory Servers:
+ </para>
+ <table>
+ <title/>
+ <tgroup cols="8">
+ <colspec colname="1"/>
+ <colspec colname="2"/>
+ <colspec colname="3"/>
+ <colspec colname="4"/>
+ <colspec colname="5"/>
+ <colspec colname="6"/>
+ <colspec colname="7"/>
+ <colspec colname="8"/>
+ <spanspec namest="2" nameend="8"
spanname="vspan"/>
+ <thead>
+ <row>
+ <entry> Directory Server </entry>
+ <entry spanname="vspan"> Value </entry>
+ </row>
+ </thead>
+ <tbody>
+ <row>
+ <entry/>
<entry>
- <emphasis>Directory Server</emphasis>
+ <emphasis role="bold">root user Distinguished Name
(DN)</emphasis>
</entry>
<entry>
- <emphasis>Version</emphasis>
+ <emphasis role="bold">Password</emphasis>
</entry>
- </row>
- </thead>
- <tbody>
- <row>
<entry>
- OpenDS
+ <emphasis role="bold">Port</emphasis>
</entry>
<entry>
- 1.2
+ <emphasis role="bold">Admin Port</emphasis>
</entry>
- </row>
- <row>
<entry>
- OpenDS
+ <emphasis role="bold">Base DN</emphasis>
</entry>
<entry>
- 2.0
+ <emphasis role="bold">Database
Population</emphasis>
</entry>
- </row>
- <row>
<entry>
- OpenLDAP
+ <emphasis role="bold">SSO/TLS</emphasis>
</entry>
+ </row>
+ <row>
<entry>
- 2.4
+ <emphasis role="bold">RHDS and
OpenDS</emphasis>
</entry>
- </row>
- <row>
+ <entry> cn=Directory Manager </entry>
+ <entry> password </entry>
+ <entry> 1389 </entry>
+ <entry> 4444 </entry>
+ <entry> dc=example,dc=com </entry>
+ <entry> "Only create the base entry"
</entry>
+ <entry> no SSO, no TLS </entry>
+ </row>
+ <row>
<entry>
- Red Hat Directory Server (RHDS)
+ <emphasis role="bold">MSAD</emphasis>
</entry>
+ <entry> CN=Users </entry>
+ <entry/>
+ <entry/>
+ <entry/>
+ <entry/>
+ <entry/>
+ <entry/>
+ </row>
+ <row>
<entry>
- 7.1
+ <emphasis role="bold">OpenLDAP</emphasis>
</entry>
- </row>
- <row>
- <entry>
- Microsoft Active Directory (MSAD)
- </entry>
- <entry>
- Windows Server 2008
- </entry>
- </row>
- </tbody>
- </tgroup>
- </table>
-<!-- Source Metadata
-URL:
http://www.jboss.com/products/platforms/portals/testedconfigurations/
-Author [w/email]: Red Hat Inc
-License:
--->
- <note>
- <title>Examples</title>
- <para>
- JBoss Enterprise Portal Platform includes several example LDAP
configuration <filename>.xml</filename> files and
<filename>.ldif</filename> (LDAP Data Interchange Format) data files.
- </para>
- <para>
- These examples are in the
<filename><replaceable>ID_HOME</replaceable>/picketlink-idm/examples</filename>
directory and can be deployed in a testing environment to assist in configuring LDAP.
- </para>
- </note>
- <procedure id="proc-Reference_Guide-LDAP_Integration-LDAP_Set_Up">
- <title>LDAP Set Up</title>
- <step>
- <substeps>
- <step>
- <para>
- Install your <application>LDAP</application>
server by following the installation instructions provided for the product you are using.
- </para>
- <para>
- If you are installing the <application>Red Hat
Directory Server</application> (RHDS), you should refer to the Installation Guide at
<ulink type="http"
url="http://docs.redhat.com/docs/en-US/Red_Hat_Directory_Server/inde...;.
- </para>
- <para>
- If you are using a third party directory server
(<application>OpenDS</application>,
<application>OpenLDAP</application> or <application>Miscrosoft Active
Directory</application> (MSAD)), refer the appropriate documentation for that
product.
- </para>
- <para>
- The following values provide an example of working
configuration settings for the different Directory Servers:
- </para>
- <table>
- <title></title>
- <tgroup cols="8">
- <colspec
colname="1"></colspec>
- <colspec
colname="2"></colspec>
- <colspec
colname="3"></colspec>
- <colspec
colname="4"></colspec>
- <colspec
colname="5"></colspec>
- <colspec
colname="6"></colspec>
- <colspec
colname="7"></colspec>
- <colspec
colname="8"></colspec>
- <spanspec spanname="vspan"
namest="2" nameend="8"></spanspec>
- <thead>
- <row>
- <entry>
- Directory Server
- </entry>
- <entry spanname="vspan">
- Value
- </entry>
- </row>
- </thead>
- <tbody>
- <row>
- <entry>
-
- </entry>
- <entry>
- <emphasis role="bold">root
user Distinguished Name (DN)</emphasis>
- </entry>
- <entry>
- <emphasis
role="bold">Password</emphasis>
- </entry>
- <entry>
- <emphasis
role="bold">Port</emphasis>
- </entry>
- <entry>
- <emphasis role="bold">Admin
Port</emphasis>
- </entry>
- <entry>
- <emphasis role="bold">Base
DN</emphasis>
- </entry>
- <entry>
- <emphasis
role="bold">Database Population</emphasis>
- </entry>
- <entry>
- <emphasis
role="bold">SSO/TLS</emphasis>
- </entry>
- </row>
- <row>
- <entry>
- <emphasis role="bold">RHDS
and OpenDS</emphasis>
- </entry>
- <entry>
- cn=Directory Manager
- </entry>
- <entry>
- password
- </entry>
- <entry>
- 1389
- </entry>
- <entry>
- 4444
- </entry>
- <entry>
- dc=example,dc=com
- </entry>
- <entry>
- "Only create the base entry"
- </entry>
- <entry>
- no SSO, no TLS
- </entry>
- </row>
- <row>
- <entry>
- <emphasis
role="bold">MSAD</emphasis>
- </entry>
- <entry>
- CN=Users
- </entry>
- <entry>
-
- </entry>
- <entry>
-
- </entry>
- <entry>
-
- </entry>
- <entry>
-
- </entry>
- <entry>
-
- </entry>
- <entry>
-
- </entry>
- </row>
- <row>
- <entry>
- <emphasis
role="bold">OpenLDAP</emphasis>
- </entry>
- <entry>
- cn=Manager,dc=example,dc=com
- </entry>
- <entry>
- secret
- </entry>
- <entry>
- 1389
- </entry>
- <entry>
-
- </entry>
- <entry>
- dc=example,dc=com
- </entry>
- <entry>
-
- </entry>
- <entry>
-
- </entry>
- </row>
- </tbody>
- </tgroup>
- </table>
- <para>
+ <entry> cn=Manager,dc=example,dc=com </entry>
+ <entry> secret </entry>
+ <entry> 1389 </entry>
+ <entry/>
+ <entry> dc=example,dc=com </entry>
+ <entry/>
+ <entry/>
+ </row>
+ </tbody>
+ </tgroup>
+ </table>
+ <para>
These, and other appropriate settings, should be adjusted
to suit your circumstances.
