gatein SVN: r8018 - in epp/docs/branches/5.2: Reference_Guide/en-US/extras/Authentication_Identity_SSO and 10 other directories.
8:39 p.m.
Author: smumford
Date: 2011-11-09 21:39:06 -0500 (Wed, 09 Nov 2011)
New Revision: 8018
Modified:
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/Authentication_Identity_SSO/default105.xml
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/Authentication_Identity_SSO/default111.xml
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/Authentication_Identity_SSO/default118.xml
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/PortalDevelopment_Skinning/default185.java
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/PortalDevelopment_Skinning/default186.xml
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/modules/AuthenticationAndIdentity/SSO.xml
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/modules/Introduction.xml
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/modules/PortalDevelopment/Skinning.xml
epp/docs/branches/5.2/Reference_Guide/en-US/Book_Info.xml
epp/docs/branches/5.2/Reference_Guide/en-US/Revision_History.xml
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default105.xml
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default111.xml
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default112.xml
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default115.xml
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default118.xml
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default122.xml
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default125.xml
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default126.xml
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_PortalLifecycle/default166.java
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_PortalLifecycle/default168.java
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_PortalLifecycle/is1.java
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default181.xml
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default182.xml
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default183.xml
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default184.java
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default185.java
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default186.xml
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default188.xml
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default190.java
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default191.xml
epp/docs/branches/5.2/Reference_Guide/en-US/modules/AuthenticationAndIdentity/BackendConfiguration.xml
epp/docs/branches/5.2/Reference_Guide/en-US/modules/AuthenticationAndIdentity/SSO.xml
epp/docs/branches/5.2/Reference_Guide/en-US/modules/Introduction.xml
epp/docs/branches/5.2/Reference_Guide/en-US/modules/PortalDevelopment/Skinning.xml
Log:
Incorporated feedback and GateIn revisions 8015, 8017 and 7919
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/Book_Info.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/en-US/Book_Info.xml 2011-11-09 21:18:17 UTC (rev
8017)
+++ epp/docs/branches/5.2/Reference_Guide/en-US/Book_Info.xml 2011-11-10 02:39:06 UTC (rev
8018)
@@ -9,7 +9,7 @@
<productname>JBoss Enterprise Portal Platform</productname>
<productnumber>5.2</productnumber>
<edition>5.2.0</edition>
- <pubsnumber>6</pubsnumber>
+ <pubsnumber>7</pubsnumber>
<abstract>
<para>
This Reference Guide is a high-level usage document. It deals with more
advanced topics than the Installation and User Guides, adding new content or taking
concepts discussed in the earlier documents further. It aims to provide supporting
documentation for advanced users of the JBoss Enterprise Portal Platform product. Its
primary focus is on advanced use of the product and it assumes an intermediate or advanced
knowledge of the technology and terms.
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/Revision_History.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/en-US/Revision_History.xml 2011-11-09 21:18:17
UTC (rev 8017)
+++ epp/docs/branches/5.2/Reference_Guide/en-US/Revision_History.xml 2011-11-10 02:39:06
UTC (rev 8018)
@@ -8,6 +8,20 @@
<simpara>
<revhistory>
<revision>
+ <revnumber>5.2.0-7</revnumber>
+ <date>Wed Nov 9 2011</date>
+ <author>
+ <firstname>Scott</firstname>
+ <surname>Mumford</surname>
+ <email></email>
+ </author>
+ <revdescription>
+ <simplelist>
+ <member>Porting GateIn updates.</member>
+ </simplelist>
+ </revdescription>
+ </revision>
+ <revision>
<revnumber>5.2.0-6</revnumber>
<date>Wed Oct 5 2011</date>
<author>
Modified:
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default105.xml
===================================================================
---
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default105.xml 2011-11-09
21:18:17 UTC (rev 8017)
+++
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default105.xml 2011-11-10
02:39:06 UTC (rev 8018)
@@ -1,5 +1,7 @@
<authentication>
<login-module code="org.gatein.sso.agent.login.SSOLoginModule"
flag="required">
+ <module-option
name="portalContainerName">portal</module-option>
+ <module-option name="realmName">gatein-domain</module-option>
</login-module>
<login-module
code="org.exoplatform.services.security.j2ee.JbossLoginModule"
flag="required">
<module-option
name="portalContainerName">portal</module-option>
Modified:
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default111.xml
===================================================================
---
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default111.xml 2011-11-09
21:18:17 UTC (rev 8017)
+++
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default111.xml 2011-11-10
02:39:06 UTC (rev 8018)
@@ -1,5 +1,7 @@
<authentication>
<login-module code="org.gatein.sso.agent.login.SSOLoginModule"
flag="required">
+ <module-option
name="portalContainerName">portal</module-option>
+ <module-option name="realmName">gatein-domain</module-option>
</login-module>
<login-module
code="org.exoplatform.services.security.j2ee.JbossLoginModule"
flag="required">
<module-option
name="portalContainerName">portal</module-option>
Modified:
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default112.xml
===================================================================
---
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default112.xml 2011-11-09
21:18:17 UTC (rev 8017)
+++
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default112.xml 2011-11-10
02:39:06 UTC (rev 8018)
@@ -1,2 +1,4 @@
-<!--<a class="Login"
onclick="$signInAction"><%=_ctx.appRes("UILoginForm.label.Signin")%></a>-->
+<!--
+<a class="Login"
onclick="$signInAction"><%=_ctx.appRes("UILoginForm.label.Signin")%></a>
+-->
<a class="Login"
href="/portal/sso"><%=_ctx.appRes("UILoginForm.label.Signin")%></a>
\ No newline at end of file
Modified:
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default115.xml
===================================================================
---
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default115.xml 2011-11-09
21:18:17 UTC (rev 8017)
+++
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default115.xml 2011-11-10
02:39:06 UTC (rev 8018)
@@ -1,44 +1,44 @@
- <filter>
- <filter-name>LoginRedirectFilter</filter-name>
-
<filter-class>org.gatein.sso.agent.filter.LoginRedirectFilter</filter-class>
- <init-param>
- <!-- This should point to your SSO authentication server -->
- <param-name>LOGIN_URL</param-name>
- <param-value>http://localhost:8888/josso/signon/login.do?
-
josso_back_to=http://localhost:8080/portal/initiatessologin</param-value>
- </init-param>
- </filter>
- <filter>
- <filter-name>JOSSOLogoutFilter</filter-name>
-
<filter-class>org.gatein.sso.agent.filter.JOSSOLogoutFilter</filter-class>
- <init-param>
+<filter>
+ <filter-name>LoginRedirectFilter</filter-name>
+
<filter-class>org.gatein.sso.agent.filter.LoginRedirectFilter</filter-class>
+ <init-param>
+ <!-- This should point to your SSO authentication server -->
+ <param-name>LOGIN_URL</param-name>
+
<param-value>http://localhost:8888/josso/signon/login.do?josso_back_to=http://localhost:8080/portal/initiatessologin</param-value>
+ </init-param>
+</filter>
+<filter>
+ <filter-name>JOSSOLogoutFilter</filter-name>
+
<filter-class>org.gatein.sso.agent.filter.JOSSOLogoutFilter</filter-class>
+ <init-param>
<!-- This should point to your JOSSO authentication server -->
<param-name>LOGOUT_URL</param-name>
<param-value>http://localhost:8888/josso/signon/logout.do</param-value>
- </init-param>
- </filter>
- <filter>
- <filter-name>InitiateLoginFilter</filter-name>
-
<filter-class>org.gatein.sso.agent.filter.InitiateLoginFilter</filter-class>
- <init-param>
- <param-name>ssoServerUrl</param-name>
-
<param-value>http://localhost:8888/josso/signon/login.do</param-value>
- </init-param>
- <init-param>
- <param-name>loginUrl</param-name>
- <param-value>http://localhost:8080/portal/dologin</param-value>
- </init-param>
- </filter>
- <!-- filters should be placed at the very top of the filter chain -->
- <filter-mapping>
- <filter-name>LoginRedirectFilter</filter-name>
- <url-pattern>/*</url-pattern>
- </filter-mapping>
- <filter-mapping>
- <filter-name>JOSSOLogoutFilter</filter-name>
- <url-pattern>/*</url-pattern>
- </filter-mapping>
- <filter-mapping>
- <filter-name>InitiateLoginFilter</filter-name>
- <url-pattern>/initiatessologin</url-pattern>
- </filter-mapping>
\ No newline at end of file
+ </init-param>
+</filter>
+<filter>
+ <filter-name>InitiateLoginFilter</filter-name>
+
<filter-class>org.gatein.sso.agent.filter.InitiateLoginFilter</filter-class>
+ <init-param>
+ <param-name>ssoServerUrl</param-name>
+ <param-value>http://localhost:8888/josso/signon/login.do</param-value>
+ </init-param>
+ <init-param>
+ <param-name>loginUrl</param-name>
+ <param-value>http://localhost:8080/portal/dologin</param-value>
+ </init-param>
+</filter>
+
+<!-- Mapping the filters at the very top of the filter chain -->
+<filter-mapping>
+ <filter-name>LoginRedirectFilter</filter-name>
+ <url-pattern>/*</url-pattern>
+</filter-mapping>
+<filter-mapping>
+ <filter-name>JOSSOLogoutFilter</filter-name>
+ <url-pattern>/*</url-pattern>
+</filter-mapping>
+<filter-mapping>
+ <filter-name>InitiateLoginFilter</filter-name>
+ <url-pattern>/initiatessologin</url-pattern>
+</filter-mapping>
\ No newline at end of file
Modified:
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default118.xml
===================================================================
---
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default118.xml 2011-11-09
21:18:17 UTC (rev 8017)
+++
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default118.xml 2011-11-10
02:39:06 UTC (rev 8018)
@@ -1,5 +1,7 @@
<authentication>
<login-module code="org.gatein.sso.agent.login.SSOLoginModule"
flag="required">
+ <module-option
name="portalContainerName">portal</module-option>
+ <module-option name="realmName">gatein-domain</module-option>
</login-module>
<login-module
code="org.exoplatform.services.security.j2ee.JbossLoginModule"
flag="required">
<module-option
name="portalContainerName">portal</module-option>
Modified:
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default122.xml
===================================================================
---
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default122.xml 2011-11-09
21:18:17 UTC (rev 8017)
+++
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default122.xml 2011-11-10
02:39:06 UTC (rev 8018)
@@ -1,49 +1,48 @@
- <filter>
- <filter-name>LoginRedirectFilter</filter-name>
-
<filter-class>org.gatein.sso.agent.filter.LoginRedirectFilter</filter-class>
- <init-param>
- <!-- This should point to your SSO authentication server -->
- <param-name>LOGIN_URL</param-name>
- <param-value>http://localhost:8888/opensso/UI/Login?
-
realm=gatein&goto=http://localhost:8080/portal/initiatessologin</param-value>
- </init-param>
- </filter>
- <filter>
- <filter-name>OpenSSOLogoutFilter</filter-name>
-
<filter-class>org.gatein.sso.agent.filter.OpenSSOLogoutFilter</filter-class>
- <init-param>
- <!-- This should point to your OpenSSO authentication server -->
- <param-name>LOGOUT_URL</param-name>
- <param-value>http://localhost:8888/opensso/UI/Logout</param-value>
- </init-param>
- </filter>
- <filter>
- <filter-name>InitiateLoginFilter</filter-name>
-
<filter-class>org.gatein.sso.agent.filter.InitiateLoginFilter</filter-class>
- <init-param>
- <param-name>ssoServerUrl</param-name>
- <param-value>hhttp://localhost:8888/opensso</param-value>
- </init-param>
- <init-param>
- <param-name>loginUrl</param-name>
- <param-value>http://localhost:8080/portal/dologin</param-value>
- </init-param>
- <init-param>
+<filter>
+ <filter-name>LoginRedirectFilter</filter-name>
+
<filter-class>org.gatein.sso.agent.filter.LoginRedirectFilter</filter-class>
+ <init-param>
+ <!-- This should point to your SSO authentication server -->
+ <param-name>LOGIN_URL</param-name>
+
<param-value>http://localhost:8888/opensso/UI/Login?realm=gatein&goto=http://localhost:8080/portal/initiatessologin</param-value>
+ </init-param>
+</filter>
+<filter>
+ <filter-name>OpenSSOLogoutFilter</filter-name>
+
<filter-class>org.gatein.sso.agent.filter.OpenSSOLogoutFilter</filter-class>
+ <init-param>
+ <!-- This should point to your SSO authentication server -->
+ <param-name>LOGOUT_URL</param-name>
+ <param-value>http://localhost:8888/opensso/UI/Logout</param-value>
+ </init-param>
+</filter>
+<filter>
+ <filter-name>InitiateLoginFilter</filter-name>
+
<filter-class>org.gatein.sso.agent.filter.InitiateLoginFilter</filter-class>
+ <init-param>
+ <param-name>ssoServerUrl</param-name>
+ <param-value>http://localhost:8888/opensso</param-value>
+ </init-param>
+ <init-param>
+ <param-name>loginUrl</param-name>
+ <param-value>http://localhost:8080/portal/dologin</param-value>
+ </init-param>
+ <init-param>
<param-name>ssoCookieName</param-name>
<param-value>iPlanetDirectoryPro</param-value>
- </init-param>
- </filter>
+ </init-param>
+</filter>
- <!-- place the filters at the top of the filter chain -->
- <filter-mapping>
- <filter-name>LoginRedirectFilter</filter-name>
- <url-pattern>/*</url-pattern>
- </filter-mapping>
- <filter-mapping>
- <filter-name>OpenSSOLogoutFilter</filter-name>
- <url-pattern>/*</url-pattern>
- </filter-mapping>
- <filter-mapping>
- <filter-name>InitiateLoginFilter</filter-name>
- <url-pattern>/initiatessologin</url-pattern>
- </filter-mapping>
\ No newline at end of file
+<!-- Mapping the filters at the very top of the filter chain -->
+<filter-mapping>
+ <filter-name>LoginRedirectFilter</filter-name>
+ <url-pattern>/*</url-pattern>
+</filter-mapping>
+<filter-mapping>
+ <filter-name>OpenSSOLogoutFilter</filter-name>
+ <url-pattern>/*</url-pattern>
+</filter-mapping>
+<filter-mapping>
+ <filter-name>InitiateLoginFilter</filter-name>
+ <url-pattern>/initiatessologin</url-pattern>
+</filter-mapping>
\ No newline at end of file
Modified:
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default125.xml
===================================================================
---
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default125.xml 2011-11-09
21:18:17 UTC (rev 8017)
+++
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default125.xml 2011-11-10
02:39:06 UTC (rev 8018)
@@ -1,5 +1,6 @@
+<deployment xmlns="urn:jboss:bean-deployer:2.0">
<property name="authenticators">
- <map keyClass="java.lang.String"
valueClass="java.lang.String">
+ <map class="java.util.Properties" keyClass="java.lang.String"
valueClass="java.lang.String">
<entry>
<key>BASIC</key>
<value>org.apache.catalina.authenticator.BasicAuthenticator</value>
Modified:
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default126.xml
===================================================================
---
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default126.xml 2011-11-09
21:18:17 UTC (rev 8017)
+++
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default126.xml 2011-11-10
02:39:06 UTC (rev 8018)
@@ -1,20 +1,9 @@
-<deployment xmlns="urn:jboss:bean-deployer:2.0">
- <application-policy xmlns="urn:jboss:security-beans:1.0"
name="gatein-domain">
- <!-- Uncomment this for Kerberos based SSO integration -->
- <authentication>
- <login-module
- code="org.gatein.sso.spnego.SPNEGOLoginModule"
- flag="requisite">
- <module-option
name="password-stacking">useFirstPass</module-option>
- <module-option
name="serverSecurityDomain">host</module-option>
- </login-module>
- <login-module
- code="org.gatein.sso.agent.login.SPNEGORolesModule"
- flag="required">
- <module-option
name="password-stacking">useFirstPass</module-option>
- <module-option
name="portalContainerName">portal</module-option>
- <module-option
name="realmName">gatein-domain</module-option>
- </login-module>
- </authentication>
- </application-policy>
-</deployment>
+<login-module code="org.gatein.sso.spnego.SPNEGOLoginModule"
flag="required">
+ <module-option
name="password-stacking">useFirstPass</module-option>
+ <module-option name="serverSecurityDomain">host</module-option>
+</login-module>
+<login-module code="org.gatein.sso.agent.login.SPNEGORolesModule"
flag="required">
+ <module-option
name="password-stacking">useFirstPass</module-option>
+ <module-option name="portalContainerName">portal</module-option>
+ <module-option name="realmName">gatein-domain</module-option>
+</login-module>
\ No newline at end of file
Modified:
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_PortalLifecycle/default166.java
===================================================================
---
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_PortalLifecycle/default166.java 2011-11-09
21:18:17 UTC (rev 8017)
+++
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_PortalLifecycle/default166.java 2011-11-10
02:39:06 UTC (rev 8018)
@@ -18,7 +18,7 @@
try {
PortalContainer.setInstance(null) ;
} catch (Exception e) {
- log.warn("An error occured while cleaning the ThreadLocal", e);
+ log.warn("An error occurred while cleaning the ThreadLocal", e);
}
}
...
