Author: jaredmorgs
Date: 2013-02-27 00:01:13 -0500 (Wed, 27 Feb 2013)
New Revision: 9186
Modified:
epp/docs/branches/6.0/Reference_Guide/en-US/Revision_History.xml
epp/docs/branches/6.0/Reference_Guide/en-US/images/PortalDevelopment/Skinning/portal-change-skin.png
epp/docs/branches/6.0/Reference_Guide/en-US/modules/AuthenticationAndIdentity/AuthenticationAuthorizationOverview.xml
epp/docs/branches/6.0/Reference_Guide/en-US/modules/AuthenticationAndIdentity/PasswordEncryption.xml
epp/docs/branches/6.0/Reference_Guide/en-US/modules/AuthenticationAndIdentity/SSO.xml
epp/docs/branches/6.0/Reference_Guide/en-US/modules/PortalDevelopment/DefaultPortalConfiguration.xml
epp/docs/branches/6.0/Reference_Guide/en-US/modules/PortalDevelopment/DefaultPortalNavigationConfiguration.xml
epp/docs/branches/6.0/Reference_Guide/en-US/modules/PortalDevelopment/InternationalizationConfiguration.xml
epp/docs/branches/6.0/Reference_Guide/en-US/modules/PortalDevelopment/LocalizationConfiguration.xml
epp/docs/branches/6.0/Reference_Guide/en-US/modules/PortalDevelopment/Skinning.xml
Log:
BZ#912678 - incorporated all observations from QE. BZ#913291 - changed file paths to match
the Confluence paths.
Modified: epp/docs/branches/6.0/Reference_Guide/en-US/Revision_History.xml
===================================================================
--- epp/docs/branches/6.0/Reference_Guide/en-US/Revision_History.xml 2013-02-27 02:09:48
UTC (rev 9185)
+++ epp/docs/branches/6.0/Reference_Guide/en-US/Revision_History.xml 2013-02-27 05:01:13
UTC (rev 9186)
@@ -7,25 +7,53 @@
<title>Revision History</title>
<simpara>
<revhistory>
- <revision>
- <revnumber>6.0.0-51</revnumber>
- <date>Tue Feb 26 2013</date>
- <author>
- <firstname>Scott</firstname>
- <surname>Mumford</surname>
- <email></email>
- </author>
- <revdescription>
- <simplelist>
- <member>Included updated image in "SAML2 Authentication
Overview".</member>
- <member>Added "Generate and configure your own keystore"
section in Confluence</member>
- <member>Merge 'JPP as SP' and 'PicketLink as IDP'
procedures</member>
- <member>Finished all feedback from BZ#856430 comments
#21-26</member>
- <member>Language and grammar edit.</member>
- </simplelist>
- </revdescription>
- </revision>
<revision>
+ <revnumber>6.0.0-53</revnumber>
+ <date>Wed Feb 27 2013</date>
+ <author>
+ <firstname>Jared</firstname>
+ <surname>Morgan</surname>
+ <email/>
+ </author>
+ <revdescription>
+ <simplelist>
+ <member>BZ#913291 - Reviewed and corrected incorrect file paths in this
section. Ready for QA.</member>
+ </simplelist>
+ </revdescription>
+ </revision>
+ <revision>
+ <revnumber>6.0.0-52</revnumber>
+ <date>Wed Feb 27 2013</date>
+ <author>
+ <firstname>Jared</firstname>
+ <surname>Morgan</surname>
+ <email/>
+ </author>
+ <revdescription>
+ <simplelist>
+ <member>BZ#911516 - Incorporated all QE Review comments to
date.</member>
+ </simplelist>
+ </revdescription>
+ </revision>
+ <revision>
+ <revnumber>6.0.0-51</revnumber>
+ <date>Tue Feb 26 2013</date>
+ <author>
+ <firstname>Scott</firstname>
+ <surname>Mumford</surname>
+ <email/>
+ </author>
+ <revdescription>
+ <simplelist>
+ <member>Included updated image in "SAML2 Authentication
Overview".</member>
+ <member>Added "Generate and configure your own
keystore" section in Confluence</member>
+ <member>Merge 'JPP as SP' and 'PicketLink as
IDP' procedures</member>
+ <member>Finished all feedback from BZ#856430 comments
#21-26</member>
+ <member>Language and grammar edit.</member>
+ </simplelist>
+ </revdescription>
+ </revision>
+ <revision>
<revnumber>6.0.0-49</revnumber>
<date>Mon Feb 18 2013</date>
<author>
@@ -77,7 +105,7 @@
</author>
<revdescription>
<simplelist>
- <member>BZ#907672 - Incorporated "Upload Component" content
from Confluence wiki, up to version 3.</member>
+ <member>BZ#907672 - Incorporated "Upload Component"
content from Confluence wiki, up to version 3.</member>
</simplelist>
</revdescription>
</revision>
Modified:
epp/docs/branches/6.0/Reference_Guide/en-US/images/PortalDevelopment/Skinning/portal-change-skin.png
===================================================================
(Binary files differ)
Modified:
epp/docs/branches/6.0/Reference_Guide/en-US/modules/AuthenticationAndIdentity/AuthenticationAuthorizationOverview.xml
===================================================================
---
epp/docs/branches/6.0/Reference_Guide/en-US/modules/AuthenticationAndIdentity/AuthenticationAuthorizationOverview.xml 2013-02-27
02:09:48 UTC (rev 9185)
+++
epp/docs/branches/6.0/Reference_Guide/en-US/modules/AuthenticationAndIdentity/AuthenticationAuthorizationOverview.xml 2013-02-27
05:01:13 UTC (rev 9186)
@@ -85,17 +85,17 @@
</login-config> </programlisting>
<para>
<literal>LoginServlet</literal> redirects the user to the login
page placed in
<filename><replaceable>JPP_DIST</replaceable>/gatein/gatein.ear/portal.war/login/jsp/login.jsp</filename>.