</para>
- </step>
- <step>
- <para>
+ </step>
+ <step>
+ <para>
<emphasis
role="bold">Optional</emphasis>: Import an
<filename>ldif</filename> file and populate the Directory Server.
</para>
- </step>
- <step>
- <para>
+ </step>
+ <step>
+ <para>
Start the Directory Server.
</para>
- </step>
- </substeps>
- </step>
- </procedure>
-
- <section
id="sect-Reference_Guide_eXo_JCR_1.14-LDAP_Integration-LDAP_in_Read-only_Mode">
- <title>LDAP in Read-only Mode</title>
- <para>
+ </step>
+ </substeps>
+ </step>
+ </procedure>
+ <section
id="sect-Reference_Guide_eXo_JCR_1.14-LDAP_Integration-LDAP_in_Read-only_Mode">
+ <title>LDAP in Read-only Mode</title>
+ <para>
This section will show you how to add LDAP in read-only mode. This means
that user data entries (both pre-existing, and newly added through the JBoss Enterprise
Portal Platform User Interface) will be consumed though the Directory Server and LDAP
services, but written to the underlying database. The only exception is that passwords
updated via the UI will also be propagated into the appropriate LDAP entry.
</para>
-
- <procedure
id="proc-Reference_Guide-LDAP_Integration-LDAP_in_Read-only_mode-Set_up_LDAP_read-only_Mode">
- <title>Set up LDAP read-only Mode</title>
- <step>
- <para>
+ <procedure
id="proc-Reference_Guide-LDAP_Integration-LDAP_in_Read-only_mode-Set_up_LDAP_read-only_Mode">
+ <title>Set up LDAP read-only Mode</title>
+ <step>
+ <para>
Open the
<filename><replaceable>ID_HOME</replaceable>/idm-configuration.xml</filename>
file.
</para>
- <para>
+ <para>
JBoss Enterprise Portal Platform uses the PicketLink IDM
framework as the underlying identity storage system, hence all the configurations use
dedicated Picketlink settings.
</para>
- </step>
- <step>
- <para>
+ </step>
+ <step>
+ <para>
Comment out the default Picketlink
<literal>config</literal> value:
</para>
-<programlisting language="XML"
role="XML"><![CDATA[<value>war:/conf/organization/picketlink-idm/picketlink-idm-config.xml</value>
+ <programlisting language="XML"
role="XML"><![CDATA[<value>war:/conf/organization/picketlink-idm/picketlink-idm-config.xml</value>
]]></programlisting>
- </step>
- <step>
- <para>
+ </step>
+ <step>
+ <para>
Uncomment the appropriate sample configuration values as
described below, depending on which Directory Server you are implementing:
</para>
- <itemizedlist>
- <listitem>
- <para>
+ <itemizedlist>
+ <listitem>
+ <para>
<xref
linkend="proc-Reference_Guide-LDAP_Integration-LDAP_in_Read-only_Mode-Set_up_LDAP_read-only_Mode-RHDS_or_OpenDS"/>
</para>
- </listitem>
- <listitem>
- <para>
+ </listitem>
+ <listitem>
+ <para>
<xref
linkend="proc-Reference_Guide-LDAP_Integration-LDAP_in_Read-only_Mode-Set_up_LDAP_read-only_Mode-MSAD"/>
</para>
- </listitem>
- <listitem>
- <para>
+ </listitem>
+ <listitem>
+ <para>
<xref
linkend="proc-Reference_Guide-LDAP_Integration-LDAP_in_Read-only_Mode-Set_up_LDAP_read-only_Mode-OpenLDAP"/>
</para>
- </listitem>
- </itemizedlist>
-
- <procedure
id="proc-Reference_Guide-LDAP_Integration-LDAP_in_Read-only_Mode-Set_up_LDAP_read-only_Mode-RHDS_or_OpenDS">
- <title>Red Hat Directory Server or OpenDS</title>
- <step>
- <para>
- Uncomment the line under "<emphasis>Read Only
"ACME" LDAP Example</emphasis>":
+ </listitem>
+ </itemizedlist>
+ <procedure
id="proc-Reference_Guide-LDAP_Integration-LDAP_in_Read-only_Mode-Set_up_LDAP_read-only_Mode-RHDS_or_OpenDS">
+ <title>Red Hat Directory Server or OpenDS</title>
+ <step>
+ <para>
+ Uncomment the line under "<emphasis>Read
Only "ACME" LDAP Example</emphasis>":
</para>
-<programlisting language="XML"
role="XML"><![CDATA[<!--Read Only "ACME" LDAP Example-->
+ <programlisting language="XML"
role="XML"><![CDATA[<!--Read Only "ACME" LDAP Example-->
<value>war:/conf/organization/picketlink-idm/examples/picketlink-idm-LDAP-acme-config.xml</value>
]]></programlisting>
-
- </step>
- <step>
- <para>
- Uncomment the
<parameter>groupTypeMappings</parameter> under "<emphasis>Uncomment
for ACME LDAP example</emphasis>":
+ </step>
+ <step>
+ <para>
+ Uncomment the
<parameter>groupTypeMappings</parameter> under
"<emphasis>Uncomment for ACME LDAP example</emphasis>":
</para>
-<programlisting language="XML" role="XML"><![CDATA[<!--
Uncomment for ACME LDAP example -->
+ <programlisting language="XML"
role="XML"><![CDATA[<!-- Uncomment for ACME LDAP example -->
<entry>
<key><string>/acme/roles/*</string></key>
<value><string>acme_roles_type</string></value>
@@ -337,68 +261,66 @@
<value><string>acme_ou_type</string></value>
</entry>
]]></programlisting>
- <para>
+ <para>
Refer to <xref
linkend="exam-Reference_Guide-LDAP_Integration-Examples-Read_Only_groupTypeMappings"/>
for more information about how these <parameter>groupTypeMappings</parameter>
operate.
</para>
- </step>
- <step>
- <para>
+ </step>
+ <step>
+ <para>
Continue to <xref
linkend="step-Reference_Guide-LDAP_Integration-LDAP_in_Read-only_Mode-Set_up_LDAP_read-only_Mode-Step-4"/>.