Modified:
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_PortalLifecycle/default168.java
===================================================================
---
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_PortalLifecycle/default168.java 2011-11-09
21:18:17 UTC (rev 8017)
+++
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_PortalLifecycle/default168.java 2011-11-10
02:39:06 UTC (rev 8018)
@@ -33,7 +33,7 @@
try {
component.endRequest(portalContainer);
} catch (Exception e) {
- log.warn("An error occured while calling the endRequest method",
e);
+ log.warn("An error occurred while calling the endRequest method",
e);
}
}
}
Modified:
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_PortalLifecycle/is1.java
===================================================================
---
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_PortalLifecycle/is1.java 2011-11-09
21:18:17 UTC (rev 8017)
+++
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_PortalLifecycle/is1.java 2011-11-10
02:39:06 UTC (rev 8018)
@@ -44,7 +44,7 @@
try {
PortalContainer.setInstance(null) ;
} catch (Exception e) {
- log.warn("An error occured while cleaning the ThreadLocal", e);
+ log.warn("An error occurred while cleaning the ThreadLocal", e);
}
}
log.info("Init of PortalController Servlet successful");
Modified:
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default181.xml
===================================================================
---
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default181.xml 2011-11-09
21:18:17 UTC (rev 8017)
+++
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default181.xml 2011-11-10
02:39:06 UTC (rev 8018)
@@ -1,12 +1,12 @@
<head>
...
<!-- The portal skin -->
-<link id="CoreSkin" rel="stylesheet" type="text/CSS"
href="/eXoResources/skin/Stylesheet.CSS" />
+<link id="CoreSkin" rel="stylesheet" type="text/css"
href="/eXoResources/skin/Stylesheet.css" />
<!-- The portlet skins -->
-<link id="web_FooterPortlet" rel="stylesheet"
type="text/CSS" href=
"/web/skin/portal/webui/component/UIFooterPortlet/DefaultStylesheet.CSS" />
-<link id="web_NavigationPortlet" rel="stylesheet"
type="text/CSS" href=
"/web/skin/portal/webui/component/UINavigationPortlet/DefaultStylesheet.CSS"
/>
-<link id="web_HomePagePortlet" rel="stylesheet"
type="text/CSS" href=
"/portal/templates/skin/webui/component/UIHomePagePortlet/DefaultStylesheet.CSS"
/>
-<link id="web_BannerPortlet" rel="stylesheet"
type="text/CSS" href=
"/web/skin/portal/webui/component/UIBannerPortlet/DefaultStylesheet.CSS" />
+<link id="web_FooterPortlet" rel="stylesheet"
type="text/css" href=
"/web/skin/portal/webui/component/UIFooterPortlet/DefaultStylesheet.css" />
+<link id="web_NavigationPortlet" rel="stylesheet"
type="text/css" href=
"/web/skin/portal/webui/component/UINavigationPortlet/DefaultStylesheet.css"
/>
+<link id="web_HomePagePortlet" rel="stylesheet"
type="text/css" href=
"/portal/templates/skin/webui/component/UIHomePagePortlet/DefaultStylesheet.css"
/>
+<link id="web_BannerPortlet" rel="stylesheet"
type="text/css" href=
"/web/skin/portal/webui/component/UIBannerPortlet/DefaultStylesheet.css" />
...
-</head>
+</head>
\ No newline at end of file
Modified:
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default182.xml
===================================================================
---
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default182.xml 2011-11-09
21:18:17 UTC (rev 8017)
+++
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default182.xml 2011-11-10
02:39:06 UTC (rev 8018)
@@ -1,7 +1,7 @@
<gatein-resources>
<portal-skin>
<skin-name>MySkin</skin-name>
- <CSS-path>/skin/myskin.CSS</CSS-path>
+ <css-path>/skin/myskin.css</css-path>
<overwrite>false</overwrite>
</portal-skin>
</gatein-resources>
Modified:
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default183.xml
===================================================================
---
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default183.xml 2011-11-09
21:18:17 UTC (rev 8017)
+++
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default183.xml 2011-11-10
02:39:06 UTC (rev 8018)
@@ -5,5 +5,5 @@
<filter-mapping>
<filter-name>ResourceRequestFilter</filter-name>
- <url-pattern>*.CSS</url-pattern>
+ <url-pattern>*.css</url-pattern>
</filter-mapping>
Modified:
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default184.java
===================================================================
---
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default184.java 2011-11-09
21:18:17 UTC (rev 8017)
+++
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default184.java 2011-11-10
02:39:06 UTC (rev 8018)
@@ -1,4 +1,4 @@
-@import url(DefaultSkin/portal/webui/component/UIPortalApplicationSkin.CSS);
-@import url(DefaultSkin/webui/component/Stylesheet.CSS);
-@import url(PortletThemes/Stylesheet.CSS);
-@import url(Portlet/Stylesheet.CSS);
+@import url(DefaultSkin/portal/webui/component/UIPortalApplicationSkin.css);
+@import url(DefaultSkin/webui/component/Stylesheet.css);
+@import url(PortletThemes/Stylesheet.css);
+@import url(Portlet/Stylesheet.css);
\ No newline at end of file
Modified:
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default185.java
===================================================================
---
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default185.java 2011-11-09
21:18:17 UTC (rev 8017)
+++
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default185.java 2011-11-10
02:39:06 UTC (rev 8018)
@@ -1 +1 @@
-@import url(/eXoResources/skin/Portlet/Stylesheet.CSS);
+@import url(/eXoResources/skin/Portlet/Stylesheet.css);
Modified:
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default186.xml
===================================================================
---
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default186.xml 2011-11-09
21:18:17 UTC (rev 8017)
+++
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default186.xml 2011-11-10
02:39:06 UTC (rev 8018)
@@ -1,7 +1,7 @@
<gatein-resources>
<portal-skin>
<skin-name>MySkin</skin-name>
- <CSS-path>/skin/myskin.CSS</CSS-path>
+ <CSS-path>/skin/myskin.css</CSS-path>
<overwrite>false</overwrite>
</portal-skin>
</gatein-resources>
Modified:
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default188.xml
===================================================================
---
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default188.xml 2011-11-09
21:18:17 UTC (rev 8017)
+++
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default188.xml 2011-11-10
02:39:06 UTC (rev 8018)
@@ -1,4 +1,4 @@
-.UIChangeSkinForm .UIItemSelector .TemplateContainer .MySkinImage
+.UIChangeSkinForm .UIItemSelector .TemplateContainer .MySkinImage {
margin: auto;
width: 329px; height:204px;
background: url('background/MySkin.jpg') no-repeat top;
Modified:
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default190.java
===================================================================
---
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default190.java 2011-11-09
21:18:17 UTC (rev 8017)
+++
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default190.java 2011-11-10
02:39:06 UTC (rev 8018)
@@ -1,126 +1,136 @@
/*---- MyTheme ----*/
.MyTheme .WindowBarCenter .WindowPortletInfo {
- margin-right: 80px; /* orientation=lt */
- margin-left: 80px; /* orientation=rt */
+ margin-right: 80px; /* orientation=lt */
+ margin-left: 80px; /* orientation=rt */
}
+
.MyTheme .WindowBarCenter .ControlIcon {
- float: right;/* orientation=lt */
- float: left;/* orientation=rt */
- width: 24px;
- height: 17px;
- cursor: pointer;
- background-image: url('background/MyTheme.png');
+ float: right; /* orientation=lt */
+ float: left; /* orientation=rt */
+ width: 24px;
+ height: 17px;
+ cursor: pointer;
+ background-image: url('background/MyTheme.png');
}
+
.MyTheme .ArrowDownIcon {
- background-position: center 20px;
+ background-position: center 20px;
}
+
.MyTheme .OverArrowDownIcon {
- background-position: center 116px;
+ background-position: center 116px;
}
+
.MyTheme .MinimizedIcon {
- background-position: center 44px;
+ background-position: center 44px;
}
+
.MyTheme .OverMinimizedIcon {
- background-position: center 140px;
+ background-position: center 140px;
}
+
.MyTheme .MaximizedIcon {
- background-position: center 68px;
+ background-position: center 68px;
}
+
.MyTheme .OverMaximizedIcon {
- background-position: center 164px;
+ background-position: center 164px;
}
+
.MyTheme .RestoreIcon {
- background-position: center 92px;
+ background-position: center 92px;
}
+
.MyTheme .OverRestoreIcon {
- background-position: center 188px;
+ background-position: center 188px;
}
+
.MyTheme .NormalIcon {
- background-position: center 92px;
+ background-position: center 92px;
}
+
.MyTheme .OverNormalIcon {
- background-position: center 188px;
+ background-position: center 188px;
}
-.UIPageDesktop .MyTheme .ResizeArea {
- float: right;/* orientation=lt */
- float: left;/* orientation=rt */
- width: 18px; height: 18px;
- cursor: nw-resize;
- background: url('background/ResizeArea18x18.gif') no-repeat left top; /*
orientation=lt */
- background: url('background/ResizeArea18x18-rt.gif') no-repeat right top; /*
orientation=rt */
-}
+
.MyTheme .Information {
- height: 18px; line-height: 18px;
- vertical-align: middle; font-size: 10px;
- padding-left: 5px;/* orientation=lt */
- padding-right: 5px;/* orientation=rt */
- margin-right: 18px;/* orientation=lt */
- margin-left: 18px;/* orientation=rt */
+ height: 18px; line-height: 18px;
+ vertical-align: middle; font-size: 10px;
+ padding-left: 5px; /* orientation=lt */
+ padding-right: 5px; /* orientation=rt */
+ margin-right: 18px; /* orientation=lt */
+ margin-left: 18px; /* orientation=rt */
}
+
.MyTheme .WindowBarCenter .WindowPortletIcon {
- background-position: left top; /* orientation=lt */
- background-position: right top; /* orientation=rt */
- padding-left: 20px; /* orientation=lt */
- padding-right: 20px; /* orientation=rt */
- height: 16px;
- line-height: 16px;
+ background-position: left top; /* orientation=lt */
+ background-position: right top; /* orientation=rt */
+ padding-left: 20px; /* orientation=lt */
+ padding-right: 20px; /* orientation=rt */
+ height: 16px;
+ line-height: 16px;
}
+
.MyTheme .WindowBarCenter .PortletName {
- font-weight: bold;
- color: #333333;
- overflow: hidden;
- white-space: nowrap;
- width: 100%;
+ font-weight: bold;
+ color: #333333;
+ overflow: hidden;
+ white-space: nowrap;
}
+
.MyTheme .WindowBarLeft {
- padding-left: 12px;
- background-image: url('background/MyTheme.png');
- background-repeat: no-repeat;
- background-position: left -148px;
+ padding-left: 12px;
+ background-image: url('background/MyTheme.png');
+ background-repeat: no-repeat;
+ background-position: left -148px;
}
+
.MyTheme .WindowBarRight {
- padding-right: 11px;
- background-image: url('background/MyTheme.png');
- background-repeat: no-repeat;
- background-position: right -119px;
+ padding-right: 11px;
+ background-image: url('background/MyTheme.png');
+ background-repeat: no-repeat;
+ background-position: right -119px;
}
+
.MyTheme .WindowBarCenter {
- background-image: url('background/MyTheme.png');
- background-repeat: repeat-x;
- background-position: left -90px;
+ background-image: url('background/MyTheme.png');
+ background-repeat: repeat-x;
+ background-position: left -90px;
+ height: 21px;
+ padding-top: 8px;
}
-.MyTheme .WindowBarCenter .FixHeight {
- height: 21px;
- padding-top: 8px;
-}
+
.MyTheme .MiddleDecoratorLeft {
- padding-left: 12px;
- background: url('background/MyTheme.png') repeat-y left;
+ padding-left: 12px;
+ background: url('background/MMyTheme.png') repeat-y left;
}
+
.MyTheme .MiddleDecoratorRight {
- padding-right: 11px;
- background: url('background/MyTheme.png') repeat-y right;
+ padding-right: 11px;
+ background: url('background/MMyTheme.png') repeat-y right;
}
+
.MyTheme .MiddleDecoratorCenter {
- background: #ffffff;
+ background: #ffffff;
}
+
.MyTheme .BottomDecoratorLeft {
- MyTheme: 12px;
- background-image: url('background/MyTheme.png');
- background-repeat: no-repeat;
- background-position: left -60px;
+ padding-left: 12px;
+ background-image: url('background/MyTheme.png');
+ background-repeat: no-repeat;
+ background-position: left -60px;
}
+
.MyTheme .BottomDecoratorRight {
- padding-right: 11px;
- background-image: url('background/MyTheme.png');
- background-repeat: no-repeat;
- background-position: right -30px;
+ padding-right: 11px;
+ background-image: url('background/MyTheme.png');
+ background-repeat: no-repeat;
+ background-position: right -30px;
}
+
.MyTheme .BottomDecoratorCenter {
- background-image: url('background/MyTheme.png');
- background-repeat: repeat-x;
- background-position: left top;
-}
-.MyTheme .BottomDecoratorCenter .FixHeight {
- height: 30px;
-}
+ background-image: url('background/MyTheme.png');
+ background-repeat: repeat-x;
+ background-position: left top;
+ height: 30px;
+}
\ No newline at end of file
Modified:
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default191.xml
===================================================================
---
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default191.xml 2011-11-09
21:18:17 UTC (rev 8017)
+++
epp/docs/branches/5.2/Reference_Guide/en-US/extras/PortalDevelopment_Skinning/default191.xml 2011-11-10
02:39:06 UTC (rev 8018)
@@ -2,12 +2,12 @@
<application-name>portletAppName</application-name>
<portlet-name>PortletName</portlet-name>
<skin-name>Default</skin-name>
- <CSS-path>/skin/DefaultStylesheet.CSS</CSS-path>
+ <css-path>/skin/DefaultStylesheet.css</css-path>
</portlet-skin>
<portlet-skin>
<application-name>portletAppName</application-name>
<portlet-name>PortletName</portlet-name>
<skin-name>OtherSkin</skin-name>
- <CSS-path>/skin/OtherSkinStylesheet.CSS</CSS-path>
+ <css-path>/skin/OtherSkinStylesheet.css</css-path>
</portlet-skin>
Modified:
epp/docs/branches/5.2/Reference_Guide/en-US/modules/AuthenticationAndIdentity/BackendConfiguration.xml
===================================================================
---
epp/docs/branches/5.2/Reference_Guide/en-US/modules/AuthenticationAndIdentity/BackendConfiguration.xml 2011-11-09
21:18:17 UTC (rev 8017)
+++
epp/docs/branches/5.2/Reference_Guide/en-US/modules/AuthenticationAndIdentity/BackendConfiguration.xml 2011-11-10
02:39:06 UTC (rev 8018)
@@ -3,7 +3,7 @@
<!ENTITY % BOOK_ENTITIES SYSTEM "Reference_Guide_eXo_JCR_1.14.ent">
%BOOK_ENTITIES;
]>
-<section
id="sect-Reference_Guide_eXo_JCR_1.14-PicketLink_IDM_integration">
+<section id="sect-Reference_Guide-PicketLink_IDM_integration">
<title>PicketLink IDM integration</title>
<para>
JBoss Enterprise Portal Platform uses the <literal>PicketLink
IDM</literal> component to store necessary identity information about users, groups
and memberships. While legacy interfaces are still used
(<literal>org.exoplatform.services.organization</literal>) for identity
management, there is a wrapper implementation that delegates to PicketLink IDM framework.