- <figure>
- <title>Default Login Form on the login.jsp Page</title>
- <mediaobject>
- <imageobject role="html">
- <imagedata align="center"
fileref="images/AuthenticationAndIdentity/Overview/loginScreen.png"
format="PNG"/>
- </imageobject>
- <imageobject role="fo">
- <imagedata align="center" scalefit="1"
fileref="images/AuthenticationAndIdentity/Overview/loginScreen.png"
format="PNG"/>
- </imageobject>
- </mediaobject>
- </figure>
+ <figure>
+ <title>Default Login Form on the login.jsp Page</title>
+ <mediaobject>
+ <imageobject role="html">
+ <imagedata align="center"
fileref="images/AuthenticationAndIdentity/Overview/loginScreen.png"
format="PNG"/>
+ </imageobject>
+ <imageobject role="fo">
+ <imagedata align="center" scalefit="1"
fileref="images/AuthenticationAndIdentity/Overview/loginScreen.png"
format="PNG"/>
+ </imageobject>
+ </mediaobject>
+ </figure>
</para>
<para>
Changes to the appearance of this login page can be made in this JSP file.
Alternatively you can create an extension and override this page via extension if you
don't want to edit it directly. You can also change images or CSS placed in
<filename><replaceable>JPP_DIST</replaceable>/gatein/gatein.ear/login/skin</filename>.
@@ -110,7 +110,7 @@
<section id="sect-Authentication_Authorization_Intro-Login_Modules">
<title>Login Modules</title>
<para>
-From the WCI servlet API login, the user is redirected to JAAS authentication. JBoss
Portal Platform uses its own security domain (<emphasis
role="bold">gatein-domain</emphasis>) with a set of predefined login
modules. Login module configuration for <emphasis>gatein-domain</emphasis> is
contained in the
<filename>JPP_HOME/gatein/gatein.ear/META-INF/gatein-jboss-beans.xml</filename>
file.
+From the WCI servlet API login, the user is redirected to JAAS authentication. JBoss
Portal Platform uses its own security domain (<emphasis
role="bold">gatein-domain</emphasis>) with a set of predefined login
modules. Login module configuration for <emphasis>gatein-domain</emphasis> is
contained in the
<filename>JPP_HOME/standalone/configuration/standalone.xml</filename> file.
</para>
<para>
Below is the default login modules stack:
@@ -136,7 +136,7 @@
New login modules can be added or the stack completely replaced with custom
modules.
</para>
<para>
- Authentication starts with the login method of each login module being invoked.
After all login methods are invoked, the authentication is continued by invoking the
commit method on each login module. Both login and commit methods can throw
LoginException. If it happens, then the whole authentication ends unsuccessfully, which in
turn invokes the abort method on each login module. By returning "false"
from the login method, you can ensure that the login module is ignored. This is not
specific to JBoss Portal Platform but it is generic to JAAS. Refer to <ulink
url="http://docs.oracle.com/javase/6/docs/technotes/guides/security/...
type="http">http://docs.oracle.com/javase/6/docs/technotes/g...
here for more information about login modules in general.
+ Authentication starts with the login method of each login module being invoked.
After all login methods are invoked, the authentication is continued by invoking the
commit method on each login module. Both login and commit methods can throw
LoginException. If it happens, then the whole authentication ends unsuccessfully, which in
turn invokes the abort method on each login module. By returning "false"
from the login method, you can ensure that the login module is ignored. This is not
specific to JBoss Portal Platform but it is generic to JAAS. See <ulink
url="http://docs.oracle.com/javase/6/docs/technotes/guides/security/...
type="http"/> for more information about login modules in general.