</para>
- </step>
- </procedure>
-
- <procedure
id="proc-Reference_Guide-LDAP_Integration-LDAP_in_Read-only_Mode-Set_up_LDAP_read-only_Mode-MSAD">
- <title>Microsoft Active Directory</title>
- <step>
- <para>
- Uncomment the line under "<emphasis>MSAD Read
Only "ACME" LDAP Example</emphasis>":
+ </step>
+ </procedure>
+ <procedure
id="proc-Reference_Guide-LDAP_Integration-LDAP_in_Read-only_Mode-Set_up_LDAP_read-only_Mode-MSAD">
+ <title>Microsoft Active Directory</title>
+ <step>
+ <para>
+ Uncomment the line under "<emphasis>MSAD
Read Only "ACME" LDAP Example</emphasis>":
</para>
-<programlisting language="XML"
role="XML"><![CDATA[<!--MSAD Read Only "ACME" LDAP
Example-->
+ <programlisting language="XML"
role="XML"><![CDATA[<!--MSAD Read Only "ACME" LDAP
Example-->
<value>war:/conf/organization/picketlink-idm/examples/picketlink-idm-msad-readonly-config.xml</value>
]]></programlisting>
- </step>
- <step>
- <para>
- Uncomment the
<parameter>groupTypeMappings</parameter> under "<emphasis>Uncomment
for MSAD ReadOnly LDAP example</emphasis>":
+ </step>
+ <step>
+ <para>
+ Uncomment the
<parameter>groupTypeMappings</parameter> under
"<emphasis>Uncomment for MSAD ReadOnly LDAP
example</emphasis>":
</para>
-<programlisting language="XML" role="XML"><![CDATA[<!--
Uncomment for MSAD ReadOnly LDAP example -->
+ <programlisting language="XML"
role="XML"><![CDATA[<!-- Uncomment for MSAD ReadOnly LDAP example
-->
<entry>
<key><string>/acme/roles/*</string></key>
<value><string>msad_roles_type</string></value>
</entry>
]]></programlisting>
- <para>
+ <para>
Refer to <xref
linkend="exam-Reference_Guide-LDAP_Integration-Examples-Read_Only_groupTypeMappings"/>
for more information about how these <parameter>groupTypeMappings</parameter>
operate.
</para>
- </step>
- <step>
- <para>
+ </step>
+ <step>
+ <para>
Continue to <xref
linkend="step-Reference_Guide-LDAP_Integration-LDAP_in_Read-only_Mode-Set_up_LDAP_read-only_Mode-Step-4"/>.
</para>
- </step>
- </procedure>
-
- <procedure
id="proc-Reference_Guide-LDAP_Integration-LDAP_in_Read-only_Mode-Set_up_LDAP_read-only_Mode-OpenLDAP">
- <title>OpenLDAP</title>
- <step>
- <para>
+ </step>
+ </procedure>
+ <procedure
id="proc-Reference_Guide-LDAP_Integration-LDAP_in_Read-only_Mode-Set_up_LDAP_read-only_Mode-OpenLDAP">
+ <title>OpenLDAP</title>
+ <step>
+ <para>
If you have not done so already, install your LDAP
server. Refer to <xref
linkend="proc-Reference_Guide-LDAP_Integration-LDAP_Set_Up"/> for some
assistance.
</para>
- </step>
- <step>
- <para>
- Uncomment the line under "<emphasis>OpenLDAP
ReadOnly "ACME" LDAP Example</emphasis>":
+ </step>
+ <step>
+ <para>
+ Uncomment the line under
"<emphasis>OpenLDAP ReadOnly "ACME" LDAP
Example</emphasis>":
</para>
-<programlisting language="XML"
role="XML"><![CDATA[<!--OpenLDAP ReadOnly "ACME" LDAP
Example-->
+ <programlisting language="XML"
role="XML"><![CDATA[<!--OpenLDAP ReadOnly "ACME" LDAP
Example-->
<value>war:/conf/organization/picketlink-idm/examples/picketlink-idm-openLDAP-acme-config.xml</value>
]]></programlisting>
- </step>
- <step>
- <para>
- Uncomment the
<parameter>groupTypeMappings</parameter> under "<emphasis>Uncomment
for ACME LDAP example</emphasis>":
+ </step>
+ <step>
+ <para>
+ Uncomment the
<parameter>groupTypeMappings</parameter> under
"<emphasis>Uncomment for ACME LDAP example</emphasis>":
</para>
-<programlisting language="XML" role="XML"><![CDATA[<!--
Uncomment for ACME LDAP example -->
+ <programlisting language="XML"
role="XML"><![CDATA[<!-- Uncomment for ACME LDAP example -->
<entry>
<key><string>/acme/roles/*</string></key>
<value><string>acme_roles_type</string></value>
@@ -408,192 +330,193 @@
<value><string>acme_ou_type</string></value>
</entry>
]]></programlisting>
- <para>
+ <para>
Refer to <xref
linkend="exam-Reference_Guide-LDAP_Integration-Examples-Read_Only_groupTypeMappings"/>
for more information about how these <parameter>groupTypeMappings</parameter>
operate.
</para>
- </step>
- <step>
- <para>
+ </step>
+ <step>
+ <para>
Continue to <xref
linkend="step-Reference_Guide-LDAP_Integration-LDAP_in_Read-only_Mode-Set_up_LDAP_read-only_Mode-Step-4"/>.
</para>
- </step>
- </procedure>
- </step>
-
- <step
id="step-Reference_Guide-LDAP_Integration-LDAP_in_Read-only_Mode-Set_up_LDAP_read-only_Mode-Step-4">
- <para>
+ </step>
+ </procedure>
+ </step>
+ <step
id="step-Reference_Guide-LDAP_Integration-LDAP_in_Read-only_Mode-Set_up_LDAP_read-only_Mode-Step-4">
+ <para>
To use a different LDAP server or directory data, edit the
DS-specific <filename>.xml</filename> file you uncommented in <emphasis
role="bold">Substep 3a</emphasis> above and change the values to suit
your requirements.
</para>
- <para>
+ <para>
Refer to the list in <xref
linkend="exam-Reference_Guide-LDAP_Integration-Examples-LDAP_configuration_options"/>
for some examples or refer to the product-specific documentation for more information.
</para>
- </step>
- <step>
- <para>
+ </step>
+ <step>
+ <para>
Start the server.
</para>
- </step>
- <step>
- <para>
- Navigate to the portal homepage (<ulink type="http"
url="http://localhost:8080/portal"></ulink>) and log in as an
administrator.
+ </step>
+ <step>
+ <para>
+ Navigate to the portal homepage (<ulink
url="http://localhost:8080/portal" type="http"/>) and log in as an
administrator.