Modified:
epp/docs/branches/5.2/Reference_Guide/en-US/modules/AuthenticationAndIdentity/SSO.xml
===================================================================
---
epp/docs/branches/5.2/Reference_Guide/en-US/modules/AuthenticationAndIdentity/SSO.xml 2011-11-09
21:18:17 UTC (rev 8017)
+++
epp/docs/branches/5.2/Reference_Guide/en-US/modules/AuthenticationAndIdentity/SSO.xml 2011-11-10
02:39:06 UTC (rev 8018)
@@ -57,9 +57,10 @@
<para>
Users are advised to not run any portal extensions that could override
the data when manipulating the <filename>gatein.ear</filename> file directly.
</para>
+<!-- Removed in GateIn reference-guide
<para>
- Remove
<filename>JBOSS_HOME/server/PROFILE/deploy/gatein-sample-extension.ear</filename>
and
<filename>JBOSS_HOME/server/PROFILE/deploy/gatein-sample-portal.ear</filename>
which are packaged by default with &PRODUCT;.
- </para>
+ Remove
<filename>JBOSS_HOME/server/PROFILE/deploy/gatein-sample-extension.ear</filename>
and
<filename>JBOSS_HOME/server/PROFILE/deploy/gatein-sample-portal.ear</filename>
which are packaged by default with JBoss Enterprise Portal Platform.
+ </para> -->
</warning>
</section>
@@ -88,7 +89,7 @@
<para>
To successfully implement SSO integration, do the following:
</para>
- <procedure>
+ <procedure
id="proc-Reference_Guide-Enabling_SSO_using_JBoss_SSO_Valve-SSO_Integration">
<title>SSO Integration</title>
<step>
<para>
@@ -166,7 +167,7 @@
</procedure>
</listitem>
<listitem>
- <procedure>
+ <procedure
id="proc-Reference_Guide-SSO_Integration-Switch_to_BASIC_authentication">
<title>Switch to <emphasis
role="bold">BASIC</emphasis> authentication</title>
<step>
<para>
@@ -224,7 +225,7 @@
</para>
</step>
</procedure>
- <formalpara>
+ <formalpara
id="form-Reference_Guide-Enabling_SSO_using_JBoss_SSO_Valve-Enabling_SSO_in_a_physical_cluster">
<title>Enabling SSO in a physical cluster</title>
<para>
If you require SSO to work across a physical cluster of
separate machines you will need to use the <parameter>cookieDomain</parameter>
attribute of the SSO valve.
@@ -265,7 +266,7 @@
<para>
This will ensure the <literal>JSESSIONIDSSO</literal> cookie
is used in the correct domain, allowing the SSO authentication to occur.
</para>
- <formalpara>
+ <formalpara
id="form-Reference_Guide-Enabling_SSO_using_JBoss_SSO_Valve-Enabling_SSO_with_Other_Web_Applications">
<title>Enabling SSO with Other Web Applications</title>
<para>
As mentioned earlier, in order to use SSO authentication
between JBoss Enterprise Portal Platform instances and other web applications, the roles
defined in the web application must match those used in the portal instance.
@@ -374,7 +375,11 @@
<para>
This Single Sign On plugin enables seamless integration between JBoss
Enterprise Portal Platform and the Central Authentication Service (<emphasis
role="bold">CAS</emphasis>) Single Sign On Framework. Details about CAS
can be found <ulink
url="http://www.ja-sig.org/products/cas/">here</ulink>;.
</para>
- <procedure
id="proc-Reference_Guide-CAS_Central_Authentication_Service-CAS_server">
+ <para>
+ The integration consists of two parts; the first part consists of installing
or configuring a CAS server, the second part consists of setting up the portal to use the
CAS server.
+ </para>
+
+ <procedure
id="proc-Reference_Guide_eXo_JCR_1.14-CAS_Central_Authentication_Service-CAS_server">
<title>CAS server</title>
<step>
<para>
@@ -385,6 +390,9 @@
<para>
Downloaded CAS from <ulink type="http"
url="http://www.jasig.org/cas/download">http://www.jasig.org...;.
</para>
+ <para>
+ The version, tested with these instructions is <emphasis
role="bold">CAS 3.3.5</emphasis>. Other versions may work.
+ </para>
</step>
<step>
<para>
@@ -428,9 +436,6 @@
</para>
<programlisting language="XML" role="XML"><xi:include
href="../../extras/Authentication_Identity_SSO/default103.xml"
parse="text" xmlns:xi="http://www.w3.org/2001/XInclude"
/></programlisting>
- <para>
- Make sure to set the <emphasis>host</emphasis>,
<emphasis>port</emphasis> and <emphasis>context</emphasis> with
the values corresponding to your portal (also available in
<filename><replaceable>PORTAL_SSO</replaceable>/cas/plugin/WEB-INF/deployerConfigContext.xml</filename>).
- </para>
</step>
<step>
<para>
@@ -467,13 +472,12 @@
<para>
Tomcat should start without issue and should be accessible at
<ulink type="http"
url="http://localhost:8888/cas">http://localhost:8888/cas</ulink>.
</para>
- <!--Removed in gatein commit r7620:
<note>
<para>
At this stage the login functionality will not be available.
</para>
+ </note>
- </note>-->
<mediaobject>
<imageobject>
<imagedata
fileref="images/AuthenticationAndIdentity/SSO/cas.png" format="PNG"
scale="100" width="444" />
@@ -483,10 +487,9 @@
</step>
</procedure>
- <!--Added in gatein commit r7620 -->
+
<note>
- <remark>Added in gatein commit r7620</remark>
- <para>
+ <para>
On logout, the CAS server will display the CAS logout page with a link to
return to the portal. To make the CAS server redirect to the portal page after a logout,
modify the <filename>cas.war/WEB-INF/cas-servlet.xml</filename> to include the
follow line :
</para>
<programlisting>
@@ -576,17 +579,9 @@
<para>
Add the following Filters at the top of the filter chain in
<filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename>:
</para>
-<remark>DOC NOTE: Please check code sample as updated according to gatein
r7620</remark>
+
<programlisting language="XML" role="XML"><xi:include
href="../../extras/Authentication_Identity_SSO/default109.xml"
parse="text" xmlns:xi="http://www.w3.org/2001/XInclude"
/></programlisting>
</step>
- <step>
- <remark> This step removed in gatein r7620. Should it be removed
here?</remark>
- <para>
- Replace the <literal>InitiateLoginServlet</literal>
declaration in <filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename>
with:
- </para>
-<programlisting language="XML" role="XML"><xi:include
href="../../extras/Authentication_Identity_SSO/default110.xml"
parse="text" xmlns:xi="http://www.w3.org/2001/XInclude"
/></programlisting>
-
- </step>
</procedure>
<para>
@@ -619,13 +614,6 @@
<para>
Extract the package into what will be called
<filename>JOSSO_HOME</filename> in this example.
</para>
- <warning>
- <title>JOSSO Versions</title>
-
- <para>
- The steps described later are only correct in case of JOSSO
v.1.8.1.
- </para>
- </warning>
</step>
</procedure>
@@ -669,11 +657,7 @@
</step>
<step>
<para>
- Tomcat will start and allow access to
- <ulink type="http"
url="http://localhost:8888/josso/signon/login.do">
- http://localhost:8888/josso/signon/login.do
- </ulink>
- but at this stage login will not be available.
+ Tomcat will start and allow access to <ulink type="http"
url="http://localhost:8888/josso/signon/login.do">
http://localhost:8888/josso/signon/login.do </ulink> but at this stage login will
not be available.
</para>
<mediaobject>
<imageobject>
@@ -687,12 +671,12 @@
<title>Setup the JOSSO client</title>
<step>
<para>
- Copy the library files from
<filename><replaceable>PORTAL_SSO</replaceable>/josso/gatein.ear/lib</filename>
into <filename>gatein.ear/lib</filename>
+ Copy the library files from
<filename><replaceable>PORTAL_SSO</replaceable>/josso/gatein.ear/lib</filename>
into <filename>gatein.ear/lib</filename> (or into
<filename>GATEIN_HOME/lib</filename> if the product is running in Tomcat).
</para>
</step>
<step>
<para>
- Copy the
<filename><replaceable>PORTAL_SSO</replaceable>/josso/gatein.ear/02portal.war/WEB-INF/classes/josso-agent-config.xml</filename>
file into the <filename>gatein.ear/02portal.war/WEB-INF/classes</filename>
directory.
+ Copy the
<filename><replaceable>PORTAL_SSO</replaceable>/josso/gatein.ear/portal.war/WEB-INF/classes/josso-agent-config.xml</filename>
file into the <filename>gatein.ear/02portal.war/WEB-INF/classes</filename>
directory (or into
<filename>JBOSS_HOME/webapps/portal.war/WEB-INF/classes</filename>, or
<filename>GATEIN_HOME/conf</filename> if the product is running in Tomcat).
</para>
</step>
<step>
@@ -704,9 +688,19 @@
</step>
<step>
<para>
+ In Tomcat, edit
<filename>JBOSS_HOME/conf/jaas.conf</filename> and uncomment this section:
+ </para>
+<programlisting>org.gatein.sso.agent.login.SSOLoginModule required;
+org.exoplatform.services.security.j2ee.TomcatLoginModule requiredtm
+portalContainerName=portal
+realmName=gatein-domain;
+</programlisting>
+ </step>
+ <step>
+ <para>
The installation can be tested at this point.
</para>
- <procedure>
+ <substeps>
<step>
<para>
Start (or restart) JBoss Enterprise Portal Platform, and
(assuming the JOSSO server on Tomcat is running) direct your browser to <ulink
type="http"
url="http://localhost:8888/josso/signon/login.do">http://localhost:8888/josso/signon/login.do</ulink>.
@@ -717,7 +711,7 @@
Login with the username <literal>root</literal>
and the password <literal>gtn</literal> or any account created through the
portal.
</para>
</step>
- </procedure>
+ </substeps>
</step>
</procedure>
@@ -754,22 +748,8 @@
<para>
Add the following Filters to the top of the filter chain in
<filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename>:
</para>
-<remark>DOC NOTE: Please check code sample as updated according to gatein
r7647</remark>
<programlisting language="XML" role="XML"><xi:include
href="../../extras/Authentication_Identity_SSO/default115.xml"
parse="text" xmlns:xi="http://www.w3.org/2001/XInclude"
/></programlisting>
</step>
- <step>
- <remark> This step removed in gatein r7647. Should it be removed
here?</remark>
- <para>
- Replace the <literal>InitiateLoginServlet</literal>
declaration in <filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename>
with:
- </para>
-
-<programlisting language="XML" role="XML"><xi:include
href="../../extras/Authentication_Identity_SSO/default116.xml"
parse="text" xmlns:xi="http://www.w3.org/2001/XInclude"
/></programlisting>
- </step>
- <step>
- <para>
- Remove the <literal>PortalLoginController</literal>
servlet declaration and mapping in
<filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename>
- </para>
- </step>
</procedure>
<para>
@@ -789,7 +769,10 @@
<para>
OpenSSO must be purchased from <ulink type="http"
url="http://www.oracle.com/technetwork/middleware/id-mgmt/overview/i...;.
</para>
-
+ <para>
+ For testing purpose, use OpenSSO_80U2, which can be downloaded from
<ulink type="http"
url="http://download.oracle.com/otn/nt/middleware/11g/oracle_opensso...
Oracle </ulink> .
+ </para>
+ </step>
<step>
<para>
Extract the package into a suitable location. This location will be
referred to as <filename>OPENSSO_HOME</filename> in this example.
@@ -797,6 +780,15 @@
</step>
</procedure>
+ <note>
+ <para>
+ It is also possible to use OpenAM instead of OpenSSO server. OpenAM is
free and the integration steps between Enterprise Portal Platform and OpenAM are very
similar as with OpenSSO. More info is available <ulink type="http"
url="http://community.jboss.org/wiki/GateInAndOpenAMIntegration"... here
</ulink> .
+ </para>
+ </note>
+ </section>
+
+ <section
id="sect-Reference_Guide_eXo_JCR-1.14-OpenSSO_server-Modifying_OpenSSO_server">
+ <title>Modifying the OpenSSO server</title>
<para>
To configure the web server as required, it is simpler to directly modify the
source files.
</para>
@@ -898,10 +890,10 @@
</para>
<important>
<para>
- Go to the "<emphasis
role="bold">Configuration</emphasis>" tab then to
"<emphasis role="bold">Authentication</emphasis>".
+ Go to
<menuchoice><guimenu>Configuration</guimenu><guimenuitem>Authentication</guimenuitem></menuchoice>
and follow the link to <guilabel>Core</guilabel>
</para>
<para>
- Follow the link to "<emphasis
role="bold">Core</emphasis>" and add a new value with the class
name
"<literal>org.gatein.sso.opensso.plugin.AuthenticationPlugin</literal>".
+ Add a new value with the class name
<literal>org.gatein.sso.opensso.plugin.AuthenticationPlugin</literal>.
</para>
<para>
If this is not done
<literal>AuthenticationPlugin</literal> is not available among other OpenSSO
authentication modules.
@@ -910,35 +902,35 @@
</step>
<step>
<para>
- Go to the "<emphasis role="bold">Access
control</emphasis>" tab and create new realm called
"<literal>gatein</literal>".
+ Go to the <guilabel>Access control</guilabel> tab and
create new realm called <literal>gatein</literal>.
</para>
</step>
<step>
<substeps>
<step>
<para>
- Go to the new
"<literal>gatein</literal>" realm and click on the
"<emphasis role="bold">Authentication</emphasis>"
tab.
+ Go to the new <literal>gatein</literal> realm and
click on the <guilabel>Authentication</guilabel> tab.
</para>
</step>
<step>
<para>
- Click on "<emphasis
role="bold">ldapService</emphasis>" (at the bottom in the
"Authentication chaining" section).
+ Click on <guilabel>ldapService</guilabel> (at the
bottom in the <guilabel>Authentication chaining</guilabel> section).
</para>
</step>
<step>
<para>
- Change the selection from
"<literal>Datastore</literal>", which is the default module in
the authentication chain, to
"<literal>AuthenticationPlugin</literal>".
+ Change the selection from
<literal>Datastore</literal>, which is the default module in the
authentication chain, to <literal>AuthenticationPlugin</literal>.
</para>
</step>
</substeps>
<para>
- These changes enable authentication of the
"<literal>gatein</literal>" realm using the
<literal>GateIn REST</literal> service instead of the OpenSSO LDAP server.
+ These changes enable authentication of the
<literal>gatein</literal> realm using the <literal>GateIn
REST</literal> service instead of the OpenSSO LDAP server.
</para>
</step>
<step>
<para>
- Go to "<emphasis role="bold">Advanced
properties</emphasis>" and change <literal>UserProfile</literal>
from "<parameter>Required</parameter>" to
"<parameter>Dynamic</parameter>" to ensure all new users are
automatically created in the OpenSSO datastore after successful authentication.
+ Go to <guilabel>Advanced properties</guilabel> and change
<literal>UserProfile</literal> from
<parameter>Required</parameter> to <parameter>Dynamic</parameter>
to ensure all new users are automatically created in the OpenSSO datastore after
successful authentication.
</para>
</step>
<step>
@@ -948,7 +940,7 @@
<substeps>
<step>
<para>
- Go to "<emphasis role="bold">Access
control</emphasis>", then <emphasis role="bold">Top level
realm</emphasis>, then click on the "<emphasis
role="bold">Privileges</emphasis>" tab and go to
"<emphasis role="bold">All authenticated
users</emphasis>".
+ Go to <menuchoice><guimenu>Access
control</guimenu><guimenuitem>Top level
realm</guimenuitem><guimenuitem>Privileges</guimenuitem><guimenuitem>All
authenticated users</guimenuitem></menuchoice>.
