JBoss Portal SVN: r7229 - in docs/trunk/referenceGuide: en and 1 other directories. - portal-commits

Wednesday, 9 May 2007

Author: sohil.shah(a)jboss.com
Date: 2007-05-09 13:00:11 -0400 (Wed, 09 May 2007)
New Revision: 7229

Added:
   docs/trunk/referenceGuide/en/modules/workflow.xml
Modified:
   docs/trunk/referenceGuide/
   docs/trunk/referenceGuide/en/master.xml
   docs/trunk/referenceGuide/en/modules/cmsPortlet.xml
   docs/trunk/referenceGuide/en/modules/security.xml
Log:
cms security/workflow documentation


Property changes on: docs/trunk/referenceGuide
___________________________________________________________________
Name: svn:ignore
   + build


Modified: docs/trunk/referenceGuide/en/master.xml
===================================================================

--- docs/trunk/referenceGuide/en/master.xml	2007-05-09 16:47:57 UTC (rev 7228)
+++ docs/trunk/referenceGuide/en/master.xml	2007-05-09 17:00:11 UTC (rev 7229)
@@ -13,6 +13,7 @@
       <!ENTITY xmldescriptors SYSTEM "modules/xmldescriptors.xml">
       <!ENTITY urls SYSTEM "modules/urls.xml">
       <!ENTITY CMS SYSTEM "modules/cmsPortlet.xml">
+      <!ENTITY workflow SYSTEM "modules/workflow.xml">
       <!ENTITY navtabs SYSTEM "modules/navtabs.xml">
       <!ENTITY themeandlayouts SYSTEM "modules/themeandlayouts.xml">
       <!ENTITY ajax SYSTEM "modules/ajax.xml">
@@ -76,6 +77,7 @@
    <!-- LDAP --> &ldap;
    <!-- SSO --> &sso;
    <!-- CMS --> &CMS;
+   <!-- Workflow --> &workflow;
    <!-- NavTabs --> &navtabs;
    <!-- theme/layout api --> &themeandlayouts;
    <!-- ajax --> &ajax;