</para>
<section id="sect-Authentication_Authorization_Intro-existingLM">
<title>Existing Login Modules</title>
@@ -157,7 +157,8 @@
<term>JBoss Enterprise Application Platform 6 LoginModule</term>
<listitem>
<para>
- Most important login module, which is normally used to perform whole
authentication by itself. First it checks if Identity object has been already created and
saved into sharedState map by previous login modules (like SSODelegateLoginModule,
CustomMembershipLoginModule or SharedStateLoginModule). If not, it triggers real
authentication of user with usage of Authenticator interface and it will use
Authentication.validateUser(Credential[] credentials) which performs real authentication
of username and password against OrganizationService and portal identity database. See
<xref
linkend="sect-Authentication_Authorization_Intro-authenticatorAndRolesExtractor"/>
for details about Authenticator and about Identity objects. In the Jboss Enterprise
Application Platform 6 LoginModule.commit method, the Identity object is registered to
IdentityRegistry, which will be used later for authorization. Also some JAAS principals
(UserPrincipal and RolesPrincipal) and assigned t!
o our authenticated Subject. This is needed for JBoss Enterprise Application server, so
that it can properly recognize the name of the logged user and its roles on an JBoss
Enterprise Application level.
+ Most important login module, which is normally used to perform whole
authentication by itself. First it checks if Identity object has been already created and
saved into sharedState map by previous login modules (like SSODelegateLoginModule,
CustomMembershipLoginModule or SharedStateLoginModule). If not, it triggers real
authentication of user with usage of Authenticator interface and it will use
Authentication.validateUser(Credential[] credentials) which performs real authentication
of username and password against OrganizationService and portal identity database. See
<xref
linkend="sect-Authentication_Authorization_Intro-authenticatorAndRolesExtractor"/>
for details about Authenticator and about Identity objects. </para>
+ <para>In the JBoss Enterprise Application Platform 6 LoginModule.commit
method, the Identity object is registered to IdentityRegistry, which will be used later
for authorization. Also some JAAS principals (UserPrincipal and RolesPrincipal) and
assigned to our authenticated Subject. This is needed for JBoss Enterprise Application
server, so that it can properly recognize the name of the logged user and its roles on an
JBoss Enterprise Application level.
</para>
</listitem>
</varlistentry>
@@ -350,15 +351,34 @@
<para>
Default implementation
<emphasis>DefaultRolesExtractorImpl</emphasis> is based on a special
algorithm, which uses the name of the role from the root of the group (for example for
role "/organization/management/something" we have JAAS role
"organization"). The only exception is the "platform"
group where we use second level as the name of the group. For example from group
"/platform/users" we have JAAS role "users".
</para>
- <para>
- <emphasis role="bold">Example: </emphasis> We have
user <emphasis>root</emphasis>, which has memberships
<emphasis>member:/platform/users</emphasis>,
<emphasis>manager:/platform/administrators</emphasis>,
<emphasis>validator:/platform/managers</emphasis>,
<emphasis>member:/partners</emphasis>,
<emphasis>member:/customers/acme</emphasis>,
<emphasis>member:/organization/management/board</emphasis>. In this case we
will have JAAS roles: <emphasis>users</emphasis>,
<emphasis>administrators</emphasis>,
<emphasis>managers</emphasis>, <emphasis>partners</emphasis>,
<emphasis>customers</emphasis>,
<emphasis>organization</emphasis>.
+ <para>For example, the user root has the following memberships:</para>
+ <itemizedlist>
+ <listitem>
+ <para>member:/platform/users</para>
+ </listitem>
+ <listitem>
+ <para>manager:/platform/administrators</para>
+ </listitem>
+ <listitem>
+ <para>validator:/platform/managers</para>
+ </listitem>
+ <listitem>
+ <para>member:/partners</para>
+ </listitem>
+ <listitem>
+ <para>member:/customers/acme</para>
+ </listitem>
+ <listitem>
+ <para>member:/organization/management/board</para>
+ </listitem>
+ </itemizedlist>
+ <para>In this case we will have JAAS roles: users, administrators, managers,
partners, customers, organization.
</para>
- <para>
- Default implementation of Authenticator is
<emphasis>OrganizationAuthenticatorImpl</emphasis>, which is implementation
based on <emphasis>OrganizationService</emphasis>. See <xref
linkend="sect-Reference_Guide-Organization_API"/> .
+ <para>The default implementation of Authenticator is
<emphasis>OrganizationAuthenticatorImpl</emphasis>, which is implementation
based on <emphasis>OrganizationService</emphasis>. See <xref
linkend="sect-Reference_Guide-Organization_API"/> .
</para>
<para>
You can override the default implementation of the mentioned
<systemitem>Authenticator</systemitem> and
<systemitem>RolesExtractor</systemitem> interfaces if the default behavior is
not suitable for your needs.