</para>
</step>
<step>
@@ -976,15 +968,19 @@
</para>
</step>
</procedure>
+ </section>
- <procedure
id="proc-Reference_Guide-OpenSSO_The_Open_Web_SSO_project-Setup_the_OpenSSO_client">
+ <section
id="sect-Reference_Guide-OpenSSO_The_Open_Web_SSO_project-Setup_the_OpenSSO_client">
+ <title>Setup the OpenSSO Client</title>
+
+ <procedure
id="proc-Reference_Guide_eXo_JCR_1.14-OpenSSO_The_Open_Web_SSO_project-Setup_the_OpenSSO_client">
<title>Setup the OpenSSO client</title>
<step>
<para>
Copy all libraries from the
<filename><replaceable>PORTAL_SSO</replaceable>/opensso/gatein.ear/lib</filename>
directory into the
<filename>JBOSS_HOME/server/default/deploy/gatein.ear/lib</filename>
directory.
</para>
<para>
- Alternatively, in a Tomcat environment, copy the libraries into the
<filename>GATEIN_HOME/lib</filename> directory.
+ Alternatively, in a Tomcat environment, copy the libraries into the
<filename>JBOSS_HOME/lib</filename> directory.
</para>
</step>
<step>
@@ -996,7 +992,7 @@
</step>
<step>
<para>
- If you are running &PRODUCT; in Tomcat, edit
$GATEIN_HOME/conf/jaas.conf, uncomment on this section and comment other parts:
+ If you are running the product in Tomcat, edit
<replaceable><JBOSS_HOME></replaceable>/conf/jaas.conf,
uncomment the following section and comment all other sections:
</para>
<programlisting>org.gatein.sso.agent.login.SSOLoginModule required;
org.exoplatform.services.security.j2ee.TomcatLoginModule required
@@ -1022,6 +1018,10 @@
</procedure>
</step>
</procedure>
+ </section>
+
+ <section
id="sect-Reference_Guide-OpenSSO_The_Open_Web_SSO_project-Setup_the_portal_to_redirect_to_OpenSSO">
+ <title>Setup the portal to redirect to OpenSSO</title>
<para>
The next part of the process is to redirect all user authentication to the
OpenSSO server.
@@ -1058,14 +1058,6 @@
</para>
<programlisting language="XML" role="XML"><xi:include
href="../../extras/Authentication_Identity_SSO/default122.xml"
parse="text" xmlns:xi="http://www.w3.org/2001/XInclude"
/></programlisting>
</step>
-<!--<step>
- <remark> This step removed in gatein r7647. Should it be removed
here?</remark>
- <para>
- Replace the <literal>InitiateLoginServlet</literal>
declaration in <filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename>
with:
- </para>
-
-<programlisting language="XML" role="XML"><xi:include
href="../../extras/Authentication_Identity_SSO/default123.xml"
parse="text" xmlns:xi="http://www.w3.org/2001/XInclude"
/></programlisting>
- </step>-->
</procedure>
<para>
@@ -1100,7 +1092,7 @@
</step>
<step>
<para>
- JBoss EAP/AS uses background GSS messages with the Active Directory
(or any Kerberos Server) to validate the user.
+ JBoss EAP/AS uses background GSS messages with the Active Directory (or
any Kerberos Server) to validate the Kerberos ticket from user.
</para>
</step>
<step>
@@ -1110,25 +1102,29 @@
</step>
</procedure>
+ <section id="SPNEGO_server_configuration">
+ <title>SPNEGO Server Configuration</title>
<para>
- JBoss Enterprise Portal Platform uses JBoss Negotiation to enable
SPNEGO-based desktop SSO.
+ In this section, we will describe some necessary steps for setup Kerberos
server on Linux. This server will then be used for SPNEGO authentication against JBoss
Enterprise Portal Platform.
</para>
- <para>
- The following procedure outlines how to integrate SPNEGO with the JBoss
Enterprise Portal Platform.
- </para>
+
<note>
<title>SPNEGO Basics</title>
<para>
- The procedure below only describes the basic steps to configure the
SPNEGO server. If you are already familiar with SPNEGO, you can jump to the
+ The procedure below only describes the basic steps to configure the
SPNEGO server in a Linux environment. If you are already familiar with SPNEGO, or if you
are using Windows and Active Directory domain, you can jump to the
<xref
linkend="proc-Reference_Guide_eXo_JCR_1.14-SPNEGO_Simple_and_Protected_GSSAPI_Negotiation_Mechanism-Advanced_SPNEGO_Configuration"
/>
to see how to integrate SPNEGO with JBoss Enterprise Portal Platform.
</para>
+
+ <para>
+ Please note that Kerberos setup is also dependent on your Linux
distribution and so steps can be slightly different in your environment.
+ </para>
</note>
<procedure
id="proc-Reference_Guide_eXo_JCR_1.14-SPNEGO_Simple_and_Protected_GSSAPI_Negotiation_Mechanism-SPNEGO_Basics">
<title>SPNEGO Basics</title>
<step>
<para>
- Correct the setup of network on the machine. For example, if you are
using the "server.local.network" domain as your machine where Kerberos and
&PRODUCT; are localed, add the line containing the machine's IP address to the
<emphasis role="bold">/etc/host </emphasis> file.
+ Correct the setup of network on the machine. For example, if you are
using the "server.local.network" domain as your machine where Kerberos and JBoss
Enterprise Portal Platform are localed, add the line containing the machine's IP
address to the <emphasis role="bold">/etc/host </emphasis> file.
</para>
<programlisting>
192.168.1.88 server.local.network
@@ -1326,21 +1322,73 @@
<itemizedlist>
<listitem>
<para>
- If the setup works well, you are required to enter the
password created for this user in Step 5.
+ If the setup works well, you are required to enter the
password created for this user in Step 5. Without the -A, the kerberos ticket validation
involved reverse DNS lookups, which can get very cumbersome to debug if your network's
DNS setup is not great. This is a production level security feature, which is not
necessary in this development setup. In production environment, it will be better to avoid
-A option.
</para>
</listitem>
<listitem>
<para>
- If you want to login with another user, use this command.
+ After successful login to Kerberos, you can see your Kerberos
ticket when using this command.
</para>
<programlisting>
+klist
+</programlisting>
+ </listitem>
+
+ <listitem>
+ <para>
+ If you want to logout and destroy your ticket, use this
command.
+ </para>
+<programlisting>
kdestroy
</programlisting>
</listitem>
</itemizedlist>
</step>
</procedure>
+ </section>
+
+ <section id="Single_Sign_On-CAS_Central_Clients">
+ <title>Clients</title>
+
+ <para>
+ After performing all configurations above, you need to enable the
<emphasis role="bold">Negotiate authentication </emphasis> of
Firefox in client machines so that clients could be authenticated by JBoss Enterprise
Portal Platform as follows:
+ </para>
+
+ <procedure>
+ <step>
+ <para>
+ Start Firefox, then enter the command: <emphasis
role="bold">about:config </emphasis> into the address field.
+ </para>
+ </step>
+
+ <step>
+ <para>
+ Enter <emphasis
role="bold">network.negotiate-auth</emphasis> and set the value as
below:
+ </para>
+<programlisting>
+network.negotiate-auth.allow-proxies = true
+network.negotiate-auth.delegation-uris = .local.network
+network.negotiate-auth.gsslib (no-value)
+network.negotiate-auth.trusted-uris = .local.network
+network.negotiate-auth.using-native-gsslib = true
+</programlisting>
+ </step>
+ </procedure>
+
+ <note>
+ <para>
+ Consult documentation of your OS or web browser if using different
browser than Firefox.
+ </para>
+ </note>
+ </section>
+
+ <section id="Single_Sign_On-SPNEGO-GateIn_Configuration">
+ <title>JBoss Enterprise Portal Platform Configuration</title>
+
+ <para>
+ JBoss Enterprise Portal Platform uses JBoss Negotiation to enable
SPNEGO-based desktop SSO for the portal. Here are the steps to integrate SPNEGO with JBoss
Enterprise Portal Platform.
+ </para>
<procedure
id="proc-Reference_Guide_eXo_JCR_1.14-SPNEGO_Simple_and_Protected_GSSAPI_Negotiation_Mechanism-Advanced_SPNEGO_Configuration">
<title>Advanced SPNEGO Configuration</title>
<step>
@@ -1350,8 +1398,9 @@
<programlisting language="XML" role="XML"><xi:include
href="../../extras/Authentication_Identity_SSO/default124.xml"
parse="text" xmlns:xi="http://www.w3.org/2001/XInclude"
/></programlisting>
<para>
- The '<literal>keyTab</literal>' value should point
to the keytab file that was generated by the <literal>kadmin</literal>
Kerberos tool. See the
- <xref
linkend="proc-Reference_Guide_eXo_JCR_1.14-SPNEGO_Simple_and_Protected_GSSAPI_Negotiation_Mechanism-SPNEGO_Basics"/>
for more details.
+ The '<literal>keyTab</literal>' value should
point to the keytab file that was generated by the <literal>kadmin</literal>
Kerberos tool. When using Kerberos on Linux, it should be value of parameter <emphasis
role="bold">admin_keytab</emphasis> from kdc.conf file. See the
+ <xref
linkend="proc-Reference_Guide_eXo_JCR_1.14-SPNEGO_Simple_and_Protected_GSSAPI_Negotiation_Mechanism-SPNEGO_Basics"/>
+ for more details.
</para>
</step>
<step>
@@ -1363,17 +1412,26 @@
</step>
<step>
<para>
- Add the Gatein SSO module binaries by adding
<filename><replaceable>PORTAL_SSO</replaceable>/spnego/gatein.ear/lib/sso-agent.jar</filename>
and
<filename><replaceable>PORTAL_SSO</replaceable>/spnego/gatein.ear/lib/spnego-<replaceable>VERSION</replaceable>-epp-GA.jar</filename>
to <filename>deploy/gatein.ear/lib</filename>.
+ Add the GateIn SSO module binaries by copying <emphasis
role="bold">GATEIN_SSO_HOME/spnego/gatein.ear/lib/sso-agent-VERSION.jar</emphasis>
to the <emphasis
role="bold">JBOSS_HOME/server/default/deploy/gatein.ear/lib</emphasis>
directory. File <emphasis
role="bold">GATEIN_SSO_HOME/spnego/gatein.ear/lib/spnego-VERSION.jar</emphasis>
needs to be copied to the <emphasis
role="bold">JBOSS_HOME/server/default/lib</emphasis> directory.
</para>
</step>
+<!-- This step not required as EPP already has the correct version of Negotiation
2.0.4.GA
<step>
<para>
- Modifying
<filename>deploy/gatein.ear/META-INF/gatein-jboss-beans.xml</filename> to
match the following:
+ Download library
<filename>jboss-negotiation-2.0.4.GA</filename> from location
+ <ulink type="html"
url="https://repository.jboss.org/nexus/content/groups/public/org/jb...
+ and copy this file to
<filename>JBOSS_HOME/server/default/lib</filename> directory as well.
</para>
+ </step>
+ -->
+ <step>
+ <para>
+ Modify the
<filename>deploy/gatein.ear/META-INF/gatein-jboss-beans.xml</filename> file to
match the following:
+ </para>
<programlisting language="XML" role="XML"><xi:include
href="../../extras/Authentication_Identity_SSO/default126.xml"
parse="text" xmlns:xi="http://www.w3.org/2001/XInclude"
/></programlisting>
<para>
- This activates the SPNEGO <literal>LoginModule</literal>
for use with JBoss Enterprise Portal Platform.
+ This activates SPNEGO LoginModules with fallback to FORM
authentication. When SPNEGO is not available and it needs to fallback to FORM, it will use
<emphasis role="bold">gatein-form-auth-domain</emphasis> security
domain.
</para>
</step>
<step>
@@ -1383,13 +1441,8 @@
<programlisting language="XML" role="XML"><xi:include
href="../../extras/Authentication_Identity_SSO/default127.xml"
parse="text" xmlns:xi="http://www.w3.org/2001/XInclude"
/></programlisting>
<para>
- This integrates SPNEGO support into the Portal web archive by
switching authentication mechanism from the default
"<literal>FORM</literal>"-based to
"<literal>SPNEGO</literal>"-based authentication.
+ Integrate the request pre-processing needed for SPNEGO via filters
by adding the following filters to the <emphasis
role="bold">JBOSS_HOME/server/default/deploy/gatein.ear/02portal.war/WEB-INF/web.xml</emphasis>
at the top of the Filter chain.
</para>
- </step>
- <step>
- <para>
- Add the following filters to the top of the Filter chain in the
<filename>web.xml</filename> file:
- </para>
<programlisting language="XML" role="XML"><xi:include
href="../../extras/Authentication_Identity_SSO/default128.xml"
parse="text" xmlns:xi="http://www.w3.org/2001/XInclude"
/></programlisting>
<para>
@@ -1402,9 +1455,6 @@
</para>
<programlisting language="Java" role="Java"><xi:include
href="../../extras/Authentication_Identity_SSO/default129.java"
parse="text" xmlns:xi="http://www.w3.org/2001/XInclude"
/></programlisting>
- <para>
- This modifies the Portal's '<emphasis
role="bold">Sign In</emphasis>' link to perform SPNEGO
authentication.
- </para>
</step>
<step>
<para>
@@ -1428,6 +1478,9 @@
<para>
Clicking the 'Sign In' link on the JBoss Enterprise Portal Platform
should automatically sign the 'demo' user into the portal.
</para>
+ <para>
+ If you destroy your kerberos ticket with command
<command>kdestroy</command>, then try to login again, you will directed to the
login screen of JBoss Enterprise Portal Product because you don't have active Kerberos
ticket. You can login with predefined account and password
"demo"/"gtn" .
+ </para>
</section>
<section>
@@ -1453,5 +1506,6 @@
</programlisting>
</step>
</procedure>
-</section>
-
+ </section>
+ </section>
+</section>
\ No newline at end of file
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/modules/Introduction.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/en-US/modules/Introduction.xml 2011-11-09
21:18:17 UTC (rev 8017)
+++ epp/docs/branches/5.2/Reference_Guide/en-US/modules/Introduction.xml 2011-11-10
02:39:06 UTC (rev 8018)
@@ -32,7 +32,7 @@
This device will refer to the
<application>JBoss Application Server</application>
(<filename>jboss-as</filename>) directory deployed in JBoss Enterprise Portal
Platform by default.
</para>
<para>
- Therefore, if your JBoss Enterprise Portal Platform
instance is deployed into a directory called
<filename>jboss-epp-&VZ;/</filename>, your
<replaceable><JBOSS_HOME></replaceable> directory would be
<filename>jboss-epp-&VZ;/jboss-as/</filename>.
+ Therefore, if your JBoss Enterprise Portal Platform instance
is deployed into a directory called <filename>jboss-epp-&VY;/</filename>,
your <replaceable><JBOSS_HOME></replaceable> directory would be
<filename>jboss-epp-&VY;/jboss-as/</filename>.
</para>
</listitem>
</varlistentry>
Modified:
epp/docs/branches/5.2/Reference_Guide/en-US/modules/PortalDevelopment/Skinning.xml
===================================================================
---
epp/docs/branches/5.2/Reference_Guide/en-US/modules/PortalDevelopment/Skinning.xml 2011-11-09
21:18:17 UTC (rev 8017)
+++
epp/docs/branches/5.2/Reference_Guide/en-US/modules/PortalDevelopment/Skinning.xml 2011-11-10
02:39:06 UTC (rev 8018)
@@ -156,7 +156,7 @@
JBoss Enterprise Portal Platform automatically discovers web archives that contain a
file descriptor for skins (<filename>WEB-INF/gatein-resources.xml</filename>).
This file is responsible for specifying the portal, portlet and window decorators to be
deployed into the skin service.
</para>
<para>
- The full schema can be found at: <ulink type="http"
url="http://www.gatein.org/xml/ns/gatein_resources_1_0" />.
+ The full schema can be found at: <ulink type="http"
url="http://www.gatein.org/xml/ns/gatein_resources_1_2" />.
</para>
<para>
Below is an example of where to define a skin (<literal>MySkin</literal>)
with its CSS location, and specify some window decorator skins:
@@ -210,7 +210,7 @@
</listitem>
</varlistentry>
<varlistentry>
- <term>skin/Stylesheet.CSS</term>
+ <term>skin/Stylesheet.css</term>
<listitem>
<para>
This file is the main portal skin stylesheet. It is the main entry point to the CSS
class definitions for the skin. The main content points of this file are:
@@ -322,7 +322,7 @@
In order for the default skin to display the skin icon for a new portal skin, the
preview screenshot needs to be placed in:
<filename>01eXoResources.war:/skin/DefaultSkin/portal/webui/component/customization/UIChangeSkinForm/background</filename>.