Modified: docs/trunk/referenceGuide/en/modules/cmsPortlet.xml
===================================================================
--- docs/trunk/referenceGuide/en/modules/cmsPortlet.xml	2007-05-09 16:47:57 UTC (rev
7228)
+++ docs/trunk/referenceGuide/en/modules/cmsPortlet.xml	2007-05-09 17:00:11 UTC (rev
7229)
@@ -336,14 +336,8 @@
             or the command will never be executed.
          </para>
          <para>
-            JBoss Portal provides two CMS interceptors out of the box, a very basic Log
interceptor
-            (
-           
<literal>org.jboss.portal.cms.impl.interceptors.LogInterceptor</literal>
-            ) that prints all the commands called.
-            And a cache interceptor to enable distributed caching or content (
-           
<literal>org.jboss.portal.cms.impl.interceptors.CacheInterceptor</literal>
-            ).
-            For more information about the cache interceptor, see below.
+            JBoss Portal relies on the interceptor mechanism to integrate its Fine
Grained Security Service and
+            the Publish/Approve Workflow Service
          </para>
          <para>
             To add or remove an interceptor, you just need to edit the following file:
@@ -352,32 +346,81 @@
             to the cms interceptor stack. For example, if you have the 2 default
interceptors, you should have the following
             lines in the jboss-service.xml file:
             <programlisting><![CDATA[
-<mbean
-   code="org.jboss.portal.cms.impl.interceptors.LogInterceptor"
-   name="portal:service=Interceptor,type=Cms,name=Log"
-   xmbean-dd=""
-   xmbean-code="org.jboss.portal.common.system.JBossServiceModelMBean">
-   <xmbean/>
-</mbean>
-<mbean
-   code="org.jboss.portal.cms.impl.interceptors.CacheInterceptor"
-   name="portal:service=Interceptor,type=Cms,name=Cache"
-   xmbean-dd=""
-   xmbean-code="org.jboss.portal.common.system.JBossServiceModelMBean">
-   <xmbean/>
-   <depends>portal:service=CMSTreeCache</depends>
-</mbean>
-<mbean
-   code="org.jboss.portal.server.impl.invocation.JBossInterceptorStack"
-   name="portal:service=InterceptorStack,type=Cms"
-   xmbean-dd=""
-   xmbean-code="org.jboss.portal.common.system.JBossServiceModelMBean">
-   <xmbean/>
-   <depends-list optional-attribute-name="InterceptorNames">
-     
<depends-list-element>portal:service=Interceptor,type=Cms,name=Log</depends-list-element>
-     
<depends-list-element>portal:service=Interceptor,type=Cms,name=Cache</depends-list-element>
-   </depends-list>
-</mbean>]]>
+		   <!-- ACL Security Interceptor -->
+		   <mbean
+		      code="org.jboss.portal.cms.impl.interceptors.ACLInterceptor"
+		      name="portal:service=Interceptor,type=Cms,name=ACL"
+		      xmbean-dd=""
+		     
xmbean-code="org.jboss.portal.jems.as.system.JBossServiceModelMBean">
+		      <xmbean/>
+		      <attribute
name="JNDIName">java:/portal/cms/ACLInterceptor</attribute>
+		      <attribute
name="CmsSessionFactory">java:/portal/cms/CMSSessionFactory</attribute>
+		      <attribute
name="IdentitySessionFactory">java:/portal/IdentitySessionFactory</attribute>
+		      <attribute name="DefaultPolicy">
+		      	<policy>
+		      			<!-- permissions on the root cms node -->      			
+		      			<criteria name="path" value="/">
+		      				<permission name="cms" action="read">
+		      					<role name="Anonymous"/>
+		      				</permission>
+		      				<permission name="cms" action="write">
+		      					<role name="User"/>
+		      				</permission>
+		      				<permission name="cms" action="manage">
+		      					<role name="Admin"/>
+		      				</permission>
+		      			</criteria>
+		      			<!-- permissions on the default cms node -->      			
+		      			<criteria name="path" value="/default">
+		      				<permission name="cms" action="read">
+		      					<role name="Anonymous"/>
+		      				</permission>
+		      				<permission name="cms" action="write">
+		      					<role name="User"/>
+		      				</permission>
+		      				<permission name="cms" action="manage">
+		      					<role name="Admin"/>
+		      				</permission>
+		      			</criteria>      			
+		      			<!-- permissions on the private/protected node -->
+		      			<criteria name="path" value="/default/private">
+		      				<permission name="cms" action="manage">
+		      					<role name="Admin"/>
+		      				</permission>
+		      			</criteria>
+		      	</policy>
+		      </attribute>
+		      <depends optional-attribute-name="AuthorizationManager"
proxy-type="attribute">
+		      	portal:service=AuthorizationManager,type=cms
+		      </depends>            
+		      <depends>portal:service=Hibernate,type=CMS</depends>
+		     
<depends>portal:service=Module,type=IdentityServiceController</depends>      
+		   </mbean>
+		   
+		   <!-- Approval Workflow Interceptor -->
+		   <mbean
+		     
code="org.jboss.portal.cms.impl.interceptors.ApprovalWorkflowInterceptor"
+		      name="portal:service=Interceptor,type=Cms,name=ApprovalWorkflow"
+		      xmbean-dd=""
+		     
xmbean-code="org.jboss.portal.jems.as.system.JBossServiceModelMBean">
+		      <xmbean/>    
+		      <attribute
name="JNDIName">java:/portal/cms/ApprovalWorkflowInterceptor</attribute>
             