- </para>
+ </para>
</section>
<!-- Ending section Authenticator and RolesExtractor --> </section>
<!-- Ending section with login modules --> <section
id="sect-Authentication_Authorization_Intro-differentAuthWorkflows">
@@ -403,7 +423,7 @@
</listitem>
<listitem>
<para>
- There is a special HTTP Filter <emphasis
role="bold">RememberMeFilter</emphasis> configured in web.xml, which
checks the RememberMe cookie and then it retrieves credentials of user from
RemindPasswordTokenService. Now filter redirects request to PortalLoginController and
authentication process goes in same way as for normal FORM based authentication.
+ There is a special HTTP Filter RememberMeFilter configured in
<filename>web.xml</filename>, which checks the RememberMe cookie and then it
retrieves credentials of user from RemindPasswordTokenService. Now filter redirects
request to PortalLoginController and authentication process goes in same way as for normal
FORM based authentication.
</para>
</listitem>
</itemizedlist>
@@ -411,11 +431,9 @@
<section
id="sect-Authentication_Authorization_Intro-RememberMeAuthentication-RemindPasswordTokenService">
<title>RemindPasswordTokenService</title>
<para>
- This is a special service used during the RememberMe authentication
workflow. It is configurable in the file
<filename><replaceable>JPP_DIST</replaceable>/gatein/gatein.ear/portal.war/WEB-INF/conf/common/remindpwd-configuration.xml</filename>
. For more info, look at section <xref
linkend="sect-Reference_Guide-Authentication_Token_Configuration"/>
- </para>
+ This is a special service used during the RememberMe authentication
workflow. It is configurable in the file
<filename><replaceable>JPP_DIST</replaceable>/gatein/gatein.ear/portal.war/WEB-INF/conf/common/remindpwd-configuration.xml</filename>
. See <xref
linkend="sect-Reference_Guide-Authentication_Token_Configuration"/> for more
information. </para>
<para>
- You can encrypt passwords before storing them in JCR. More info is in
section <xref
linkend="sect-Reference_Guide-Authentication_and_Identity-Password_Encryption"/>.
- </para>
+ You can encrypt passwords before storing them in JCR. See <xref
linkend="sect-Reference_Guide-Authentication_and_Identity-Password_Encryption"/>
for more information. </para>
</section>
</section>
<section id="sect-Authentication_Authorization_Intro-authorization">
Modified:
epp/docs/branches/6.0/Reference_Guide/en-US/modules/AuthenticationAndIdentity/PasswordEncryption.xml
===================================================================
---
epp/docs/branches/6.0/Reference_Guide/en-US/modules/AuthenticationAndIdentity/PasswordEncryption.xml 2013-02-27
02:09:48 UTC (rev 9185)
+++
epp/docs/branches/6.0/Reference_Guide/en-US/modules/AuthenticationAndIdentity/PasswordEncryption.xml 2013-02-27
05:01:13 UTC (rev 9186)
@@ -7,11 +7,11 @@
<title>Password Encryption</title>
<section
id="sid-54264610_PasswordEncryption-HashingandsaltingofpasswordsinPicketlinkIDM">
<title>Hashing and Salting of Passwords in PicketLink IDM</title>
-<remark>Source:
https://docs.jboss.org/author/display/GTNPORTAL35/Password+Encryption<...
+ <remark>Source:
https://docs.jboss.org/author/display/GTNPORTAL35/Password+Encryption<...
<para>
-JBoss Portal Platform is using the
+JBoss Portal Platform uses
<ulink
url="http://www.jboss.org/picketlink/IDM">PicketLink
IDM</ulink>
- framework to store information about identity objects (users/groups/memberships).
For better security, PicketLink IDM does not save user passwords into database in
plain-text, but it uses <code>CredentialEncoder</code>, which encode password
and save the encoded form into PicketLink IDM database. Later when user want to
authenticate, they need to provide their password in plain-text via a web login form. The
provided password is then encoded and compared to an encoded password in the PicketLink
IDM database. JBoss Portal Platform is then able to authenticate user based on this
comparison. More information can be found in <xref
linkend="sect-Reference_Guide-PicketLink_IDM_integration"/>.
+ framework to store information about identity objects (users/groups/memberships).
For better security, PicketLink IDM does not save user passwords into database in
plain-text, but it uses <code>CredentialEncoder</code>, which encodes password
and saves the encoded form into PicketLink IDM database. Later when the user wants to
authenticate, they need to provide their password in plain-text through a web login form.
The provided password is then encoded and compared to an encoded password in the
PicketLink IDM database. JBoss Portal Platform is then able to authenticate the user based
on this comparison. See <xref
linkend="sect-Reference_Guide-PicketLink_IDM_integration"/> for more
information.