</para>
<para>
- The CSS stylesheet for the default portal needs to have the following updated with
the preview icon CSS class. For a skin named <emphasis
role="bold">MySkin</emphasis> then the following needs to be updated:
<filename>01eXoResources.war:/skin/DefaultSkin/portal/webui/component/customization/UIChangeSkinForm/Stylesheet.CSS</filename>.
+ The CSS stylesheet for the default portal needs to have the following
updated with the preview icon CSS class. For a skin named <emphasis
role="bold">MySkin</emphasis> then the following needs to be updated:
<filename>01eXoResources.war:/skin/DefaultSkin/portal/webui/component/customization/UIChangeSkinForm/Stylesheet.css</filename>.
</para>
<programlisting language="XML" role="XML"><xi:include
href="../../extras/PortalDevelopment_Skinning/default188.xml"
parse="text" xmlns:xi="http://www.w3.org/2001/XInclude"
/></programlisting>
@@ -375,7 +375,7 @@
In order for the skin service to display the window decorators, it must have CSS
classes specifically named in relation to the window style name. The service will try and
display CSS based on this naming convention. The CSS class must be included as part of the
current portal skin for the window decorators to be displayed.
</para>
<para>
- The location of the window decorator CSS classes for the default portal theme is
located at:
<filename>01eXoResources.war/skin/PortletThemes/Stylesheet.CSS</filename>.
+ The location of the window decorator CSS classes for the default
portal theme is located at:
<filename>01eXoResources.war/skin/PortletThemes/Stylesheet.css</filename>.
</para>
<para>
</para>
@@ -470,7 +470,7 @@
The portlet specification defines a set of default CSS classes that should be
available for portlets. These classes are included as part of the portal skin. Please see
the portlet specification for a list of the default classes that should be available.
</para>
<para>
- For the default portal skin, the portlet specification CSS classes are defined in:
<filename>01eXoResources.war/skin/Portlet/Stylesheet.CSS</filename>.
+ For the default portal skin, the portlet specification CSS classes are
defined in:
<filename>01eXoResources.war/skin/Portlet/Stylesheet.css</filename>.
</para>
</section>
Modified:
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/Authentication_Identity_SSO/default105.xml
===================================================================
---
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/Authentication_Identity_SSO/default105.xml 2011-11-09
21:18:17 UTC (rev 8017)
+++
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/Authentication_Identity_SSO/default105.xml 2011-11-10
02:39:06 UTC (rev 8018)
@@ -1,10 +1,10 @@
-<!--
<authentication>
<login-module code="org.gatein.sso.agent.login.SSOLoginModule"
flag="required">
- </login-module>
+ <module-option
name="portalContainerName">portal</module-option>
+ <module-option name="realmName">gatein-domain</module-option>
+ </login-module>
<login-module
code="org.exoplatform.services.security.j2ee.JbossLoginModule"
flag="required">
<module-option
name="portalContainerName">portal</module-option>
<module-option name="realmName">gatein-domain</module-option>
</login-module>
</authentication>
--->
Modified:
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/Authentication_Identity_SSO/default111.xml
===================================================================
---
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/Authentication_Identity_SSO/default111.xml 2011-11-09
21:18:17 UTC (rev 8017)
+++
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/Authentication_Identity_SSO/default111.xml 2011-11-10
02:39:06 UTC (rev 8018)
@@ -1,9 +1,10 @@
<authentication>
<login-module code="org.gatein.sso.agent.login.SSOLoginModule"
flag="required">
- </login-module>
+ <module-option
name="portalContainerName">portal</module-option>
+ <module-option name="realmName">gatein-domain</module-option>
+ </login-module>
<login-module
code="org.exoplatform.services.security.j2ee.JbossLoginModule"
flag="required">
<module-option
name="portalContainerName">portal</module-option>
<module-option name="realmName">gatein-domain</module-option>
</login-module>
-</authentication>
-</programlisting>
+</authentication>
\ No newline at end of file
Modified:
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/Authentication_Identity_SSO/default118.xml
===================================================================
---
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/Authentication_Identity_SSO/default118.xml 2011-11-09
21:18:17 UTC (rev 8017)
+++
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/Authentication_Identity_SSO/default118.xml 2011-11-10
02:39:06 UTC (rev 8018)
@@ -1,6 +1,8 @@
<authentication>
<login-module code="org.gatein.sso.agent.login.SSOLoginModule"
flag="required">
- </login-module>
+ <module-option
name="portalContainerName">portal</module-option>
+ <module-option name="realmName">gatein-domain</module-option>
+ </login-module>
<login-module
code="org.exoplatform.services.security.j2ee.JbossLoginModule"
flag="required">
<module-option
name="portalContainerName">portal</module-option>
<module-option name="realmName">gatein-domain</module-option>
Modified:
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/PortalDevelopment_Skinning/default185.java
===================================================================
---
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/PortalDevelopment_Skinning/default185.java 2011-11-09
21:18:17 UTC (rev 8017)
+++
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/PortalDevelopment_Skinning/default185.java 2011-11-10
02:39:06 UTC (rev 8018)
@@ -1 +1 @@
-@import url(/eXoResources/skin/Portlet/Stylesheet.CSS);
+@import url(/eXoResources/skin/Portlet/Stylesheet.css);
Modified:
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/PortalDevelopment_Skinning/default186.xml
===================================================================
---
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/PortalDevelopment_Skinning/default186.xml 2011-11-09
21:18:17 UTC (rev 8017)
+++
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/extras/PortalDevelopment_Skinning/default186.xml 2011-11-10
02:39:06 UTC (rev 8018)
@@ -1,7 +1,7 @@
<gatein-resources>
<portal-skin>
<skin-name>MySkin</skin-name>
- <CSS-path>/skin/myskin.CSS</CSS-path>
+ <CSS-path>/skin/myskin.css</CSS-path>
<overwrite>false</overwrite>
</portal-skin>
</gatein-resources>
Modified:
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/modules/AuthenticationAndIdentity/SSO.xml
===================================================================
---
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/modules/AuthenticationAndIdentity/SSO.xml 2011-11-09
21:18:17 UTC (rev 8017)
+++
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/modules/AuthenticationAndIdentity/SSO.xml 2011-11-10
02:39:06 UTC (rev 8018)
@@ -4,9 +4,7 @@
%BOOK_ENTITIES;
]>
<section id="sect-Reference_Guide_eXo_JCR_1.14-SSO_Single_Sign_On">
- <title><remark>
- SSO - Single Sign On
- </remark></title>
+ <title><remark>SSO - Single Sign On</remark></title>
<section
id="sect-Reference_Guide_eXo_JCR_1.14-SSO_Single_Sign_On-Overview">
<title>Overview</title>
@@ -57,11 +55,7 @@
<title>Prerequisites</title>
<para>
- In this tutorial, the SSO server is being installed in a Tomcat
environment. Tomcat can be obtained from
- <ulink type="http"
url="http://tomcat.apache.org">
- http://tomcat.apache.org
- </ulink>
- .
+ In this tutorial, the SSO server is being installed in a Tomcat
environment. Tomcat can be obtained from <ulink type="http"
url="http://tomcat.apache.org"> http://tomcat.apache.org </ulink> .
</para>
</note>
@@ -77,10 +71,10 @@
<para>
Users are advised to not run any portal extensions that could override the
data when manipulating the <filename>gatein.ear</filename> file directly.
</para>
-
- <para>
- Remove
<filename>JBOSS_HOME/server/PROFILE/deploy/gatein-sample-extension.ear</filename>
and
<filename>JBOSS_HOME/server/PROFILE/deploy/gatein-sample-portal.ear</filename>
which are packaged by default with &PRODUCT;.
- </para>
+<!-- Removed in GateIn reference-guide
+ <para>
+ Remove
<filename>JBOSS_HOME/server/PROFILE/deploy/gatein-sample-extension.ear</filename>
and
<filename>JBOSS_HOME/server/PROFILE/deploy/gatein-sample-portal.ear</filename>
which are packaged by default with JBoss Enterprise Portal Platform.
+ </para> -->
</warning>
</section>
@@ -105,9 +99,7 @@
</para>
<para>
- More info about the JBoss SSO valve can be found at
- <ulink type="http"
url="http://docs.redhat.com/docs/en-US/JBoss_Enterprise_Web_Platform...
/>
- .
+ More info about the JBoss SSO valve can be found at <ulink
type="http"
url="http://docs.redhat.com/docs/en-US/JBoss_Enterprise_Web_Platform...
/>.
</para>
<para>
@@ -256,29 +248,13 @@
<step>
<para>
- Navigate to
- <ulink type="http"
url="http://localhost:8080/portal/private/classic" />
- and authenticate with the pre-configured user account "
- <systemitem>
- root
- </systemitem>
- " (password "
- <systemitem>
- gtn
- </systemitem>
- ").
+ Navigate to <ulink type="http"
url="http://localhost:8080/portal/private/classic" /> and authenticate with
the pre-configured user account " <systemitem> root </systemitem> "
(password " <systemitem> gtn </systemitem> ").
</para>
</step>
<step>
<para>
- Navigate to
- <ulink type="http"
url="http://localhost:8180/portal/private/classic" />
- . You should be automatically authenticated as user
- <systemitem>
- root
- </systemitem>
- on this node as well.
+ Navigate to <ulink type="http"
url="http://localhost:8180/portal/private/classic" /> . You should be
automatically authenticated as user <systemitem> root </systemitem> on this
node as well.
</para>
</step>
</procedure>
@@ -315,11 +291,7 @@
<programlisting language="XML" role="XML"><Valve
className="org.jboss.web.tomcat.service.sso.ClusteredSingleSignOn"
cookieDomain="yourdomain.com" />
</programlisting>
<para>
- (Where <literal>yourdomain.com</literal> is the domain used
in your cluster. For example;
- <ulink type="http"
url="http://machine1.yourdomain.com:8080/portal/private/classic" />
- and
- <ulink type="http"
url="http://machine2.yourdomain.com:8080/portal/private/classic" />
- )
+ (Where <literal>yourdomain.com</literal> is the domain used
in your cluster. For example; <ulink type="http"
url="http://machine1.yourdomain.com:8080/portal/private/classic" /> and
<ulink type="http"
url="http://machine2.yourdomain.com:8080/portal/private/classic" /> )
</para>
</step>
@@ -399,25 +371,13 @@
<step>
<para>
- Navigate to
- <ulink type="http"
url="http://localhost:8080/portal/private/classic" />
- and authenticate with the pre-configured user account "
- <systemitem>
- root
- </systemitem>
- " (password "
- <systemitem>
- gtn
- </systemitem>
- ").
+ Navigate to <ulink type="http"
url="http://localhost:8080/portal/private/classic" /> and authenticate with
the pre-configured user account "<systemitem> root </systemitem>"
(password "<systemitem> gtn </systemitem>").
</para>
</step>
<step>
<para>
- Navigate to
- <ulink type="http"
url="http://localhost:8080/jmx-console" />
- . You should be automatically authenticated into the JMX Console.
+ Navigate to <ulink type="http"
url="http://localhost:8080/jmx-console" />. You should be automatically
authenticated into the JMX Console.
</para>
</step>
</procedure>
@@ -426,28 +386,16 @@
<title>Using SSO to Authenticate From the Public Page</title>
<para>
- The previous configuration changes in this section are useful if a user is
using a private URL (
- <ulink type="http"
url="http://localhost:8080/portal/private/classic" />
- , for example) to log in to the portal instance.
+ The previous configuration changes in this section are useful if a user is
using a private URL ( <ulink type="http"
url="http://localhost:8080/portal/private/classic" />, for example) to log in
to the portal instance.
</para>
</formalpara>
<para>
- Further changes are needed however, if SSO authentication is required to work
with the
- <guilabel>
- Sign In
- </guilabel>
- button on the front page of the portal (
- <ulink type="http"
url="http://localhost:8080/portal/public/classic" />
- ).
+ Further changes are needed however, if SSO authentication is required to work
with the <guilabel>Sign In</guilabel> button on the front page of the portal (
<ulink type="http"
url="http://localhost:8080/portal/public/classic" /> ).
</para>
<para>
- To enable this functionality, the
- <guilabel>
- Sign In
- </guilabel>
- link must redirect to the <filename>login.jsp</filename> file
edited earlier to call the JAAS authentication directly.
+ To enable this functionality, the <guilabel>Sign In</guilabel>
link must redirect to the <filename>login.jsp</filename> file edited earlier
to call the JAAS authentication directly.
</para>
<procedure
id="proc-Reference_Guide_eXo_JCR_1.14-Enabling_SSO_using_JBoss_SSO_Valve-Redirect_to_Use_SSO_Valve_Authentication">
@@ -485,13 +433,13 @@
<title>Central Authentication Service</title>
<para>
- This Single Sign On plugin enables seamless integration between JBoss
Enterprise Portal Platform and the Central Authentication Service (<emphasis
role="bold">CAS</emphasis>) Single Sign On Framework. Details about CAS
can be found
- <ulink url="http://www.ja-sig.org/products/cas/">
- here
- </ulink>
- .
+ This Single Sign On plugin enables seamless integration between JBoss
Enterprise Portal Platform and the Central Authentication Service (<emphasis
role="bold">CAS</emphasis>) Single Sign On Framework. Details about CAS
can be found <ulink url="http://www.ja-sig.org/cas/"> here </ulink>
.
</para>
+ <para>
+ The integration consists of two parts; the first part consists of installing
or configuring a CAS server, the second part consists of setting up the portal to use the
CAS server.
+ </para>
+
<procedure
id="proc-Reference_Guide_eXo_JCR_1.14-CAS_Central_Authentication_Service-CAS_server">
<title>CAS server</title>
@@ -503,12 +451,12 @@
<step>
<para>
- Downloaded CAS from
- <ulink type="http"
url="http://www.jasig.org/cas/download">
- http://www.jasig.org/cas/download
- </ulink>
- .
+ Downloaded CAS from <ulink type="http"
url="http://www.jasig.org/cas/download"> http://www.jasig.org/cas/download
</ulink> .
</para>
+
+ <para>
+ The version, tested with these instructions is <emphasis
role="bold">CAS 3.3.5</emphasis>. Other versions may work.
+ </para>
</step>
<step>
@@ -524,11 +472,7 @@
<note>
<para>
- To perform the final build step and complete these instructions you will
need the Apache Maven 2. Download it from
- <ulink type="http"
url="http://maven.apache.org/download.html">
- here
- </ulink>
- .
+ To perform the final build step and complete these instructions you will
need the Apache Maven 2. Download it from <ulink type="http"
url="http://maven.apache.org/download.html"> here </ulink> .
</para>
</note>
@@ -562,9 +506,6 @@
with the following (ensure you set the host, port and context with the
values corresponding to your portal). Also available in
<filename>GATEIN_SSO_HOME/cas/plugin/WEB-INF/deployerConfigContext.xml</filename>.):
</para>
<programlisting language="XML" role="XML"><xi:include
href="../../extras/Authentication_Identity_SSO/default103.xml"
parse="text" xmlns:xi="http://www.w3.org/2001/XInclude"
/></programlisting>
- <para>
- Make sure to set the <emphasis>host</emphasis>,
<emphasis>port</emphasis> and <emphasis>context</emphasis> with
the values corresponding to your portal (also available in
<filename><replaceable>PORTAL_SSO</replaceable>/cas/plugin/WEB-INF/deployerConfigContext.xml</filename>).
- </para>
</step>
<step>
@@ -581,7 +522,7 @@
<step>
<para>
- Edit <filename>TOMCAT_HOME/conf/server.xml</filename> and
change the 8080 port to 8888 to avoid a conflict with the default JBoss Enterprise Portal
Platform .
+ Edit <filename>TOMCAT_HOME/conf/server.xml</filename> and
change the 8080 port to 8888 to avoid a conflict with the default JBoss Enterprise Portal
Platform.
</para>
<note>
@@ -605,19 +546,15 @@
</para>
<para>
- Tomcat should start without issue and should be accessible at
- <ulink type="http"
url="http://localhost:8888/cas">
- http://localhost:8888/cas
- </ulink>
- .