</para>
- </step>
- <step>
- <para>
+ </step>
+ <step>
+ <para>
Navigate to <menuchoice>
- <guimenu>Group</guimenu>
- <guimenuitem>Organization</guimenuitem>
- <guimenuitem>Users and groups
management</guimenuitem>
- </menuchoice>.
+ <guimenu>Group</guimenu>
+ <guimenuitem>Organization</guimenuitem>
+ <guimenuitem>Users and groups management</guimenuitem>
+ </menuchoice>.
</para>
- <substeps>
- <step>
- <para>
+ <substeps>
+ <step>
+ <para>
Create a new group called
<emphasis>acme</emphasis> under the root node.
</para>
- </step>
- <step>
- <itemizedlist>
- <listitem>
- <para>
+ </step>
+ <step>
+ <itemizedlist>
+ <listitem>
+ <para>
<emphasis role="bold">For RHDS,
OpenDS and OpenLDAP</emphasis>:
</para>
- <para>
+ <para>
Create two sub-groups called
<emphasis>roles</emphasis> and
<emphasis>organization_units</emphasis>.
</para>
- </listitem>
- <listitem>
- <para>
+ </listitem>
+ <listitem>
+ <para>
<emphasis role="bold">For
MSAD:</emphasis>
</para>
- <para>
+ <para>
Create a subgroup called
<emphasis>roles</emphasis>.
</para>
- </listitem>
- </itemizedlist>
- </step>
- </substeps>
- </step>
- </procedure>
-
- <para>
- Users defined in LDAP should be visible in "<emphasis>Users and
groups management</emphasis>" and groups from LDAP should be present as
children of <emphasis>/acme/roles</emphasis> and
<emphasis>/acme/organization_units</emphasis>.
+ </listitem>
+ </itemizedlist>
+ </step>
+ </substeps>
+ </step>
+ </procedure>
+ <para>
+ Users defined in LDAP should be visible in "<emphasis>Users
and groups management</emphasis>" and groups from LDAP should be present as
children of <emphasis>/acme/roles</emphasis> and
<emphasis>/acme/organization_units</emphasis>.
</para>
- <para>
- More information about configuration can be found in <xref
linkend="sect-Reference_Guide-PicketLink_IDM_integration"/> and in the
PicketLink project <ulink type="http"
url="http://anonsvn.jboss.org/repos/picketlink/idm/downloads/docs/1....
Guide</ulink>.
+ <para>
+ More information about configuration can be found in <xref
linkend="sect-Reference_Guide-PicketLink_IDM_integration"/> and in the
PicketLink project <ulink
url="http://anonsvn.jboss.org/repos/picketlink/idm/downloads/docs/1....
type="http">Reference Guide</ulink>.
</para>
- </section>
-
- <section
id="sect-Reference_Guide_eXo_JCR_1.14-LDAP_Integration-LDAP_as_Default_Store">
- <title>LDAP as Default Store</title>
- <para>
+ </section>
+ <section
id="sect-Reference_Guide_eXo_JCR_1.14-LDAP_Integration-LDAP_as_Default_Store">
+ <title>LDAP as Default Store</title>
+ <para>
Follow the procedure below to set LDAP up as the default identity store
for JBoss Enterprise Portal Platform. All default accounts and some of groups that comes
with JBoss Enterprise Portal Platform will be created in the LDAP store.
</para>
- <para>
+ <para>
The LDAP server will be configured to store part of the JBoss
Enterprise Portal Platform group tree. This means that groups under specified part of the
tree will be stored in directory server while all others will be stored in database.
</para>
- <procedure
id="proc-Reference_Guide-LDAP_Integration-LDAP_as_Default_Store-Set_up_LDAP_as_Default_Indentity_Store">
- <title>Set up LDAP as Default Indentity Store</title>
- <step>
- <para>
+ <procedure
id="proc-Reference_Guide-LDAP_Integration-LDAP_as_Default_Store-Set_up_LDAP_as_Default_Indentity_Store">
+ <title>Set up LDAP as Default Indentity Store</title>
+ <step>
+ <para>
If you have not done so already, install your LDAP server. Refer
to <xref linkend="proc-Reference_Guide-LDAP_Integration-LDAP_Set_Up"/> for
some assistance.
</para>
- </step>
- <step>
- <para>
+ </step>
+ <step>
+ <para>
Open the
<filename><replaceable>ID_HOME</replaceable>/idm-configuration.xml</filename>
file.
</para>
- <para>
+ <para>
JBoss Enterprise Portal Platform uses the PicketLink IDM
framework as the underlying identity storage system, hence all the configurations use
dedicated Picketlink settings.
</para>
- </step>
- <step>
- <para>
+ </step>
+ <step>
+ <para>
Comment out the default Picketlink
<literal>config</literal> value:
<parameter>war:/conf/organization/picketlink-idm/picketlink-idm-config.xml</parameter>
</para>
- </step>
- <step>
- <para>
+ </step>
+ <step>
+ <para>
Uncomment the appropriate LDAP configuration entry depending on
your LDAP server:
</para>
- <procedure>
- <title>For RHDS and OpenDS</title>
- <step>
- <para>
- Expose the entry under "<emphasis>Sample LDAP
config</emphasis>":
+ <procedure>
+ <title>For RHDS and OpenDS</title>
+ <step>
+ <para>
+ Expose the entry under "<emphasis>Sample
LDAP config</emphasis>":
</para>
-<programlisting language="XML"
role="XML"><![CDATA[<!--Sample LDAP config-->
+ <programlisting language="XML"
role="XML"><![CDATA[<!--Sample LDAP config-->
<value>war:/conf/organization/picketlink-idm/examples/picketlink-idm-LDAP-config.xml</value>
]]></programlisting>
- </step>
- <step>
- <para>
+ </step>
+ <step>
+ <para>
Continue to <xref
linkend="step-Reference_Guide-LDAP_Integration-LDAP_as_Default_Store-Set_up_LDAP_as_Default_Indentity_Store-Step-5"/>
</para>
- </step>
- </procedure>
- <procedure>
- <title>For MSAD</title>
- <step>
- <para>
- Expose the entry under "<emphasis>MSAD LDAP
Example</emphasis>":
+ </step>
+ </procedure>
+ <procedure>
+ <title>For MSAD</title>
+ <step>
+ <para>
+ Expose the entry under "<emphasis>MSAD LDAP
Example</emphasis>":
</para>
-<programlisting language="XML"
role="XML"><![CDATA[<!--MSAD LDAP Example-->
+ <programlisting language="XML"
role="XML"><![CDATA[<!--MSAD LDAP Example-->
<value>war:/conf/organization/picketlink-idm/examples/picketlink-idm-msad-config.xml</value>
]]></programlisting>
- <procedure>
- <title>To use SSL encryption with
MSAD:</title>
- <step>
- <para>
+ <procedure>
+ <title>To use SSL encryption with MSAD:</title>
+ <step>
+ <para>
Open the
<filename><replaceable>ID_HOME</replaceable>/picketlink-idm/examples/picketlink-idm-msad-config.xml</filename>.