</para>
<para>
Default implementation of
@@ -23,7 +23,7 @@
<title>Choosing CredentialEncoder Implementation</title>
<para>
The implementation of CredentialEncoder is configured in file
-
<code>GATEIN_HOME/gatein/gatein.ear/portal.war/WEB-INF/conf/organization/picketlink-idm/picketlink-idm-config.xml</code>
+
<code>JPP_HOME/gatein/gatein.ear/portal.war/WEB-INF/conf/organization/picketlink-idm/picketlink-idm-config.xml</code>
. Usually the most important are options of realm
<code>idm_portal</code>
starting with prefix
Modified:
epp/docs/branches/6.0/Reference_Guide/en-US/modules/AuthenticationAndIdentity/SSO.xml
===================================================================
---
epp/docs/branches/6.0/Reference_Guide/en-US/modules/AuthenticationAndIdentity/SSO.xml 2013-02-27
02:09:48 UTC (rev 9185)
+++
epp/docs/branches/6.0/Reference_Guide/en-US/modules/AuthenticationAndIdentity/SSO.xml 2013-02-27
05:01:13 UTC (rev 9186)
@@ -560,13 +560,13 @@
<section
id="sect-Reference_Guide-SSO_Single_Sign_On_-Java_Open_Single_Sign_On_Project">
<title><remark>BZ#856430</remark>Java Open Single Sign-On
(JOSSO)</title>
<para>
- Java Open Single Sign-On (JOSSO) is an open-source single sign-on solution based on
Java EE. It allows multiple web servers or web applications to authenticate users with a
credential store. Detailed information about JOSSO can be found at <ulink
url="http://www.josso.org"/>.
- </para>
- <para>
+ Java Open Single Sign-On (JOSSO) is an open-source single sign-on solution based on
Java EE. It allows multiple web servers or web applications to authenticate users with a
credential store. Detailed information about JOSSO can be found at <ulink
url="http://www.josso.org"/>.
+ </para>
+ <para>
JOSSO integration with JBoss Portal Platform requires an Apache Tomcat server
instance to host JOSSO. JBoss Portal Platform communicates with the JOSSO server through a
single sign-on plug-in.
- </para>
- <para>
- Setting up the integration consists of two steps – setting up the JOSSO
server and setting up the portal to use the JOSSO server. These two steps differ depending
on the used version of JOSSO, as described in <xref linkend="sect-JOSSO-1.8"
/> and <xref linkend="sect-JOSSO-2.2" />. After completing the
procedures described in either section, all links redirecting to user authentication pages
will redirect to the JOSSO centralized authentication form.
+ </para>
+ <para>
+ Setting up the integration consists of two steps – setting up the JOSSO
server and setting up the portal to use the JOSSO server. These two steps differ depending
on the used version of JOSSO, as described in <xref
linkend="sect-JOSSO-1.8"/> and <xref
linkend="sect-JOSSO-2.2"/>. After completing the procedures described in
either section, all links redirecting to user authentication pages will redirect to the
JOSSO centralized authentication form.
</para>
<section
id="sect-Reference_Guide-SSO_Single_Sign_On_-Java_Open_Single_Sign_On_Project-Auth_Process">
<title>Authentication Process</title>
@@ -615,32 +615,32 @@
<para>
<emphasis role="bold">Optional:</emphasis>
To use the SSO authentication plug-in with JOSSO (not mandatory but recommended, see
<xref
linkend="sect-Reference_Guide-SSO_Single_Sign_On_-Java_Open_Single_Sign_On_Project-Auth_Process"/>
for details), copy the contents of the
<filename>JPP_DIST/gatein-sso/josso/josso-<replaceable><version></replaceable>/plugin/</filename>
directory into the <replaceable>JOSSO_HOME</replaceable> directory. Among the
files that will be copied, the following ones are the most important:
</para>
- <itemizedlist>
- <listitem>
- <para>
+ <itemizedlist>
+ <listitem>
+ <para>
<filename><replaceable>JOSSO_HOME</replaceable>/lib/josso-gateway-config.xml</filename>
- </para>
- <para>
- The original file is being replaced. You should consider creating a backup of
it before adding the new file.
+ </para>
+ <para>
+ The original file is being replaced. You should consider creating a backup of
it before adding the new file.
</para>
- </listitem>
- <listitem>
- <para>
+ </listitem>
+ <listitem>
+ <para>
<filename><replaceable>JOSSO_HOME</replaceable>/lib/josso-gateway-gatein-stores.xml</filename>
- </para>
- <para>
- This file is not present in the original
<replaceable>JOSSO_HOME</replaceable> download.
+ </para>
+ <para>
+ This file is not present in the original
<replaceable>JOSSO_HOME</replaceable> download.
</para>
- </listitem>
- <listitem>
- <para>
+ </listitem>
+ <listitem>
+ <para>
<filename>JOSSO_HOME/webapps/josso/WEB-INF/classes/gatein.properties</filename>
- </para>
- <para>
- This file is not present in the original
<replaceable>JOSSO_HOME</replaceable> download. You may need to edit the file
and change the host and port to match your JBoss Portal Platform instance. The values will
be used by the authentication plug-in when sending REST requests over HTTP.