+ Tomcat should start without issue and should be accessible at <ulink
type="http" url="http://localhost:8888/cas">
http://localhost:8888/cas </ulink> .
</para>
-<!-- Removed in gatein commit r7620:
- <note>
- <para>
- At this stage the login functionality will not be available.
- </para>
-
- </note> -->
+
+ <note>
+ <para>
+ At this stage the login functionality will not be available.
+ </para>
+ </note>
+
<mediaobject>
<imageobject>
<imagedata
fileref="images/AuthenticationAndIdentity/SSO/cas.png" format="PNG"
scale="100" width="444" />
@@ -625,10 +562,8 @@
</mediaobject>
</step>
</procedure>
-<!-- Added in gatein commit r7620 -->
+
<note>
- <remark>Added in gatein commit r7620</remark>
-
<para>
On logout, the CAS server will display the CAS logout page with a link to
return to the portal. To make the CAS server redirect to the portal page after a logout,
modify the <filename>cas.war/WEB-INF/cas-servlet.xml</filename> to include the
follow line :
</para>
@@ -678,11 +613,7 @@
<procedure>
<step>
<para>
- Start (or restart) JBoss Enterprise Portal Platform and direct
your web browser to
- <ulink type="http"
url="http://localhost:8888/cas">
- http://localhost:8888/cas
- </ulink>
- .
+ Start (or restart) JBoss Enterprise Portal Platform and direct
your web browser to <ulink type="http"
url="http://localhost:8888/cas"> http://localhost:8888/cas </ulink> .
</para>
</step>
@@ -731,19 +662,8 @@
<para>
Add the following Filters at the top of the filter chain in
<filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename>:
</para>
-
-<remark>DOC NOTE: Please check code sample as updated according to gatein
r7620</remark>
<programlisting language="XML" role="XML"><xi:include
href="../../extras/Authentication_Identity_SSO/default109.xml"
parse="text" xmlns:xi="http://www.w3.org/2001/XInclude"
/></programlisting>
</step>
-
- <step>
- <remark> This step removed in gatein r7620. Should it be removed
here?</remark>
-
- <para>
- Replace the <literal>InitiateLoginServlet</literal>
declaration in <filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename>
with:
- </para>
-<programlisting language="XML" role="XML"><xi:include
href="../../extras/Authentication_Identity_SSO/default110.xml"
parse="text" xmlns:xi="http://www.w3.org/2001/XInclude"
/></programlisting>
- </step>
</procedure>
<para>
@@ -755,7 +675,7 @@
<title>Java Open Single Sign-On Project</title>
<para>
- This Single Sign On plugin enables seamless integration between JBoss
Enterprise Portal Platform and the Java Open Single Sign-On Project (<emphasis
role="bold">JOSSO</emphasis>) Single Sign On Framework. Details about
JOSSO can be found at <ulink
url="http://www.josso.org">www.josso.org</ulink>.
+ This Single Sign On plugin enables seamless integration between JBoss
Enterprise Portal Platform and the Java Open Single Sign-On Project (<emphasis
role="bold">JOSSO</emphasis>) Single Sign On Framework. Details about
JOSSO can be found at <ulink url="http://www.josso.org"> www.josso.org
</ulink> .
</para>
<para>
@@ -767,7 +687,7 @@
<step>
<para>
- Download JOSSO from <ulink type="http"
url="http://sourceforge.net/projects/josso/files/">http://so...;.
+ Download JOSSO from <ulink type="http"
url="http://sourceforge.net/projects/josso/files/">
http://sourceforge.net/projects/josso/files/ </ulink> .
</para>
<note>
@@ -781,14 +701,6 @@
<para>
Extract the package into what will be called
<filename>JOSSO_HOME</filename> in this example.
</para>
-
- <warning>
- <title>JOSSO Versions</title>
-
- <para>
- The steps described later are only correct in case of JOSSO
v.1.8.1.
- </para>
- </warning>
</step>
</procedure>
@@ -840,11 +752,7 @@
<step>
<para>
- Tomcat will start and allow access to
- <ulink type="http"
url="http://localhost:8888/josso/signon/login.do">
- http://localhost:8888/josso/signon/login.do
- </ulink>
- but at this stage login will not be available.
+ Tomcat will start and allow access to <ulink type="http"
url="http://localhost:8888/josso/signon/login.do">
http://localhost:8888/josso/signon/login.do </ulink> but at this stage login will
not be available.
</para>
<mediaobject>
@@ -860,13 +768,13 @@
<step>
<para>
- Copy the library files from
<filename><replaceable>PORTAL_SSO</replaceable>/josso/gatein.ear/lib</filename>
into <filename>gatein.ear/lib</filename>
+ Copy the library files from
<filename><replaceable>PORTAL_SSO</replaceable>/josso/gatein.ear/lib</filename>
into <filename>gatein.ear/lib</filename> (or into
<filename>GATEIN_HOME/lib</filename> if the product is running in Tomcat).
</para>
</step>
<step>
<para>
- Copy the
<filename><replaceable>PORTAL_SSO</replaceable>/josso/gatein.ear/02portal.war/WEB-INF/classes/josso-agent-config.xml</filename>
file into the <filename>gatein.ear/02portal.war/WEB-INF/classes</filename>
directory.
+ Copy the
<filename><replaceable>PORTAL_SSO</replaceable>/josso/gatein.ear/portal.war/WEB-INF/classes/josso-agent-config.xml</filename>
file into the <filename>gatein.ear/02portal.war/WEB-INF/classes</filename>
directory (or into
<filename>JBOSS_HOME/webapps/portal.war/WEB-INF/classes</filename>, or
<filename>GATEIN_HOME/conf</filename> if the product is running in Tomcat).
</para>
</step>
@@ -876,16 +784,25 @@
</para>
<programlisting language="XML" role="XML"><xi:include
href="../../extras/Authentication_Identity_SSO/default111.xml"
parse="text" xmlns:xi="http://www.w3.org/2001/XInclude"
/></programlisting>
</step>
-
+ <step>
+ <para>
+ In Tomcat, edit
<filename>JBOSS_HOME/conf/jaas.conf</filename> and uncomment this section:
+ </para>
+<programlisting>org.gatein.sso.agent.login.SSOLoginModule required;
+org.exoplatform.services.security.j2ee.TomcatLoginModule requiredtm
+portalContainerName=portal
+realmName=gatein-domain;
+</programlisting>
+ </step>
<step>
<para>
The installation can be tested at this point.
</para>
- <procedure>
+ <substeps>
<step>
<para>
- Start (or restart) JBoss Enterprise Portal Platform, and
(assuming the JOSSO server on Tomcat is running) direct your browser to <ulink
type="http"
url="http://localhost:8888/josso/signon/login.do">http://localhost:8888/josso/signon/login.do</ulink>.
+ Start (or restart) JBoss Enterprise Portal Platform, and
(assuming the JOSSO server on Tomcat is running) direct your browser to <ulink
type="http" url="http://localhost:8888/josso/signon/login.do">
http://localhost:8888/josso/signon/login.do </ulink> .
</para>
</step>
@@ -894,7 +811,7 @@
Login with the username <literal>root</literal> and
the password <literal>gtn</literal> or any account created through the
portal.
</para>
</step>
- </procedure>
+ </substeps>
</step>
</procedure>
@@ -934,25 +851,8 @@
<para>
Add the following Filters to the top of the filter chain in
<filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename>:
</para>
-
-<remark>DOC NOTE: Please check code sample as updated according to gatein
r7647</remark>
<programlisting language="XML" role="XML"><xi:include
href="../../extras/Authentication_Identity_SSO/default115.xml"
parse="text" xmlns:xi="http://www.w3.org/2001/XInclude"
/></programlisting>
</step>
-
- <step>
- <remark> This step removed in gatein r7647. Should it be removed
here?</remark>
-
- <para>
- Replace the <literal>InitiateLoginServlet</literal>
declaration in <filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename>
with:
- </para>
-<programlisting language="XML" role="XML"><xi:include
href="../../extras/Authentication_Identity_SSO/default116.xml"
parse="text" xmlns:xi="http://www.w3.org/2001/XInclude"
/></programlisting>
- </step>
-
- <step>
- <para>
- Remove the <literal>PortalLoginController</literal> servlet
declaration and mapping in
<filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename>
- </para>
- </step>
</procedure>
<para>
@@ -972,8 +872,12 @@
<step>
<para>
- OpenSSO must be purchased from <ulink type="http"
url="http://www.oracle.com/technetwork/middleware/id-mgmt/overview/i...;.
+ OpenSSO must be purchased from <ulink type="http"
url="http://www.oracle.com/technetwork/middleware/id-mgmt/overview/i...
Oracle </ulink> .
</para>
+
+ <para>
+ For testing purpose, use OpenSSO_80U2, which can be downloaded from
<ulink type="http"
url="http://download.oracle.com/otn/nt/middleware/11g/oracle_opensso...
Oracle </ulink> .
+ </para>
</step>
<step>
@@ -983,6 +887,16 @@
</step>
</procedure>
+ <note>
+ <para>
+ It is also possible to use OpenAM instead of OpenSSO server. OpenAM is
free and the integration steps between Enterprise Portal Platform and OpenAM are very
similar as with OpenSSO. More info is available <ulink type="http"
url="http://community.jboss.org/wiki/GateInAndOpenAMIntegration"... here
</ulink> .
+ </para>
+ </note>
+ </section>
+
+ <section
id="sect-Reference_Guide_eXo_JCR-1.14-OpenSSO_server-Modifying_OpenSSO_server">
+ <title>Modifying the OpenSSO server</title>
+
<para>
To configure the web server as required, it is simpler to directly modify the
source files.
</para>
@@ -1060,7 +974,7 @@
<step>
<para>
- Tomcat should start and be able to access <ulink
type="http"
url="http://localhost:8888/opensso/UI/Login?realm=gatein">http://localhost:8888/opensso/UI/Login?realm=gatein</ulink>.
+ Tomcat should start and be able to access <ulink
type="http"
url="http://localhost:8888/opensso/UI/Login?realm=gatein">
http://localhost:8888/opensso/UI/Login?realm=gatein </ulink> .
</para>
<mediaobject>
@@ -1086,7 +1000,7 @@
<step>
<para>
- Direct your browser to <ulink type="http"
url="http://localhost:8888/opensso">http://localhost:8888/opensso</ulink>
+ Direct your browser to <ulink type="http"
url="http://localhost:8888/opensso"> http://localhost:8888/opensso
</ulink>
</para>
</step>
@@ -1098,16 +1012,15 @@
<step>
<para>
- Login as <literal>admin</literal>.
+ Login as <literal>amadmin</literal>.
</para>
<important>
<para>
- Go to the "<emphasis
role="bold">Configuration</emphasis>" tab then to
"<emphasis role="bold">Authentication</emphasis>".
+ Go to
<menuchoice><guimenu>Configuration</guimenu><guimenuitem>Authentication</guimenuitem></menuchoice>
and follow the link to <guilabel>Core</guilabel>
</para>
-
<para>
- Follow the link to "<emphasis
role="bold">Core</emphasis>" and add a new value with the class
name
"<literal>org.gatein.sso.opensso.plugin.AuthenticationPlugin</literal>".
+ Add a new value with the class name
<literal>org.gatein.sso.opensso.plugin.AuthenticationPlugin</literal>.
</para>
<para>
@@ -1118,37 +1031,39 @@
<step>
<para>
- Go to the "<emphasis role="bold">Access
control</emphasis>" tab and create new realm called
"<literal>gatein</literal>".
+ Go to the <guilabel>Access control</guilabel> tab and
create new realm called <literal>gatein</literal>.
</para>
</step>
<step>
- <substeps>
- <step>
- <para>
- Go to the new
"<literal>gatein</literal>" realm and click on the
"<emphasis role="bold">Authentication</emphasis>" tab.
- </para>
- </step>
- <step>
+ <substeps>
+ <step>
<para>
- Click on "<emphasis
role="bold">ldapService</emphasis>" (at the bottom in the
"Authentication chaining" section).
+ Go to the new <literal>gatein</literal> realm and
click on the <guilabel>Authentication</guilabel> tab.
</para>
</step>
<step>
<para>
- Change the selection from
"<literal>Datastore</literal>", which is the default module in the
authentication chain, to "<literal>AuthenticationPlugin</literal>".
+ Click on <guilabel>ldapService</guilabel> (at the
bottom in the <guilabel>Authentication chaining</guilabel> section).
</para>
</step>
- </substeps>
+
+ <step>
+ <para>
+ Change the selection from
<literal>Datastore</literal>, which is the default module in the
authentication chain, to <literal>AuthenticationPlugin</literal>.
+ </para>
+ </step>
+ </substeps>
+
<para>
- These changes enable authentication of the
"<literal>gatein</literal>" realm using the <literal>GateIn
REST</literal> service instead of the OpenSSO LDAP server.
+ These changes enable authentication of the
<literal>gatein</literal> realm using the <literal>GateIn
REST</literal> service instead of the OpenSSO LDAP server.
</para>
</step>
<step>
<para>
- Go to "<emphasis role="bold">Advanced
properties</emphasis>" and change <literal>UserProfile</literal>
from "<parameter>Required</parameter>" to
"<parameter>Dynamic</parameter>" to ensure all new users are
automatically created in the OpenSSO datastore after successful authentication.
+ Go to <guilabel>Advanced properties</guilabel> and change
<literal>UserProfile</literal> from
<parameter>Required</parameter> to <parameter>Dynamic</parameter>
to ensure all new users are automatically created in the OpenSSO datastore after
successful authentication.
</para>
</step>
@@ -1156,12 +1071,14 @@
<para>
Increase the user privileges to allow REST access with the following
procedure:
</para>
- <substeps>
- <step>
+
+ <substeps>
+ <step>
<para>
- Go to "<emphasis role="bold">Access
control</emphasis>", then <emphasis role="bold">Top level
realm</emphasis>, then click on the "<emphasis
role="bold">Privileges</emphasis>" tab and go to
"<emphasis role="bold">All authenticated
users</emphasis>".
+ Go to <menuchoice><guimenu>Access
control</guimenu><guimenuitem>Top level
realm</guimenuitem><guimenuitem>Privileges</guimenuitem><guimenuitem>All
authenticated users</guimenuitem></menuchoice>.
</para>
</step>
+
<step>
<para>
Check the last two checkboxes:
@@ -1181,7 +1098,7 @@
</listitem>
</itemizedlist>
</step>
- </substeps>
+ </substeps>
</step>
<step>
@@ -1190,6 +1107,10 @@
</para>
</step>
</procedure>
+ </section>
+
+ <section
id="sect-Reference_Guide_eXo_JCR_1.14-OpenSSO_The_Open_Web_SSO_project-Setup_the_OpenSSO_client">
+ <title>Setup the OpenSSO Client</title>
<procedure
id="proc-Reference_Guide_eXo_JCR_1.14-OpenSSO_The_Open_Web_SSO_project-Setup_the_OpenSSO_client">
<title>Setup the OpenSSO client</title>
@@ -1200,20 +1121,20 @@
</para>
<para>
- Alternatively, in a Tomcat environment, copy the libraries into the
<filename>GATEIN_HOME/lib</filename> directory.
+ Alternatively, in a Tomcat environment, copy the libraries into the
<filename>JBOSS_HOME/lib</filename> directory.
</para>
</step>
<step>
<para>
- Edit the
<filename>jboss-as/server/<replaceable>PROFILE</replaceable>/deploy/gatein.ear/META-INF/gatein-jboss-beans.xml</filename>
and uncomment this section:
+ Edit the
<filename>jboss-as/server/<replaceable><PROFILE></replaceable>/deploy/gatein.ear/META-INF/gatein-jboss-beans.xml</filename>
and uncomment this section:
</para>
<programlisting language="XML" role="XML"><xi:include
href="../../extras/Authentication_Identity_SSO/default118.xml"
parse="text" xmlns:xi="http://www.w3.org/2001/XInclude"
/></programlisting>
</step>
<step>
<para>
- If you are running &PRODUCT; in Tomcat, edit
$GATEIN_HOME/conf/jaas.conf, uncomment on this section and comment other parts:
+ If you are running the product in Tomcat, edit
<replaceable><JBOSS_HOME></replaceable>/conf/jaas.conf,
uncomment the following section and comment all other sections:
</para>
<programlisting>org.gatein.sso.agent.login.SSOLoginModule required;
org.exoplatform.services.security.j2ee.TomcatLoginModule required
@@ -1230,7 +1151,7 @@
<procedure>
<step>
<para>
- Access JBoss Enterprise Portal Platform by going to <ulink
type="http"
url="http://localhost:8888/opensso/UI/Login?realm=gatein">http://localhost:8888/opensso/UI/Login?realm=gatein</ulink>
(assuming that the OpenSSO server using Tomcat is still running).