</para>
- </step>
- <step>
- <para>
+ </step>
+ <step>
+ <para>
Ensure the following entries are uncommented and
that the path to the <filename>truststore</filename> file and password are
correct:
</para>
-<programlisting><option>
+ <programlisting><option>
<name>customSystemProperties</name>
<value>javax.net.ssl.trustStore=<replaceable>/path/to/truststore</replaceable></value>
<value>javax.net.ssl.trustStorePassword=<replaceable>password</replaceable></value>
</option>
</programlisting>
- <para>
+ <para>
You can import a custom certificate by replacing
the <replaceable>certificate</replaceable> and
<replaceable>truststore</replaceable> details in the following command:
</para>
-<programlisting><command>keytool -import -file
<filename><replaceable>certificate</replaceable></filename>
-keystore
<filename><replaceable>truststore</replaceable></filename></command>
+ <programlisting><command>keytool -import -file
<filename>
+ <replaceable>certificate</replaceable>
+ </filename> -keystore <filename>
+ <replaceable>truststore</replaceable>
+ </filename></command>
</programlisting>
- </step>
- </procedure>
- </step>
- <step>
- <para>
+ </step>
+ </procedure>
+ </step>
+ <step>
+ <para>
Continue to <xref
linkend="step-Reference_Guide-LDAP_Integration-LDAP_as_Default_Store-Set_up_LDAP_as_Default_Indentity_Store-Step-5"/>
</para>
- </step>
- </procedure>
- <procedure>
- <title>For OpenLDAP</title>
- <step>
- <para>
- Expose the entry under "<emphasis>OpenLDAP
LDAP config</emphasis>":
+ </step>
+ </procedure>
+ <procedure>
+ <title>For OpenLDAP</title>
+ <step>
+ <para>
+ Expose the entry under
"<emphasis>OpenLDAP LDAP config</emphasis>":
</para>
-<programlisting language="XML"
role="XML"><![CDATA[<!--OpenLDAP LDAP config-->
+ <programlisting language="XML"
role="XML"><![CDATA[<!--OpenLDAP LDAP config-->
<value>war:/conf/organization/picketlink-idm/examples/picketlink-idm-openLDAP-config.xml</value>
]]></programlisting>
- </step>
- <step>
- <para>
+ </step>
+ <step>
+ <para>
Continue to <xref
linkend="step-Reference_Guide-LDAP_Integration-LDAP_as_Default_Store-Set_up_LDAP_as_Default_Indentity_Store-Step-5"/>
</para>
- </step>
- </procedure>
- </step>
- <step
id="step-Reference_Guide-LDAP_Integration-LDAP_as_Default_Store-Set_up_LDAP_as_Default_Indentity_Store-Step-5">
- <para>
- Uncomment the
<parameter>groupTypeMappings</parameter> under "<emphasis>Uncomment
for sample LDAP configuration</emphasis>":
+ </step>
+ </procedure>
+ </step>
+ <step
id="step-Reference_Guide-LDAP_Integration-LDAP_as_Default_Store-Set_up_LDAP_as_Default_Indentity_Store-Step-5">
+ <para>
+ Uncomment the
<parameter>groupTypeMappings</parameter> under
"<emphasis>Uncomment for sample LDAP
configuration</emphasis>":
</para>
-<programlisting language="XML"
role="XML"><![CDATA[<entry>
+ <programlisting language="XML"
role="XML"><![CDATA[<entry>
<key><string>/platform/*</string></key>
<value><string>platform_type</string></value>
</entry>
@@ -602,233 +525,231 @@
<value><string>organization_type</string></value>
</entry>
]]></programlisting>
- <para>
+ <para>
Refer to <xref
linkend="exam-Reference_Guide-LDAP_Integration-Examples-Default_groupTypeMappings"/>
for more information about how these <parameter>groupTypeMappings</parameter>
operate.
</para>
- </step>
- <step>
- <para>
+ </step>
+ <step>
+ <para>
To use a different LDAP server or directory data, edit the
DS-specific <filename>.xml</filename> file you uncommented in <emphasis
role="bold">Step 4</emphasis> above and change the values to suit your
requirements.
</para>
- <para>
+ <para>
Refer to the list in <xref
linkend="exam-Reference_Guide-LDAP_Integration-Examples-LDAP_configuration_options"/>
for some examples or refer to the product-specific documentation for more information.
</para>
- </step>
- <step>
- <para>
+ </step>
+ <step>
+ <para>
Start the server.
</para>
- </step>
- <step>
- <para>
- Navigate to the portal homepage (<ulink type="http"
url="http://localhost:8080/portal"></ulink>) and log in as an
administrator.
+ </step>
+ <step>
+ <para>
+ Navigate to the portal homepage (<ulink
url="http://localhost:8080/portal" type="http"/>) and log in as an
administrator.
</para>
- </step>
- </procedure>
- </section>
-
- <section
id="sect-Reference_Guide_eXo_JCR_1.14-LDAP_Integration-Examples">
- <title>Examples</title>
- <example
id="exam-Reference_Guide-LDAP_Integration-Examples-LDAP_configuration_options">
- <title>LDAP configuration</title>
- <para>
+ </step>
+ </procedure>
+ </section>
+ <section
id="sect-Reference_Guide_eXo_JCR_1.14-LDAP_Integration-Examples">
+ <title>Examples</title>
+ <example
id="exam-Reference_Guide-LDAP_Integration-Examples-LDAP_configuration_options">
+ <title>LDAP configuration</title>
+ <para>
The following settings are stored in the Picketlink configuration
file that is nominated in the <filename>idm-configuration.xml</filename> file
of your deployment (under the <parameter>config</parameter> parameter of the
<parameter>PicketLinkIDMService</parameter> component):
</para>
- <para>
+ <para>
This file could be:
</para>
- <itemizedlist>
- <listitem>
- <para>
+ <itemizedlist>
+ <listitem>
+ <para>
The default
<filename>picketlink-idm-config.xml</filename>.
</para>
- </listitem>
- <listitem>
- <para>
+ </listitem>
+ <listitem>
+ <para>
One of the three example configuration files discussed in
<xref
linkend="proc-Reference_Guide-LDAP_Integration-LDAP_in_Read-only_mode-Set_up_LDAP_read-only_Mode"/>:
</para>
- <simplelist>
-
<member><filename>picketlink-idm-LDAP-acme-config.xml</filename></member>
-
<member><filename>picketlink-idm-msad-readonly-config.xml</filename></member>
-
<member><filename>picketlink-idm-openLDAP-acme-config.xml</filename></member>
- </simplelist>
- </listitem>
- <listitem>
- <para>
+ <simplelist>
+ <member>
+ <filename>picketlink-idm-LDAP-acme-config.xml</filename>
+ </member>
+ <member>
+ <filename>picketlink-idm-msad-readonly-config.xml</filename>
+ </member>
+ <member>
+ <filename>picketlink-idm-openLDAP-acme-config.xml</filename>
+ </member>
+ </simplelist>
+ </listitem>
+ <listitem>
+ <para>
A custom file created by modifying one of the above
files.