+ </para>
+ <para>
+ This file is not present in the original
<replaceable>JOSSO_HOME</replaceable> download. You may need to edit the file
and change the host and port to match your JBoss Portal Platform instance. The values will
be used by the authentication plug-in when sending REST requests over HTTP.
</para>
- </listitem>
- </itemizedlist>
+ </listitem>
+ </itemizedlist>
</step>
<step>
<para>
@@ -958,20 +958,20 @@
</substeps>
</step>
<step>
- <para>Test the configuration:</para>
+ <para>Test the configuration:</para>
<substeps>
<step>
<para>
Start the Portal.
</para>
- </step>
- <step>
+ </step>
+ <step>
<para>
Access <uri>http://localhost:8080/portal</uri> and
click <emphasis role="italics">Sign in</emphasis>. You will be
redirected to the JOSSO instance, but you will need to login with the username and
password created via the JOSSO console (for example
<literal>john</literal>/<literal>password</literal>) as REST
callbacks are not supported.
</para>
</step>
</substeps>
- <para>After a successful login to JOSSO, you will be redirected to the portal
authenticated as <literal>john</literal>.</para>
+ <para>After a successful login to JOSSO, you will be redirected to the
portal authenticated as <literal>john</literal>.</para>
</step>
</procedure>
</section>
@@ -1658,7 +1658,7 @@
<term>gatein.sso.filter.login.sso.url</term>
<listitem>
<para>
- This value ensures that clicking the <guibutton>Sign
in</guibutton> link will redirect users to the
<literal>/portal/dologin</literal> URL, which is a secured URL declared in the
<filename>security-constraint section of
JPP_HOME/gatein/gatein.ear/portal.war/WEB-INF/web.xml</filename> file, allowing the
<systemitem>GateInNegotiationAuthenticator</systemitem> valve to intercept the
HTTP request.
+ This value ensures that clicking the <guibutton>Sign
in</guibutton> link will redirect users to the
<literal>/portal/dologin</literal> URL, which is a secured URL declared in the
<security-constraint> section of
<filename>JPP_HOME/gatein/gatein.ear/portal.war/WEB-INF/web.xml</filename>
file, allowing the <systemitem>GateInNegotiationAuthenticator</systemitem>
valve to intercept the HTTP request.
</para>
</listitem>
</varlistentry>
@@ -1871,9 +1871,9 @@
</para>
<procedure
id="proc-Reference_Guide-Enabling_SSO_using_JBoss_SSO_Valve-Testing_the_SSO_Valve">
<title>Configuring and Testing Single-Sign On in a Shared DNS
Domain</title>
- <para>
+ <para>
This procedure demonstrates the configuration and testing of single
sign-on for two JBoss Portal Platform server instances running in a shared domain on a
single physical Linux machine.</para>
- <para>It is expected that each instance is installed in a separate
directory in the machine's file system, and that the
<literal>192.168.210.101</literal> and
<literal>192.168.210.102</literal> virtual IP addresses are available on the
machine.
+ <para>It is expected that each instance is installed in a separate
directory in the machine's file system, and that the
<literal>192.168.210.101</literal> and
<literal>192.168.210.102</literal> virtual IP addresses are available on the
machine.
</para>
<step>
<para>
@@ -1894,7 +1894,7 @@
</step>
<step>
<para>By default, the <filename>standalone-ha.xml</filename>
file is configured to use a shared H2 database, which is intended to be used only for
testing purposes. Start the database by issuing the following command in the
<replaceable>JPP_HOME</replaceable> directory of the first
instance:</para>
-<programlisting>
+ <programlisting>
java -cp
modules/com/h2database/h2/main/h2-<replaceable><VERSION></replaceable>.jar
org.h2.tools.Server
</programlisting>
</step>
Modified:
epp/docs/branches/6.0/Reference_Guide/en-US/modules/PortalDevelopment/DefaultPortalConfiguration.xml
===================================================================
---
epp/docs/branches/6.0/Reference_Guide/en-US/modules/PortalDevelopment/DefaultPortalConfiguration.xml 2013-02-27
02:09:48 UTC (rev 9185)
+++
epp/docs/branches/6.0/Reference_Guide/en-US/modules/PortalDevelopment/DefaultPortalConfiguration.xml 2013-02-27
05:01:13 UTC (rev 9186)
@@ -159,7 +159,7 @@
<taskrelated>
<note>
<para>
- Disabling the default <emphasis>portal</emphasis>
container is possible as well, but some functions, such as WSRP, or Services Management,
depend on the default portal container to be deployed, and will no longer work if this is
disabled.
+ Disabling the default portal container is possible, but not
recommended. Some functions, such as WSRP or Services Management, depend on the default
portal container to be deployed. These functions will no longer work if the default portal
container is disabled.