+ Access JBoss Enterprise Portal Platform by going to <ulink
type="http"
url="http://localhost:8888/opensso/UI/Login?realm=gatein">
http://localhost:8888/opensso/UI/Login?realm=gatein </ulink> (assuming that the
OpenSSO server using Tomcat is still running).
</para>
</step>
@@ -1242,6 +1163,10 @@
</procedure>
</step>
</procedure>
+ </section>
+
+ <section
id="sect-Reference_Guide_eXo_JCR_1.14-OpenSSO_The_Open_Web_SSO_project-Setup_the_portal_to_redirect_to_OpenSSO">
+ <title>Setup the portal to redirect to OpenSSO</title>
<para>
The next part of the process is to redirect all user authentication to the
OpenSSO server.
@@ -1281,15 +1206,6 @@
</para>
<programlisting language="XML" role="XML"><xi:include
href="../../extras/Authentication_Identity_SSO/default122.xml"
parse="text" xmlns:xi="http://www.w3.org/2001/XInclude"
/></programlisting>
</step>
-<!--<step>
- <remark> This step removed in gatein r7647. Should it be removed
here?</remark>
- <para>
- Replace the <literal>InitiateLoginServlet</literal>
declaration in <filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename>
with:
- </para>
-
-<programlisting language="XML" role="XML"><xi:include
href="../../extras/Authentication_Identity_SSO/default123.xml"
parse="text" xmlns:xi="http://www.w3.org/2001/XInclude"
/></programlisting>
-
- </step>-->
</procedure>
<para>
@@ -1329,7 +1245,7 @@
<step>
<para>
- JBoss EAP/AS uses background GSS messages with the Active Directory (or
any Kerberos Server) to validate the user.
+ JBoss EAP/AS uses background GSS messages with the Active Directory (or
any Kerberos Server) to validate the Kerberos ticket from user.
</para>
</step>
@@ -1340,26 +1256,33 @@
</step>
</procedure>
- <para>
- JBoss Enterprise Portal Platform uses JBoss Negotiation to enable
SPNEGO-based desktop SSO.
- </para>
-
- <para>
- The following procedure outlines how to integrate SPNEGO with the JBoss
Enterprise Portal Platform.
- </para>
- <note>
- <title>SPNEGO Basics</title>
+ <section id="SPNEGO_server_configuration">
+ <title>SPNEGO Server Configuration</title>
+
+ <para>
+ In this section, we will describe some necessary steps for setup Kerberos
server on Linux. This server will then be used for SPNEGO authentication against JBoss
Enterprise Portal Platform.
+ </para>
+
+ <note>
+ <title>SPNEGO Basics</title>
+
<para>
- The procedure below only describes the basic steps to configure the
SPNEGO server. If you are already familiar with SPNEGO, you can jump to the
+ The procedure below only describes the basic steps to configure the
SPNEGO server in a Linux environment. If you are already familiar with SPNEGO, or if you
are using Windows and Active Directory domain, you can jump to the
<xref
linkend="proc-Reference_Guide_eXo_JCR_1.14-SPNEGO_Simple_and_Protected_GSSAPI_Negotiation_Mechanism-Advanced_SPNEGO_Configuration"
/>
to see how to integrate SPNEGO with JBoss Enterprise Portal Platform.
</para>
+
+ <para>
+ Please note that Kerberos setup is also dependent on your Linux
distribution and so steps can be slightly different in your environment.
+ </para>
</note>
- <procedure
id="proc-Reference_Guide_eXo_JCR_1.14-SPNEGO_Simple_and_Protected_GSSAPI_Negotiation_Mechanism-SPNEGO_Basics">
- <title>SPNEGO Basics</title>
+
+ <procedure
id="proc-Reference_Guide_eXo_JCR_1.14-SPNEGO_Simple_and_Protected_GSSAPI_Negotiation_Mechanism-SPNEGO_Basics">
+ <title>SPNEGO Basics</title>
+
<step>
<para>
- Correct the setup of network on the machine. For example, if you are
using the "server.local.network" domain as your machine where Kerberos and
&PRODUCT; are localed, add the line containing the machine's IP address to the
<emphasis role="bold">/etc/host </emphasis> file.
+ Correct the setup of network on the machine. For example, if you are
using the "server.local.network" domain as your machine where Kerberos and JBoss
Enterprise Portal Platform are localed, add the line containing the machine's IP
address to the <emphasis role="bold">/etc/host </emphasis> file.
</para>
<programlisting>
192.168.1.88 server.local.network
@@ -1557,111 +1480,168 @@
<itemizedlist>
<listitem>
<para>
- If the setup works well, you are required to enter the
password created for this user in Step 5.
+ If the setup works well, you are required to enter the
password created for this user in Step 5. Without the -A, the kerberos ticket validation
involved reverse DNS lookups, which can get very cumbersome to debug if your network's
DNS setup is not great. This is a production level security feature, which is not
necessary in this development setup. In production environment, it will be better to avoid
-A option.
</para>
</listitem>
<listitem>
<para>
- If you want to login with another user, use this command.
+ After successful login to Kerberos, you can see your Kerberos
ticket when using this command.
</para>
<programlisting>
+klist
+</programlisting>
+ </listitem>
+
+ <listitem>
+ <para>
+ If you want to logout and destroy your ticket, use this
command.
+ </para>
+<programlisting>
kdestroy
</programlisting>
</listitem>
</itemizedlist>
</step>
</procedure>
- <procedure
id="proc-Reference_Guide_eXo_JCR_1.14-SPNEGO_Simple_and_Protected_GSSAPI_Negotiation_Mechanism-Advanced_SPNEGO_Configuration">
- <title>Advanced SPNEGO Configuration</title>
- <step>
- <para>
- Activate the Host authentication. Add the following host login module
to the
<filename>jboss-as/server/<replaceable>PROFILE</replaceable>/conf/login-config.xml</filename>:
- </para>
-<programlisting language="XML" role="XML"><xi:include
href="../../extras/Authentication_Identity_SSO/default124.xml"
parse="text" xmlns:xi="http://www.w3.org/2001/XInclude"
/></programlisting>
- <para>
- The '<literal>keyTab</literal>' value should point
to the keytab file that was generated by the <literal>kadmin</literal>
Kerberos tool. See the
- <xref
linkend="proc-Reference_Guide_eXo_JCR_1.14-SPNEGO_Simple_and_Protected_GSSAPI_Negotiation_Mechanism-SPNEGO_Basics"/>
for more details.
- </para>
- </step>
+ </section>
+
+ <section id="Single_Sign_On-CAS_Central_Clients">
+ <title>Clients</title>
- <step>
- <para>
- Extend the core authentication mechanisms to support SPNEGO. Under
<filename>deployers/jbossweb.deployer/META-INF/war-deployers-jboss-beans.xml</filename>,
add a '<literal>SPNEGO</literal>' authenticators property
- </para>
-<programlisting language="XML" role="XML"><xi:include
href="../../extras/Authentication_Identity_SSO/default125.xml"
parse="text" xmlns:xi="http://www.w3.org/2001/XInclude"
/></programlisting>
- </step>
+ <para>
+ After performing all configurations above, you need to enable the
<emphasis role="bold">Negotiate authentication </emphasis> of
Firefox in client machines so that clients could be authenticated by JBoss Enterprise
Portal Platform as follows:
+ </para>
- <step>
- <para>
- Add the Gatein SSO module binaries by adding
<filename><replaceable>PORTAL_SSO</replaceable>/spnego/gatein.ear/lib/sso-agent.jar</filename>
and
<filename><replaceable>PORTAL_SSO</replaceable>/spnego/gatein.ear/lib/spnego-<replaceable>VERSION</replaceable>-epp-GA.jar</filename>
to <filename>deploy/gatein.ear/lib</filename>.
- </para>
- </step>
+ <procedure>
+ <step>
+ <para>
+ Start Firefox, then enter the command: <emphasis
role="bold">about:config </emphasis> into the address field.
+ </para>
+ </step>
+
+ <step>
+ <para>
+ Enter <emphasis
role="bold">network.negotiate-auth</emphasis> and set the value as
below:
+ </para>
+<programlisting>
+network.negotiate-auth.allow-proxies = true
+network.negotiate-auth.delegation-uris = .local.network
+network.negotiate-auth.gsslib (no-value)
+network.negotiate-auth.trusted-uris = .local.network
+network.negotiate-auth.using-native-gsslib = true
+</programlisting>
+ </step>
+ </procedure>
- <step>
+ <note>
<para>
- Modifying
<filename>deploy/gatein.ear/META-INF/gatein-jboss-beans.xml</filename> to
match the following:
+ Consult documentation of your OS or web browser if using different
browser than Firefox.
</para>
-<programlisting language="XML" role="XML"><xi:include
href="../../extras/Authentication_Identity_SSO/default126.xml"
parse="text" xmlns:xi="http://www.w3.org/2001/XInclude"
/></programlisting>
- <para>
- This activates the SPNEGO <literal>LoginModule</literal>
for use with JBoss Enterprise Portal Platform.
- </para>
- </step>
+ </note>
+ </section>
+
+ <section id="Single_Sign_On-SPNEGO-GateIn_Configuration">
+ <title>JBoss Enterprise Portal Platform Configuration</title>
- <step>
- <para>
- Modify
<filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename> to match:
- </para>
-<programlisting language="XML" role="XML"><xi:include
href="../../extras/Authentication_Identity_SSO/default127.xml"
parse="text" xmlns:xi="http://www.w3.org/2001/XInclude"
/></programlisting>
- <para>
- This integrates SPNEGO support into the Portal web archive by switching
authentication mechanism from the default
"<literal>FORM</literal>"-based to
"<literal>SPNEGO</literal>"-based authentication.
- </para>
- </step>
+ <para>
+ JBoss Enterprise Portal Platform uses JBoss Negotiation to enable
SPNEGO-based desktop SSO for the portal. Here are the steps to integrate SPNEGO with JBoss
Enterprise Portal Platform.
+ </para>
- <step>
- <para>
- Add the following filters to the top of the Filter chain in the
<filename>web.xml</filename> file:
- </para>
+ <procedure
id="proc-Reference_Guide_eXo_JCR_1.14-SPNEGO_Simple_and_Protected_GSSAPI_Negotiation_Mechanism-Advanced_SPNEGO_Configuration">
+ <title>Advanced SPNEGO Configuration</title>
+
+ <step>
+ <para>
+ Activate the Host authentication. Add the following host login
module to the
<filename>jboss-as/server/<replaceable>PROFILE</replaceable>/conf/login-config.xml</filename>:
+ </para>
+<programlisting language="XML" role="XML"><xi:include
href="../../extras/Authentication_Identity_SSO/default124.xml"
parse="text" xmlns:xi="http://www.w3.org/2001/XInclude"
/></programlisting>
+ <para>
+ The '<literal>keyTab</literal>' value should
point to the keytab file that was generated by the <literal>kadmin</literal>
Kerberos tool. When using Kerberos on Linux, it should be value of parameter <emphasis
role="bold">admin_keytab</emphasis> from kdc.conf file. See the
+ <xref
linkend="proc-Reference_Guide_eXo_JCR_1.14-SPNEGO_Simple_and_Protected_GSSAPI_Negotiation_Mechanism-SPNEGO_Basics"/>
+ for more details.
+ </para>
+ </step>
+
+ <step>
+ <para>
+ Extend the core authentication mechanisms to support SPNEGO. Under
<filename>deployers/jbossweb.deployer/META-INF/war-deployers-jboss-beans.xml</filename>,
add a '<literal>SPNEGO</literal>' authenticators property
+ </para>
+<programlisting language="XML" role="XML"><xi:include
href="../../extras/Authentication_Identity_SSO/default125.xml"
parse="text" xmlns:xi="http://www.w3.org/2001/XInclude"
/></programlisting>
+ </step>
+
+ <step>
+ <para>
+ Add the GateIn SSO module binaries by copying <emphasis
role="bold">GATEIN_SSO_HOME/spnego/gatein.ear/lib/sso-agent-VERSION.jar</emphasis>
to the <emphasis
role="bold">JBOSS_HOME/server/default/deploy/gatein.ear/lib</emphasis>
directory. File <emphasis
role="bold">GATEIN_SSO_HOME/spnego/gatein.ear/lib/spnego-VERSION.jar</emphasis>
needs to be copied to the <emphasis
role="bold">JBOSS_HOME/server/default/lib</emphasis> directory.
+ </para>
+ </step>
+<!-- This step not required as EPP already has the correct version of Negotiation
2.0.4.GA
+ <step>
+ <para>
+ Download library
<filename>jboss-negotiation-2.0.4.GA</filename> from location
+ <ulink type="html"
url="https://repository.jboss.org/nexus/content/groups/public/org/jb...
+ and copy this file to
<filename>JBOSS_HOME/server/default/lib</filename> directory as well.
+ </para>
+ </step>
+ -->
+ <step>
+ <para>
+ Modify the
<filename>deploy/gatein.ear/META-INF/gatein-jboss-beans.xml</filename> file to
match the following:
+ </para>
+<programlisting language="XML" role="XML"><xi:include
href="../../extras/Authentication_Identity_SSO/default126.xml"
parse="text" xmlns:xi="http://www.w3.org/2001/XInclude"
/></programlisting>
+ <para>
+ This activates SPNEGO LoginModules with fallback to FORM
authentication. When SPNEGO is not available and it needs to fallback to FORM, it will use
<emphasis role="bold">gatein-form-auth-domain</emphasis> security
domain.
+ </para>
+ </step>
+
+ <step>
+ <para>
+ Modify
<filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename> to match:
+ </para>
+<programlisting language="XML" role="XML"><xi:include
href="../../extras/Authentication_Identity_SSO/default127.xml"
parse="text" xmlns:xi="http://www.w3.org/2001/XInclude"
/></programlisting>
+ <para>
+ Integrate the request pre-processing needed for SPNEGO via filters
by adding the following filters to the <emphasis
role="bold">JBOSS_HOME/server/default/deploy/gatein.ear/02portal.war/WEB-INF/web.xml</emphasis>
at the top of the Filter chain.
+ </para>
<programlisting language="XML" role="XML"><xi:include
href="../../extras/Authentication_Identity_SSO/default128.xml"
parse="text" xmlns:xi="http://www.w3.org/2001/XInclude"
/></programlisting>
- <para>
- This integrates request pre-processing needed for SPNEGO.
- </para>
- </step>
-
- <step>
- <para>
- Edit the '<emphasis role="bold">Sign
In</emphasis>' link in
<filename><replaceable>JBOSS_HOME</replaceable>/server/<replaceable>PROFILE</replaceable>/deploy/gatein.ear/web.war/groovy/groovy/webui/component/UIBannerPortlet.gtmpl</filename>
to match the following:
- </para>
+ <para>
+ This integrates request pre-processing needed for SPNEGO.
+ </para>
+ </step>
+
+ <step>
+ <para>
+ Edit the '<emphasis role="bold">Sign
In</emphasis>' link in
<filename><replaceable>JBOSS_HOME</replaceable>/server/<replaceable>PROFILE</replaceable>/deploy/gatein.ear/web.war/groovy/groovy/webui/component/UIBannerPortlet.gtmpl</filename>
to match the following:
+ </para>
<programlisting language="Java" role="Java"><xi:include
href="../../extras/Authentication_Identity_SSO/default129.java"
parse="text" xmlns:xi="http://www.w3.org/2001/XInclude"
/></programlisting>
- <para>
- This modifies the Portal's '<emphasis
role="bold">Sign In</emphasis>' link to perform SPNEGO
authentication.