</para>
- </listitem>
- </itemizedlist>
- <variablelist>
- <title>Configuration options</title>
- <varlistentry>
- <term>ctxDNs</term>
- <listitem>
- <para>
+ </listitem>
+ </itemizedlist>
+ <variablelist>
+ <title>Configuration options</title>
+ <varlistentry>
+ <term>ctxDNs</term>
+ <listitem>
+ <para>
This is the DN that will be used as context for
<emphasis>IdentityObject</emphasis> searches. More than one value can be
specified.
</para>
- <para>
+ <para>
Some examples are:
</para>
- <itemizedlist>
- <listitem>
- <para>
+ <itemizedlist>
+ <listitem>
+ <para>
ou=People,o=acme,dc=example,dc=com
</para>
- </listitem>
- <listitem>
- <para>
+ </listitem>
+ <listitem>
+ <para>
ou=Roles,o=acme,dc=example,dc=com
</para>
- </listitem>
- <listitem>
- <para>
+ </listitem>
+ <listitem>
+ <para>
ou=OrganizationUnits,o=acme,dc=example,dc=com
</para>
- </listitem>
- <listitem>
- <para>
+ </listitem>
+ <listitem>
+ <para>
<emphasis
role="bold">MSAD</emphasis>: CN=Users,DC=test,DC=domain (in two
places).
</para>
- </listitem>
- </itemizedlist>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>providerURL</term>
- <listitem>
- <para>
- The LDAP server connection URL. Formatted as
"LDAP://localhost:<replaceable><PORT></replaceable>".
The default setting is: <emphasis>LDAP://localhost:1389</emphasis>.
+ </listitem>
+ </itemizedlist>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>providerURL</term>
+ <listitem>
+ <para>
+ The LDAP server connection URL. Formatted as
"LDAP://localhost:<replaceable><PORT></replaceable>".
The default setting is: <emphasis>LDAP://localhost:1389</emphasis>.
</para>
- <para>
+ <para>
<emphasis
role="bold">MSAD</emphasis>: Should use SSL connection
(LDAPs://xxx:636) for password update or creation to work.
</para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>adminDN</term>
- <listitem>
- <para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>adminDN</term>
+ <listitem>
+ <para>
The LDAP entry used to connect to the server.
</para>
- <para>
+ <para>
Some possible values are:
</para>
- <itemizedlist>
- <listitem>
- <para>
+ <itemizedlist>
+ <listitem>
+ <para>
<emphasis role="bold">RHDS or
OpenDS</emphasis>: cn=Directory Manager
</para>
- </listitem>
- <listitem>
- <para>
+ </listitem>
+ <listitem>
+ <para>
<emphasis
role="bold">OpenLDAP</emphasis>: cn=Manager,dc=my-domain,dc=com
</para>
- </listitem>
- <listitem>
- <para>
+ </listitem>
+ <listitem>
+ <para>
<emphasis
role="bold">MSAD</emphasis>: TEST\Administrator
</para>
- </listitem>
- </itemizedlist>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>adminPassword</term>
- <listitem>
- <para>
+ </listitem>
+ </itemizedlist>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>adminPassword</term>
+ <listitem>
+ <para>
The password associated with the <emphasis
role="bold">adminDN</emphasis>.
</para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>customSystemProperties</term>
- <listitem>
- <para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>customSystemProperties</term>
+ <listitem>
+ <para>
This option defines the values needed to use SSL
encryption with LDAP.
</para>
- </listitem>
- </varlistentry>
- </variablelist>
- </example>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </example>
<!-- Source Metadata
URL:
http://anonsvn.jboss.org/repos/picketlink/idm/downloads/docs/1.0.0.GA/Ref...
Author [w/email]: Bolesław Dawidowicz (bdawidow(a)redhat.com), Jeff Yu
License: ??
--->
- <example
id="exam-Reference_Guide-LDAP_Integration-Examples-Read_Only_groupTypeMappings">
- <title>Read Only groupTypeMappings</title>
- <para>
+--> <example
id="exam-Reference_Guide-LDAP_Integration-Examples-Read_Only_groupTypeMappings">
+ <title>Read Only groupTypeMappings</title>
+ <para>
The <parameter>groupTypeMappings</parameter> exposed
in the <filename>idm-configuration.xml</filename> file correspond to
<parameter>identity-object-type</parameter> values defined in the DS-specific
configuration file (referenced in <emphasis>Sub-step 3a</emphasis> of the
DS-specific procedure above).
</para>
- <para>
+ <para>
For RHDS, OpenDS and OpenLDAP the
<filename>picketlink-idm-LDAP-acme-config.xml</filename> and
<filename>picketlink-idm-openLDAP-acme-config.xml</filename> files contain the
following values:
</para>
- <programlistingco>
- <areaspec>
- <areaset
id="area-Reference_Guide-LDAP_Integration-Examples-Read_Only_groupTypeMappings-config-opends"
coords="">
- <area coords="10 40"
id="area-Reference_Guide-LDAP_Integration-Examples-Read_Only_groupTypeMappings-config-users-opends"
/>
- <area coords="14 40"
id="area-Reference_Guide-LDAP_Integration-Examples-Read_Only_groupTypeMappings-config-groups-opends"
/>
- </areaset>
- <area coords="17 40"
id="area-Reference_Guide-LDAP_Integration-Examples-Read_Only_groupTypeMappings-config-read-only-opends"
/>
- </areaspec>
-<programlisting language="XML" role="XML"><xi:include
href="../../extras/Authentication_Identity_LDAP/readonly-opends.xml"
parse="text"
xmlns:xi="http://www.w3.org/2001/XInclude"
/></programlisting>
- <calloutlist>
- <!--#1-->
- <callout
arearefs="area-Reference_Guide-LDAP_Integration-Examples-Read_Only_groupTypeMappings-config-opends">
- <para>
+ <programlistingco>
+ <areaspec>
+ <areaset coords=""
id="area-Reference_Guide-LDAP_Integration-Examples-Read_Only_groupTypeMappings-config-opends">
+ <area coords="10 40"
id="area-Reference_Guide-LDAP_Integration-Examples-Read_Only_groupTypeMappings-config-users-opends"/>
+ <area coords="14 40"
id="area-Reference_Guide-LDAP_Integration-Examples-Read_Only_groupTypeMappings-config-groups-opends"/>
+ </areaset>
+ <area coords="17 40"
id="area-Reference_Guide-LDAP_Integration-Examples-Read_Only_groupTypeMappings-config-read-only-opends"/>
+ </areaspec>
+ <programlisting language="XML"
role="XML"><xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="../../extras/Authentication_Identity_LDAP/readonly-opends.xml"
parse="text"/></programlisting>
+ <calloutlist>
+<!--#1--> <callout
arearefs="area-Reference_Guide-LDAP_Integration-Examples-Read_Only_groupTypeMappings-config-opends">
+ <para>
The PicketLink IDM configuration file dictates that
users and those two group types be stored in LDAP.