+		      <depends>portal:service=Hibernate,type=CMS</depends>      
+		   </mbean>
+		   
+		   <!-- CMS Interceptor Registration -->
+		   <mbean
+		     
code="org.jboss.portal.server.impl.invocation.JBossInterceptorStackFactory"
+		      name="portal:service=InterceptorStackFactory,type=Cms"
+		      xmbean-dd=""
+		     
xmbean-code="org.jboss.portal.jems.as.system.JBossServiceModelMBean">
+		      <xmbean/>
+		      <depends-list optional-attribute-name="InterceptorNames">
+		        
<depends-list-element>portal:service=Interceptor,type=Cms,name=ACL</depends-list-element>
+		        
<depends-list-element>portal:service=Interceptor,type=Cms,name=ApprovalWorkflow</depends-list-element>
+		      </depends-list>
+		   </mbean>
+   ]]>
             </programlisting>
             The first two mbeans define the interceptors and the third mbean, define
which interceptors to add to
             the CMS service.
@@ -385,46 +428,105 @@
          <para>
             If you create your own interceptor
<literal>org.example.myCMSInterceptor</literal>, the service descriptor file
will look like:
             <programlisting><![CDATA[
-<mbean
-   code="org.example.myCMSInterceptor"
-   name="portal:service=Interceptor,type=Cms,name=MyName"
-   xmbean-dd=""
-   xmbean-code="org.jboss.portal.common.system.JBossServiceModelMBean">
-   <xmbean/>
-</mbean>
-<mbean
-   code="org.jboss.portal.cms.impl.interceptors.LogInterceptor"
-   name="portal:service=Interceptor,type=Cms,name=Log"
-   xmbean-dd=""
-   xmbean-code="org.jboss.portal.common.system.JBossServiceModelMBean">
-   <xmbean/>
-</mbean>
-<mbean
-   code="org.jboss.portal.cms.impl.interceptors.CacheInterceptor"
-   name="portal:service=Interceptor,type=Cms,name=Cache"
-   xmbean-dd=""
-   xmbean-code="org.jboss.portal.common.system.JBossServiceModelMBean">
-   <xmbean/>
-   <depends>portal:service=CMSTreeCache</depends>
-</mbean>
-<mbean
-   code="org.jboss.portal.server.impl.invocation.JBossInterceptorStack"
-   name="portal:service=InterceptorStack,type=Cms"
-   xmbean-dd=""
-   xmbean-code="org.jboss.portal.common.system.JBossServiceModelMBean">
-   <xmbean/>
-   <depends-list optional-attribute-name="InterceptorNames">
-     
<depends-list-element>portal:service=Interceptor,type=Cms,name=Log</depends-list-element>
-     
<depends-list-element>portal:service=Interceptor,type=Cms,name=Cache</depends-list-element>
-     
<depends-list-element>portal:service=Interceptor,type=Cms,name=MyName</depends-list-element>
-   </depends-list>
-</mbean>]]></programlisting>
+			<mbean
+			   code="org.example.myCMSInterceptor"
+			   name="portal:service=Interceptor,type=Cms,name=MyName"
+			   xmbean-dd=""
+			   xmbean-code="org.jboss.portal.common.system.JBossServiceModelMBean">
+			   <xmbean/>
+			</mbean>
+			
+			<!-- ACL Security Interceptor -->
+			   <mbean
+			      code="org.jboss.portal.cms.impl.interceptors.ACLInterceptor"
+			      name="portal:service=Interceptor,type=Cms,name=ACL"
+			      xmbean-dd=""
+			     
xmbean-code="org.jboss.portal.jems.as.system.JBossServiceModelMBean">
+			      <xmbean/>
+			      <attribute
name="JNDIName">java:/portal/cms/ACLInterceptor</attribute>
+			      <attribute
name="CmsSessionFactory">java:/portal/cms/CMSSessionFactory</attribute>
+			      <attribute
name="IdentitySessionFactory">java:/portal/IdentitySessionFactory</attribute>
+			      <attribute name="DefaultPolicy">
+			      	<policy>
+			      			<!-- permissions on the root cms node -->      			
+			      			<criteria name="path" value="/">
+			      				<permission name="cms" action="read">
+			      					<role name="Anonymous"/>
+			      				</permission>
+			      				<permission name="cms" action="write">
+			      					<role name="User"/>
+			      				</permission>
+			      				<permission name="cms" action="manage">
+			      					<role name="Admin"/>
+			      				</permission>
+			      			</criteria>
+			      			<!-- permissions on the default cms node -->      			
+			      			<criteria name="path" value="/default">
+			      				<permission name="cms" action="read">
+			      					<role name="Anonymous"/>
+			      				</permission>
+			      				<permission name="cms" action="write">
+			      					<role name="User"/>
+			      				</permission>
+			      				<permission name="cms" action="manage">
+			      					<role name="Admin"/>
+			      				</permission>
+			      			</criteria>      			
+			      			<!-- permissions on the private/protected node -->
+			      			<criteria name="path" value="/default/private">
+			      				<permission name="cms" action="manage">
+			      					<role name="Admin"/>
+			      				</permission>
+			      			</criteria>
+			      	</policy>
+			      </attribute>
+			      <depends optional-attribute-name="AuthorizationManager"
proxy-type="attribute">
+			      	portal:service=AuthorizationManager,type=cms
+			      </depends>            
+			      <depends>portal:service=Hibernate,type=CMS</depends>
+			     
<depends>portal:service=Module,type=IdentityServiceController</depends>      
+			   </mbean>
+			   
+			   <!-- Approval Workflow Interceptor -->
+			   <mbean
+			     
code="org.jboss.portal.cms.impl.interceptors.ApprovalWorkflowInterceptor"
+			      name="portal:service=Interceptor,type=Cms,name=ApprovalWorkflow"
+			      xmbean-dd=""
+			     
xmbean-code="org.jboss.portal.jems.as.system.JBossServiceModelMBean">
+			      <xmbean/>    
+			      <attribute
name="JNDIName">java:/portal/cms/ApprovalWorkflowInterceptor</attribute>
             