</para>
</note>
</taskrelated>
Modified:
epp/docs/branches/6.0/Reference_Guide/en-US/modules/PortalDevelopment/DefaultPortalNavigationConfiguration.xml
===================================================================
---
epp/docs/branches/6.0/Reference_Guide/en-US/modules/PortalDevelopment/DefaultPortalNavigationConfiguration.xml 2013-02-27
02:09:48 UTC (rev 9185)
+++
epp/docs/branches/6.0/Reference_Guide/en-US/modules/PortalDevelopment/DefaultPortalNavigationConfiguration.xml 2013-02-27
05:01:13 UTC (rev 9186)
@@ -29,7 +29,7 @@
</listitem>
</itemizedlist>
<para>
- These navigators are configured using the standard XML syntax in the file:
<filename>portal.war/WEB-INF/conf/portal/portal-configuration.xml</filename>.
+ These navigators are configured using the standard XML syntax in the file:
<filename>JPP_HOME/gatein/gatein.ear/portal.war/WEB-INF/conf/portal/portal-configuration.xml</filename>.
</para>
<programlisting language="XML" role="XML"><xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="../../extras/PortalDevelopment_DefaultPortalNavigationConfiguration/default144.xml"
parse="text"/></programlisting>
<para>
@@ -171,7 +171,7 @@
<term>pages.xml</term>
<listitem>
<para>
- This configuration file structure is very similar to
<filename>portal.xml</filename> and it can also contain container tags (some
usage examples of container tags can be found in
<filename>portal.war/WEB-INF/conf/portal/portal/sharedlayout.xml</filename>).
+ This configuration file structure is very similar to
<filename>portal.xml</filename> and it can also contain container tags (some
usage examples of container tags can be found in
<filename>JPP_HOME/gatein/gatein.ear/portal.war/WEB-INF/conf/portal/portal/sharedlayout.xml</filename>).
</para>
<para>
Each application can decide whether to render the portlet border,
the window state, the icons, or the portlet mode.
@@ -189,7 +189,7 @@
The group navigation menu is configured by two XML files
(<filename>navigation.xml</filename> and
<filename>pages.xml</filename>). The syntax used in these files is the same as
those covered in <xref
linkend="sect-Reference_Guide-Portal_Navigation_Configuration-Portal_Navigation"/>.
</para>
<para>
- They are located in
<filename>portal.war/WEB-INF/conf/portal/group<replaceable>/group-name-path/</replaceable></filename>
directory (For example;
<filename>portal.war/WEB-INF/conf/portal/group/platform/administrators/</filename>).
+ They are located in
<filename>JPP_HOME/gatein/gatein.ear/portal.war/WEB-INF/conf/portal/group<replaceable>/group-name-path/</replaceable></filename>
directory (For example;
<filename>portal.war/WEB-INF/conf/portal/group/platform/administrators/</filename>).
</para>
</section>
<section
id="sect-Reference_Guide-Portal_Navigation_Configuration-User_Navigation">
Modified:
epp/docs/branches/6.0/Reference_Guide/en-US/modules/PortalDevelopment/InternationalizationConfiguration.xml
===================================================================
---
epp/docs/branches/6.0/Reference_Guide/en-US/modules/PortalDevelopment/InternationalizationConfiguration.xml 2013-02-27
02:09:48 UTC (rev 9185)
+++
epp/docs/branches/6.0/Reference_Guide/en-US/modules/PortalDevelopment/InternationalizationConfiguration.xml 2013-02-27
05:01:13 UTC (rev 9186)
@@ -59,7 +59,7 @@
Various languages are available in the portal package. The configuration
below will define which languages are shown in the "<emphasis
role="bold">Change Language</emphasis>" section and made
available to users.
</para>
<para>
- The
<filename>portal.war:/WEB-INF/conf/common/common-configuration.xml</filename>
file of your installation contains the following section:
+ The
<filename>JPP_HOME/gatein/gatein.ear/portal.war/WEB-INF/conf/common/common-configuration.xml</filename>
file of your installation contains the following section:
</para>
<programlisting language="XML" role="XML"><xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="../../extras/PortalDevelopment_InternationalizationConfiguration/default149.xml"
parse="text"/></programlisting>
<para>
@@ -92,7 +92,7 @@
<title>ResourceBundleService</title>
<remark>Source:
https://docs.jboss.org/author/display/GTNPORTAL35/Internationalization+Co...
<para>
- The resource bundle service is configured in:
<filename>portal.war:/WEB-INF/conf/common/common-configuration.xml</filename>:
+ The resource bundle service is configured in:
<filename>JPP_HOME/gatein/gatein.ear/portal.war/WEB-INF/conf/common/common-configuration.xml</filename>:
</para>
<example id="exam-common_config_xml_file_explained">
<title>The common-configuration.xml file explained</title>
@@ -115,7 +115,7 @@
<para><xref linkend="exam-common_config_xml_file_explained"/>
shows bundle definitions for the navigation of the classic portal and of four different
groups. Each of these resource bundles occupies a different sphere, they are independent
of each other and they are not included in the
<parameter>portal.resource.names</parameter> parameter.
