Author: smumford Date: 2010-10-26 03:13:32 -0400 (Tue, 26 Oct 2010) New Revision: 4833 Modified: epp/docs/branches/EPP_5_1_Branch/Installation_Guide/en-US/Book_Info.xml epp/docs/branches/EPP_5_1_Branch/Installation_Guide/en-US/Getting_Started.xml epp/docs/branches/EPP_5_1_Branch/Installation_Guide/en-US/Revision_History.xml Log: Minor changes and version updates. Began modifying Release Notes for 5.1 Modified: epp/docs/branches/EPP_5_1_Branch/Installation_Guide/en-US/Book_Info.xml =================================================================== --- epp/docs/branches/EPP_5_1_Branch/Installation_Guide/en-US/Book_Info.xml 2010-10-26 06:45:50 UTC (rev 4832) +++ epp/docs/branches/EPP_5_1_Branch/Installation_Guide/en-US/Book_Info.xml 2010-10-26 07:13:32 UTC (rev 4833) @@ -11,7 +11,7 @@ <subtitle>An Installation Guide for &PRODUCT;</subtitle> <productname>JBoss Enterprise Portal Platform</productname> <productnumber>5</productnumber> - <edition>1.7</edition> + <edition>1.8</edition> <pubsnumber>1</pubsnumber> <abstract> <para> Modified: epp/docs/branches/EPP_5_1_Branch/Installation_Guide/en-US/Getting_Started.xml =================================================================== --- epp/docs/branches/EPP_5_1_Branch/Installation_Guide/en-US/Getting_Started.xml 2010-10-26 06:45:50 UTC (rev 4832) +++ epp/docs/branches/EPP_5_1_Branch/Installation_Guide/en-US/Getting_Started.xml 2010-10-26 07:13:32 UTC (rev 4833) @@ -650,5 +650,35 @@ </section> </section> + <section> + <title>Recommended Practices</title> + <para> + &PRODUCT; includes four pre-configured user accounts for testing and evaluation purposes. These accounts can be used for direct access to the portal. + </para> + <para> + For security reasons, before going in production, you should restrict the access to the login servlet to POST. + </para> + <para> + To do so, edit the file <filename>$JBOSS_HOME/server/[configuration]/gatein.ear/02portal.war/WEB-INF/web.xml</filename> and add: + </para> +<programlisting language="XML" role="XML"><![CDATA[ +<security-constraint> + <web-resource-collection> + <web-resource-name>login</web-resource-name> + <url-pattern>/login</url-pattern> + <http-method>GET</http-method> + <http-method>PUT</http-method> + <http-method>DELETE</http-method> + <http-method>HEAD</http-method> + <http-method>OPTIONS</http-method> + <http-method>TRACE</http-method> + </web-resource-collection> + <auth-constraint/> +</security-constraint> ]]></programlisting> + <para> + Doing this will render the login links provided on the front page inactive. + </para> + + </section> </chapter> Modified: epp/docs/branches/EPP_5_1_Branch/Installation_Guide/en-US/Revision_History.xml =================================================================== --- epp/docs/branches/EPP_5_1_Branch/Installation_Guide/en-US/Revision_History.xml 2010-10-26 06:45:50 UTC (rev 4832) +++ epp/docs/branches/EPP_5_1_Branch/Installation_Guide/en-US/Revision_History.xml 2010-10-26 07:13:32 UTC (rev 4833) @@ -8,6 +8,20 @@ <title>Revision History</title> <simpara> <revhistory> + <revision> + <revnumber>1-1.8</revnumber> + <date>Tue Oct 26 2010</date> + <author> + <firstname>Scott</firstname> + <surname>Mumford</surname> + <email&gt;smumford(a)redhat.com&lt;/email&gt; + </author> + <revdescription> + <simplelist> + <member>Added Recommended Practices section from earlier Release Notes.</member> + </simplelist> + </revdescription> + </revision> <revision> <revnumber>1-1.7</revnumber> <date>Tue Oct 26 2010</date>