</para>
- </callout>
- <!--#2-->
- <callout
arearefs="area-Reference_Guide-LDAP_Integration-Examples-Read_Only_groupTypeMappings-config-read-only-opends">
- <para>
+ </callout>
+<!--#2--> <callout
arearefs="area-Reference_Guide-LDAP_Integration-Examples-Read_Only_groupTypeMappings-config-read-only-opends">
+ <para>
An additional option defines that nothing else (except
password updates) should be written there.
</para>
- </callout>
- </calloutlist>
- </programlistingco>
-
- <para>
+ </callout>
+ </calloutlist>
+ </programlistingco>
+ <para>
All groups under <emphasis
role="bold">/acme/roles</emphasis> will be stored in PicketLink IDM
with the <emphasis role="bold">acme_roles_type</emphasis> group type
name and groups under <emphasis
role="bold">/acme/organization_units</emphasis> will be stored in
PicketLink IDM with <emphasis role="bold">acme_ou_type
group</emphasis> type name.
</para>
- <para>
+ <para>
For MSAD, the
<parameter>identity-object-types</parameter> values in
<filename>picketlink-idm-msad-readonly-config.xml</filename> change to:
</para>
-<programlisting language="XML" role="XML"><xi:include
href="../../extras/Authentication_Identity_LDAP/readonly-msad.xml"
parse="text"
xmlns:xi="http://www.w3.org/2001/XInclude"
/></programlisting>
- <para>
+ <programlisting language="XML" role="XML"><xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="../../extras/Authentication_Identity_LDAP/readonly-msad.xml"
parse="text"/></programlisting>
+ <para>
The difference is that this configuration maps only one group type
and points to the same container in LDAP for both users and mapped groups.
</para>
- </example>
-
- <example
id="exam-Reference_Guide-LDAP_Integration-Examples-Default_groupTypeMappings">
- <title>Default groupTypeMappings</title>
- <para>
+ </example>
+ <example
id="exam-Reference_Guide-LDAP_Integration-Examples-Default_groupTypeMappings">
+ <title>Default groupTypeMappings</title>
+ <para>
The <parameter>groupTypeMappings</parameter> exposed
in the <filename>idm-configuration.xml</filename> file correspond to
<parameter>identity-object-type</parameter> values defined in the DS-specific
configuration file (referenced in <emphasis>Sub-step 3a</emphasis> of the
DS-specific procedure above).
</para>
- <para>
+ <para>
All of the supported LDAP configurations use the following values
when implemented as the default identity store:
</para>
- <programlistingco>
- <areaspec>
- <areaset
id="area-Reference_Guide-LDAP_Integration-Examples-Default_groupTypeMappings-config"
coords="">
- <area coords="10 40"
id="area-Reference_Guide-LDAP_Integration-Examples-Default_groupTypeMappings-config-1"
/>
- <area coords="14 40"
id="area-Reference_Guide-LDAP_Integration-Examples-Default_groupTypeMappings-config-2"
/>
- </areaset>
- </areaspec>
-<programlisting language="XML" role="XML"><xi:include
href="../../extras/Authentication_Identity_LDAP/default-ldap.xml"
parse="text"
xmlns:xi="http://www.w3.org/2001/XInclude"
/></programlisting>
- <calloutlist>
- <!--#1-->
- <callout
arearefs="area-Reference_Guide-LDAP_Integration-Examples-Default_groupTypeMappings-config">
- <para>
+ <programlistingco>
+ <areaspec>
+ <areaset coords=""
id="area-Reference_Guide-LDAP_Integration-Examples-Default_groupTypeMappings-config">
+ <area coords="10 40"
id="area-Reference_Guide-LDAP_Integration-Examples-Default_groupTypeMappings-config-1"/>
+ <area coords="14 40"
id="area-Reference_Guide-LDAP_Integration-Examples-Default_groupTypeMappings-config-2"/>
+ </areaset>
+ </areaspec>
+ <programlisting language="XML"
role="XML"><xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="../../extras/Authentication_Identity_LDAP/default-ldap.xml"
parse="text"/></programlisting>
+ <calloutlist>
+<!--#1--> <callout
arearefs="area-Reference_Guide-LDAP_Integration-Examples-Default_groupTypeMappings-config">
+ <para>
The
<parameter>groupTypeMappings</parameter> define that all groups under
<parameter>/platform</parameter> should be stored in PicketLink IDM with the
<parameter>platform_type</parameter> group type name and groups under
<parameter>/organization</parameter> should be stored in PicketLink IDM with
<parameter>organization_type</parameter> group type name.
</para>
- <para>
- The PicketLink IDM configuration file repository maps
users and those two group types as stored in LDAP.
+ <para> The PicketLink IDM configuration
file repository maps users and those two group types as stored in LDAP.
</para>
- </callout>
- </calloutlist>
- </programlistingco>
- </example>
- </section>
+ </callout>
+ </calloutlist>
+ </programlistingco>
+ </example>
+ </section>
</section>
Modified:
epp/docs/branches/5.2/Reference_Guide/en-US/modules/AuthenticationAndIdentity/SSO.xml
===================================================================
---
epp/docs/branches/5.2/Reference_Guide/en-US/modules/AuthenticationAndIdentity/SSO.xml 2012-07-04
04:54:12 UTC (rev 8767)
+++
epp/docs/branches/5.2/Reference_Guide/en-US/modules/AuthenticationAndIdentity/SSO.xml 2012-07-04
05:05:18 UTC (rev 8768)
@@ -327,7 +327,7 @@
</procedure>
</section>
<section
id="sect-Reference_Guide-SSO_Single_Sign_On_-Central_Authentication_Service">
- <title><remark>BZ#794466 </remark>Central Authentication
Service</title>
+ <title>Central Authentication Service</title>
<para>
This Single Sign On plugin enables seamless integration between JBoss
Enterprise Portal Platform and the Central Authentication Service (<emphasis
role="bold">CAS</emphasis>) Single Sign On Framework. Details about CAS
can be found <ulink
url="http://www.ja-sig.org/cas/"> here </ulink>
.