</para>
<para>
- The properties for a group must be in the
<filename>WEB-INF/classes/locale/navigation/group/</filename> folder. For
example,
<literal>/WEB-INF/classes/locale/navigation/group/organization/management/executive-board_en.properties</literal>.
+ The properties for a group must be in the
<filename>JPP_HOME/gatein/gatein.ear/portal.war/WEB-INF/classes/locale/navigation/group/</filename>
folder. For example,
<literal>JPP_HOME/gatein/gatein.ear/portal.war/WEB-INF/classes/locale/navigation/group/organization/management/executive-board_en.properties</literal>.
</para>
<para>
The folder and file names must correspond to the group hierarchy. The group
name "<parameter>executive-board</parameter>" is followed by
the ISO 639 code.
@@ -144,7 +144,7 @@
<title>Add Spanish Translation to the GadgetPortlet</title>
<step>
<para>
- Create the file
<literal>GadgetPortlet_es.properties</literal> in
<filename>WEB-INF/classes/locale/portlet/gadget/GadgetPortlet</filename>.
+ Create the file
<literal>GadgetPortlet_es.properties</literal> in
<filename>JPP_HOME/gatein/gatein.ear/portal.war/WEB-INF/classes/locale/portlet/gadget/GadgetPortlet</filename>.
</para>
</step>
<step>
@@ -226,7 +226,7 @@
<title>Overriding Default JDK API Language Values</title>
<step>
<para>Edit the
-
<code>gatein.ear/portal.war/WEB-INF/classes/locale/portal/webui_<replaceable>xx_yy</replaceable>.properties</code>
+
<code>JPP_HOME/gatein/gatein.ear/portal.war/WEB-INF/classes/locale/portal/webui_<replaceable>xx_yy</replaceable>.properties</code>
file where
<replaceable role="italics">xx_yy</replaceable>
represents the country code of the language you wish to translate.
</para>
@@ -239,7 +239,7 @@
</step>
<step>
<para>Edit
-
<code>gatein.ear/portal.war/WEB-INF/classes/locale/portal/webui_fr.properties</code>
+
<code>JPP_HOME/gatein/gatein.ear/portal.war/WEB-INF/classes/locale/portal/webui_fr.properties</code>
where
<emphasis role="italics">fr</emphasis>
is the country code for French, and add the following key into it:
Modified:
epp/docs/branches/6.0/Reference_Guide/en-US/modules/PortalDevelopment/LocalizationConfiguration.xml
===================================================================
---
epp/docs/branches/6.0/Reference_Guide/en-US/modules/PortalDevelopment/LocalizationConfiguration.xml 2013-02-27
02:09:48 UTC (rev 9185)
+++
epp/docs/branches/6.0/Reference_Guide/en-US/modules/PortalDevelopment/LocalizationConfiguration.xml 2013-02-27
05:01:13 UTC (rev 9186)
@@ -252,7 +252,7 @@
That way even localization of servlets, and .jsps accessed in a non-bridged manner
can stay in sync with portlet localization.
</para>
<para>
- <literal>LocalizationFilter</literal> is installed through the
portal's web.xml file:
<filename><replaceable>JPP_DIST</replaceable>/gatein/gatein.ear/portal.war/WEB-INF/web.xml</filename>.
+ <literal>LocalizationFilter</literal> is installed through the
portal's web.xml file:
<filename><replaceable>JPP_HOME</replaceable>/gatein/gatein.ear/portal.war/WEB-INF/web.xml</filename>.
</para>
<programlisting language="XML"
role="XML"><filter>
<filter-name>LocalizationFilter</filter-name>
Modified:
epp/docs/branches/6.0/Reference_Guide/en-US/modules/PortalDevelopment/Skinning.xml
===================================================================
---
epp/docs/branches/6.0/Reference_Guide/en-US/modules/PortalDevelopment/Skinning.xml 2013-02-27
02:09:48 UTC (rev 9185)
+++
epp/docs/branches/6.0/Reference_Guide/en-US/modules/PortalDevelopment/Skinning.xml 2013-02-27
05:01:13 UTC (rev 9186)
@@ -248,9 +248,6 @@
<imageobject role="html">
<imagedata width="444" align="center"
scale="100"
fileref="images/PortalDevelopment/Skinning/portal-change-skin.png"
format="PNG"/>
</imageobject>
- <imageobject role="fo">
- <imagedata width="444" contentwidth="150mm"
align="center"
fileref="images/PortalDevelopment/Skinning/portal-change-skin.png"
format="PNG"/>
- </imageobject>
</mediaobject>
</figure>
<para>