- </para>
- </step>
-
- <step>
- <para>
- Start the JBoss Enterprise Portal Platform;
- </para>
+ </step>
+
+ <step>
+ <para>
+ Start the JBoss Enterprise Portal Platform;
+ </para>
<programlisting language="Java" role="Java"><xi:include
href="../../extras/Authentication_Identity_SSO/default130.java"
parse="text" xmlns:xi="http://www.w3.org/2001/XInclude"
/></programlisting>
- <para>
- The <replaceable>PROFILE</replaceable> parameter in the
above command should be replaced with the server profile modified with the above
configuration.
- </para>
- </step>
-
- <step>
- <para>
- Login to Kerberos:
- </para>
+ <para>
+ The <replaceable>PROFILE</replaceable> parameter in the
above command should be replaced with the server profile modified with the above
configuration.
+ </para>
+ </step>
+
+ <step>
+ <para>
+ Login to Kerberos:
+ </para>
<programlisting>kinit -A demo
</programlisting>
- </step>
- </procedure>
-
- <para>
- Clicking the 'Sign In' link on the JBoss Enterprise Portal Platform
should automatically sign the 'demo' user into the portal.
- </para>
- </section>
-
+ </step>
+ </procedure>
+
+ <para>
+ Clicking the 'Sign In' link on the JBoss Enterprise Portal
Platform should automatically sign the 'demo' user into the portal.
+ </para>
+
+ <para>
+ If you destroy your kerberos ticket with command
<command>kdestroy</command>, then try to login again, you will directed to the
login screen of JBoss Enterprise Portal Product because you don't have active Kerberos
ticket. You can login with predefined account and password
"demo"/"gtn" .
+ </para>
+ </section>
<section>
<title>Clients</title>
<para>After performing all configurations above, you need to enable the
<emphasis role="bold">Negotiate authentication </emphasis> of
Firefox in clients so that clients can be authenticated by JBoss Enterprise Portal
Platform as follows:
@@ -1686,4 +1666,5 @@
</step>
</procedure>
</section>
+ </section>
</section>
Modified:
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/modules/Introduction.xml
===================================================================
---
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/modules/Introduction.xml 2011-11-09
21:18:17 UTC (rev 8017)
+++
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/modules/Introduction.xml 2011-11-10
02:39:06 UTC (rev 8018)
@@ -4,119 +4,119 @@
%BOOK_ENTITIES;
]>
<chapter id="chap-Reference_Guide_eXo_JCR_1.14-Introduction">
- <title>Introduction</title>
- <para>
- JBoss Enterprise Portal Platform is based on the GateIn project which is the merge of
two mature Java projects; JBoss Portal and eXo Portal. This new community project takes
the best of both offerings and incorporates them into a single portal framework. The aim
is to provide an intuitive user-friendly portal, and a framework to address the needs of
today's Web 2.0 applications.
- </para>
- <mediaobject>
- <imageobject role="html">
- <imagedata align="center" fileref="images/Common/Frontpage.png"
format="PNG" scale="100" width="444" />
- </imageobject>
- <imageobject role="fo">
- <imagedata align="center" contentwidth="150mm"
fileref="images/Common/Frontpage.png" format="PNG"
width="444" />
- </imageobject>
+ <title>Introduction</title>
+ <para>
+ JBoss Enterprise Portal Platform is based on the GateIn project which is the
merge of two mature Java projects; JBoss Portal and eXo Portal. This new community project
takes the best of both offerings and incorporates them into a single portal framework. The
aim is to provide an intuitive user-friendly portal, and a framework to address the needs
of today's Web 2.0 applications.
+ </para>
+ <mediaobject>
+ <imageobject role="html">
+ <imagedata align="center"
fileref="images/Common/Frontpage.png" format="PNG"
scale="100" width="444" />
+ </imageobject>
+ <imageobject role="fo">
+ <imagedata align="center" contentwidth="150mm"
fileref="images/Common/Frontpage.png" format="PNG"
width="444" />
+ </imageobject>
- </mediaobject>
- <para>
- This book provides a deep-dive information about installation and configuration of the
services provided by JBoss Enterprise Portal Platform.
- </para>
- <note>
- <title>Notational Devices</title>
- <para>
- Along with the <emphasis>Document Conventions</emphasis> outlined in the
<xref linkend="pref-Reference_Guide_eXo_JCR_1.14-Preface" />, this
document will also use the following notational devices:
- <variablelist
id="vari-Reference_Guide_eXo_JCR_1.14-Introduction-Devices">
- <title>Devices</title>
- <varlistentry>
- <term><replaceable><JBOSS_HOME></replaceable></term>
- <listitem>
- <para>
- This device will refer to the <application>JBoss Application
Server</application> (<filename>jboss-as</filename>) directory deployed
in JBoss Enterprise Portal Platform by default.
- </para>
- <para>
- Therefore, if your JBoss Enterprise Portal Platform instance is deployed into a
directory called <filename>jboss-epp-&VZ;/</filename>, your
<replaceable><JBOSS_HOME></replaceable> directory would be
<filename>jboss-epp-&VZ;/jboss-as/</filename>.
- </para>
+ </mediaobject>
+ <para>
+ This book provides a deep-dive information about installation and configuration
of the services provided by JBoss Enterprise Portal Platform.
+ </para>
+ <note>
+ <title>Notational Devices</title>
+ <para>
+ Along with the <emphasis>Document Conventions</emphasis> outlined
in the <xref linkend="pref-Reference_Guide_eXo_JCR_1.14-Preface" />, this
document will also use the following notational devices:
+ <variablelist
id="vari-Reference_Guide_eXo_JCR_1.14-Introduction-Devices">
+ <title>Devices</title>
+ <varlistentry>
+
<term><replaceable><JBOSS_HOME></replaceable></term>
+ <listitem>
+ <para>
+ This device will refer to the <application>JBoss
Application Server</application> (<filename>jboss-as</filename>)
directory deployed in JBoss Enterprise Portal Platform by default.
+ </para>
+ <para>
+ Therefore, if your JBoss Enterprise Portal Platform instance
is deployed into a directory called <filename>jboss-epp-&VY;/</filename>,
your <replaceable><JBOSS_HOME></replaceable> directory would be
<filename>jboss-epp-&VY;/jboss-as/</filename>.
+ </para>
- </listitem>
+ </listitem>
- </varlistentry>
- <varlistentry>
- <term><replaceable><PROFILE></replaceable></term>
- <listitem>
- <para>
- This device will usually follow an instance of
<replaceable><JBOSS_HOME></replaceable> in a file path and
refers to the directory that contains the server profile your JBoss Enterprise Portal
Platform instance is configured to use.
- </para>
- <para>
- JBoss Enterprise Portal Platform comes with six profiles by default; <emphasis
role="bold">all</emphasis>, <emphasis
role="bold">default</emphasis>, <emphasis
role="bold">minimal</emphasis>, <emphasis
role="bold">production</emphasis>, <emphasis
role="bold">standard</emphasis> and <emphasis
role="bold">web</emphasis>. These profiles are found in the
<filename><replaceable><JBOSS_HOME></replaceable>/server/</filename>
directory.
- </para>
- <para>
- Therefore, if you are using the <emphasis>default</emphasis> profile,
your <replaceable><PROFILE></replaceable> directory would be
<filename><replaceable><JBOSS_HOME></replaceable>/server/default/</filename>
- </para>
+ </varlistentry>
+ <varlistentry>
+
<term><replaceable><PROFILE></replaceable></term>
+ <listitem>
+ <para>
+ This device will usually follow an instance of
<replaceable><JBOSS_HOME></replaceable> in a file path and
refers to the directory that contains the server profile your JBoss Enterprise Portal
Platform instance is configured to use.
+ </para>
+ <para>
+ JBoss Enterprise Portal Platform comes with six profiles by
default; <emphasis role="bold">all</emphasis>, <emphasis
role="bold">default</emphasis>, <emphasis
role="bold">minimal</emphasis>, <emphasis
role="bold">production</emphasis>, <emphasis
role="bold">standard</emphasis> and <emphasis
role="bold">web</emphasis>. These profiles are found in the
<filename><replaceable><JBOSS_HOME></replaceable>/server/</filename>
directory.
+ </para>
+ <para>
+ Therefore, if you are using the
<emphasis>default</emphasis> profile, your
<replaceable><PROFILE></replaceable> directory would be
<filename><replaceable><JBOSS_HOME></replaceable>/server/default/</filename>
+ </para>
- </listitem>
+ </listitem>
- </varlistentry>
+ </varlistentry>
- </variablelist>
+ </variablelist>
- </para>
+ </para>
- </note>
- <section
id="sect-Reference_Guide_eXo_JCR_1.14-Introduction-Related_Links">
- <title>Related Links</title>
- <variablelist>
- <varlistentry>
- <term>Technical documentation</term>
- <listitem>
- <para>
- Other technical documentation, including an <emphasis
role="bold">Installation Guide</emphasis>, and a <emphasis
role="bold">User Guide</emphasis> can be found at <ulink
type="http"
url="http://www.redhat.com/docs/en-US/JBoss_Enterprise_Portal_Platfo...
- </para>
+ </note>
+ <section
id="sect-Reference_Guide_eXo_JCR_1.14-Introduction-Related_Links">
+ <title>Related Links</title>
+ <variablelist>
+ <varlistentry>
+ <term>Technical documentation</term>
+ <listitem>
+ <para>
+ Other technical documentation, including an <emphasis
role="bold">Installation Guide</emphasis>, and a <emphasis
role="bold">User Guide</emphasis> can be found at <ulink
type="http"
url="http://www.redhat.com/docs/en-US/JBoss_Enterprise_Portal_Platfo...
+ </para>
- </listitem>
+ </listitem>
- </varlistentry>
- <varlistentry>
- <term>Non-technical documentation</term>
- <listitem>
- <para>
- Links to non-technical documents are included on the front page of the portal:
- </para>
- <mediaobject>
- <imageobject role="html">
- <imagedata align="center"
fileref="images/Common/Non-tech-docs.png" format="PNG"
scale="90" width="444" />
- </imageobject>
- <imageobject role="fo">
- <imagedata align="center" contentwidth="130mm"
fileref="images/Common/Non-tech-docs.png" format="PNG"
width="444" />
- </imageobject>
+ </varlistentry>
+ <varlistentry>
+ <term>Non-technical documentation</term>
+ <listitem>
+ <para>
+ Links to non-technical documents are included on the front page
of the portal:
+ </para>
+ <mediaobject>
+ <imageobject role="html">
+ <imagedata align="center"
fileref="images/Common/Non-tech-docs.png" format="PNG"
scale="90" width="444" />
+ </imageobject>
+ <imageobject role="fo">
+ <imagedata align="center"
contentwidth="130mm" fileref="images/Common/Non-tech-docs.png"
format="PNG" width="444" />
+ </imageobject>
- </mediaobject>
+ </mediaobject>
- </listitem>
+ </listitem>
- </varlistentry>
- <varlistentry>
- <term>Videos</term>
- <listitem>
- <para>
- A link to <ulink type="http"
url="http://vimeo.com/channels/gatein">videos</ulink> related to the
JBoss Enterprise Portal Platform is also included on the front page:
- </para>
- <mediaobject>
- <imageobject role="html">
- <imagedata align="center"
fileref="images/Common/Videos.png" format="PNG" scale="90"
width="444" />
- </imageobject>
- <imageobject role="fo">
- <imagedata align="center" contentwidth="130mm"
fileref="images/Common/Videos.png" format="PNG" width="444"
/>
- </imageobject>
+ </varlistentry>
+ <varlistentry>
+ <term>Videos</term>
+ <listitem>
+ <para>
+ A link to <ulink type="http"
url="http://vimeo.com/channels/gatein">videos</ulink> related to the
JBoss Enterprise Portal Platform is also included on the front page:
+ </para>
+ <mediaobject>
+ <imageobject role="html">
+ <imagedata align="center"
fileref="images/Common/Videos.png" format="PNG" scale="90"
width="444" />
+ </imageobject>
+ <imageobject role="fo">
+ <imagedata align="center"
contentwidth="130mm" fileref="images/Common/Videos.png"
format="PNG" width="444" />
+ </imageobject>
- </mediaobject>
+ </mediaobject>
- </listitem>
+ </listitem>
- </varlistentry>
+ </varlistentry>
- </variablelist>
+ </variablelist>
- </section>
-
+ </section>
+
</chapter>
Modified:
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/modules/PortalDevelopment/Skinning.xml
===================================================================
---
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/modules/PortalDevelopment/Skinning.xml 2011-11-09
21:18:17 UTC (rev 8017)
+++
epp/docs/branches/5.2/Reference_Guide-eXoJCR-1.14/en-US/modules/PortalDevelopment/Skinning.xml 2011-11-10
02:39:06 UTC (rev 8018)
@@ -176,7 +176,7 @@
JBoss Enterprise Portal Platform automatically discovers web archives
that contain a file descriptor for skins
(<filename>WEB-INF/gatein-resources.xml</filename>). This file is responsible
for specifying the portal, portlet and window decorators to be deployed into the skin
service.
</para>
<para>
- The full schema can be found at: <ulink type="http"
url="http://www.gatein.org/xml/ns/gatein_resources_1_0" />.
+ The full schema can be found at: <ulink type="http"
url="http://www.gatein.org/xml/ns/gatein_resources_1_2" />.
</para>
<para>
Below is an example of where to define a skin
(<literal>MySkin</literal>) with its CSS location, and specify some window
decorator skins:
@@ -236,7 +236,7 @@
</varlistentry>
<varlistentry>
- <term>skin/Stylesheet.CSS</term>
+ <term>skin/Stylesheet.css</term>
<listitem>
<para>
This file is the main portal skin stylesheet. It is the main
entry point to the CSS class definitions for the skin. The main content points of this
file are:
@@ -361,7 +361,7 @@
In order for the default skin to display the skin icon for a new
portal skin, the preview screenshot needs to be placed in:
<filename>01eXoResources.war:/skin/DefaultSkin/portal/webui/component/customization/UIChangeSkinForm/background</filename>.
</para>
<para>
- The CSS stylesheet for the default portal needs to have the following
updated with the preview icon CSS class. For a skin named <emphasis
role="bold">MySkin</emphasis> then the following needs to be updated:
<filename>01eXoResources.war:/skin/DefaultSkin/portal/webui/component/customization/UIChangeSkinForm/Stylesheet.CSS</filename>.
+ The CSS stylesheet for the default portal needs to have the following
updated with the preview icon CSS class. For a skin named <emphasis
role="bold">MySkin</emphasis> then the following needs to be updated:
<filename>01eXoResources.war:/skin/DefaultSkin/portal/webui/component/customization/UIChangeSkinForm/Stylesheet.css</filename>.
</para>
<programlisting language="XML" role="XML"><xi:include
href="../../extras/PortalDevelopment_Skinning/default188.xml"
parse="text" xmlns:xi="http://www.w3.org/2001/XInclude"
/></programlisting>
@@ -417,7 +417,7 @@
In order for the skin service to display the window decorators, it
must have CSS classes specifically named in relation to the window style name. The service
will try and display CSS based on this naming convention. The CSS class must be included
as part of the current portal skin for the window decorators to be displayed.
</para>
<para>
- The location of the window decorator CSS classes for the default
portal theme is located at:
<filename>01eXoResources.war/skin/PortletThemes/Stylesheet.CSS</filename>.
+ The location of the window decorator CSS classes for the default
portal theme is located at:
<filename>01eXoResources.war/skin/PortletThemes/Stylesheet.css</filename>.
</para>
<para>
@@ -522,7 +522,7 @@
The portlet specification defines a set of default CSS classes that
should be available for portlets. These classes are included as part of the portal skin.
Please see the portlet specification for a list of the default classes that should be
available.
</para>
<para>
- For the default portal skin, the portlet specification CSS classes are
defined in:
<filename>01eXoResources.war/skin/Portlet/Stylesheet.CSS</filename>.
+ For the default portal skin, the portlet specification CSS classes are
defined in:
<filename>01eXoResources.war/skin/Portlet/Stylesheet.css</filename>.
</para>
</section>
4796
days inactive
4796
days old
gatein-commits@lists.jboss.org
0 comments
1 participants
participants (1)
-
do-not-reply@jboss.org