</para>
@@ -498,7 +498,7 @@
Information about where the CAS is hosted must be properly configured within
the JBoss Enterprise Portal Platform instance. The required configuration is done by
modifying three files.
</para>
<procedure
id="proc-Reference_Guide-Central_Authentication_Service-Redirect_to_CAS">
- <title><remark>BZ#794466 </remark>Redirect to CAS</title>
+ <title>Redirect to CAS</title>
<step>
<para>
Modify the '<emphasis role="bold">Sign
In</emphasis>' link in the
<filename><replaceable><JBOSS_HOME></replaceable>/server/<replaceable><PROFILE></replaceable>/deploy/gatein.ear/web.war/groovy/groovy/webui/component/UIBannerPortlet.gtml</filename>
file as follows:
@@ -521,7 +521,6 @@
<para>
Add the following Filters at the top of the filter chain in
<filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename>:
</para>
- <remark>BZ#794466 - Updated formatting of line break. in
URL</remark>
<programlisting language="XML"
role="XML"><xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="../../extras/Authentication_Identity_SSO/default109.xml"
parse="text"/></programlisting>
</step>
</procedure>
@@ -556,7 +555,7 @@
</step>
</procedure>
<procedure
id="proc-Reference_Guide-Java_Open_Single_Sign_On_Project-Modifying_JOSSO_server">
- <title><remark>BZ#793838</remark>Modifying JOSSO
server</title>
+ <title>Modifying JOSSO server</title>
<step>
<para>
Copy the files from
<filename><replaceable>PORTAL_SSO</replaceable>/josso/plugin</filename>
into the <filename>JOSSO_HOME</filename> directory created in the last step.
@@ -608,7 +607,7 @@
</step>
</procedure>
<procedure
id="proc-Reference_Guide-Java_Open_Single_Sign_On_Project-Setup_the_JOSSO_client">
- <title><remark>BZ#793838</remark> Setup the JOSSO
client</title>
+ <title> Setup the JOSSO client</title>
<note>
<para>
There are some changes in JOSSO agent API between versions 1.8.1 and 1.8.2, which require
different modules for different JOSSO versions.
Modified:
epp/docs/branches/5.2/Reference_Guide/en-US/modules/AuthenticationAndIdentity.xml
===================================================================
---
epp/docs/branches/5.2/Reference_Guide/en-US/modules/AuthenticationAndIdentity.xml 2012-07-04
04:54:12 UTC (rev 8767)
+++
epp/docs/branches/5.2/Reference_Guide/en-US/modules/AuthenticationAndIdentity.xml 2012-07-04
05:05:18 UTC (rev 8768)
@@ -1,18 +1,18 @@
-<?xml version='1.0' encoding='utf-8' ?>
+<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "Reference_Guide.ent">
%BOOK_ENTITIES;
]>
<chapter id="chap-Reference_Guide-Authentication_and_Identity">
- <title>Authentication and Identity</title>
- <xi:include
href="AuthenticationAndIdentity/AuthenticationAuthorizationOverview.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="AuthenticationAndIdentity/PasswordEncryption.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include
href="AuthenticationAndIdentity/PredefinedUserConfiguration.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include
href="AuthenticationAndIdentity/AuthenticationTokenConfiguration.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="AuthenticationAndIdentity/BackendConfiguration.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="AuthenticationAndIdentity/OrganizationAPI.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="AuthenticationAndIdentity/AccessingUserProfile.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="AuthenticationAndIdentity/SSO.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
- <xi:include href="AuthenticationAndIdentity/LDAP.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <title>Authentication and Identity</title>
+ <xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="AuthenticationAndIdentity/AuthenticationAuthorizationOverview.xml"/>
+ <xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="AuthenticationAndIdentity/PasswordEncryption.xml"/>
+ <xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="AuthenticationAndIdentity/PredefinedUserConfiguration.xml"/>
+ <xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="AuthenticationAndIdentity/AuthenticationTokenConfiguration.xml"/>
+ <xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="AuthenticationAndIdentity/BackendConfiguration.xml"/>
+ <xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="AuthenticationAndIdentity/OrganizationAPI.xml"/>
+ <xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="AuthenticationAndIdentity/AccessingUserProfile.xml"/>
+ <xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="AuthenticationAndIdentity/SSO.xml"/>
+ <xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="AuthenticationAndIdentity/LDAP.xml"/>
+ <xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="AuthenticationAndIdentity/CoreOrganizationInitializer.xml"
encoding="UTF-8"/>
</chapter>
-
Modified:
epp/docs/branches/5.2/Reference_Guide/en-US/modules/PortalDevelopment/LocalizationConfiguration.xml
===================================================================
---
epp/docs/branches/5.2/Reference_Guide/en-US/modules/PortalDevelopment/LocalizationConfiguration.xml 2012-07-04
04:54:12 UTC (rev 8767)
+++
epp/docs/branches/5.2/Reference_Guide/en-US/modules/PortalDevelopment/LocalizationConfiguration.xml 2012-07-04
05:05:18 UTC (rev 8768)
@@ -202,7 +202,7 @@
</programlisting>
</section>
<section
id="sect-Reference_Guide-Pluggable_Locale_Policy-LocalePolicy_Configuration">
- <title><remark>BZ#794455 </remark>LocalePolicy
Configuration</title>
+ <title>LocalePolicy Configuration</title>
<para>
The <literal>LocalePolicy</literal> framework is enabled for portlets by
configuring <literal>LocalizationLifecycle</literal> class in
portal's webui configuration file:
<filename><replaceable>JBOSS_HOME</replaceable>/server/<replaceable><PROFILE></replaceable>/deploy/gatein.ear/02portal.war/WEB-INF/webui-configuration.xml</filename>:
</para>
@@ -211,7 +211,6 @@
<listener>org.exoplatform.portal.application.localization.LocalizationLifecycle</listener>
</application-life-cycle-listeners>
</programlisting>
- <remark>BZ#794455 - 20120319 - Updated the location of LocalePolicy as
prescribed.</remark>
<para>
The default <literal>LocalePolicy</literal> implementation is installed
as an eXo Kernel portal service via
<filename><replaceable>JBOSS_HOME</replaceable>/server/<replaceable><PROFILE></replaceable>/deploy/gatein.ear/02portal.war/WEB-INF/conf/portal/web-configuration.xml</filename>.
</para>
Modified: epp/docs/branches/5.2/Reference_Guide/publican.cfg
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/publican.cfg 2012-07-04 04:54:12 UTC (rev 8767)
+++ epp/docs/branches/5.2/Reference_Guide/publican.cfg 2012-07-04 05:05:18 UTC (rev 8768)
@@ -3,5 +3,5 @@
debug: 1
type: Book
git_branch: docs-rhel-6
-#show_remarks: 1
+show_remarks: 1