+			      <depends>portal:service=Hibernate,type=CMS</depends>      
+			   </mbean>
+			   <mbean
+			     
code="org.jboss.portal.server.impl.invocation.JBossInterceptorStackFactory"
+			      name="portal:service=InterceptorStackFactory,type=Cms"
+			      xmbean-dd=""
+			     
xmbean-code="org.jboss.portal.jems.as.system.JBossServiceModelMBean">
+			      <xmbean/>
+			      <depends-list optional-attribute-name="InterceptorNames">
+			        
<depends-list-element>portal:service=Interceptor,type=Cms,name=ACL</depends-list-element>
+			        
<depends-list-element>portal:service=Interceptor,type=Cms,name=ApprovalWorkflow</depends-list-element>
+			      </depends-list>
+			   </mbean>
+			   
+			   <!-- CMS Interceptor Registration -->
+				<mbean
+				   code="org.jboss.portal.server.impl.invocation.JBossInterceptorStack"
+				   name="portal:service=InterceptorStack,type=Cms"
+				   xmbean-dd=""
+				   xmbean-code="org.jboss.portal.common.system.JBossServiceModelMBean">
+				   <xmbean/>
+				   <depends-list optional-attribute-name="InterceptorNames">
+				     
<depends-list-element>portal:service=Interceptor,type=Cms,name=ACL</depends-list-element>
+				     
<depends-list-element>portal:service=Interceptor,type=Cms,name=ApprovalWorkflow</depends-list-element>
+				     
<depends-list-element>portal:service=Interceptor,type=Cms,name=MyName</depends-list-element>
+				   </depends-list>
+				</mbean>
+]]></programlisting>
          </para>
          <note>
             <para>
-               The interceptor order is important ! For example the cache interceptor may
stop the call, so if you place
-               the
-               log interceptor after the call you wouldn't see all the commands that
have been executed by the portlets.
+               The interceptor order is important !
             </para>
          </note>
          <para>
@@ -432,41 +534,6 @@
            
<literal>http://localhost.localdomain:8080/jmx-console/HtmlAdaptor?action=inspectMBean&amp;name=portal%3Aservice%3DInterceptorStack%2Ctype%3DCms</literal>
             You should notice all the interceptors in the attribute
"interceptors".
          </para>
-      </section>
-      <section>
-         <title>CMS Cache</title>
-         <para>
-            The CMS cache is implemented as an interceptor, it makes it easy to be added
or removed as you saw above.
-            The CMS cache is available by default only if you precised
-            <literal>portal.clustered = true</literal>
-            in local.properties then cleaned, built and deployed the corresponding
portal.
-         </para>
-         <!--section>
-            <title>Activate caching in the "default"
configuration</title>
-            <para>
-               To activate the caching in the default configuration you will need to have
the <literal>jboss-cache.jar</literal> library
-               that you can either download from www.jboss.org or get from the sources of
jboss-portal. Place jboss-cache.jar in the
-               server/default/lib directory or JBoss application server then add in
portal-cms-sar/META-INF/jboss-service.xml the following section:
-               <programlisting>
-                  <![CDATA[
-                     <mbean
-      code="org.jboss.portal.cms.impl.cache.CMSTreeCacheServiceImpl"
-      name="portal:service=CMSTreeCache"
-      xmbean-dd=""
-      xmbean-code="org.jboss.portal.common.system.JBossServiceModelMBean">
-      <xmbean/>
-      <depends>jboss:service=Naming</depends>
-      <depends>jboss:service=TransactionManager</depends>
-      <attribute name="CacheMode">LOCAL</attribute>
-      <attribute
name="JNDIName">java:/portal/cms/CMSTreeCache</attribute>
-   </mbean>
-                   ]]>
-               </programlisting>
-               then remember to add the Cache interceptor as explained before.
-               If it succeded you should see in server.log the following line:
-               <literal>added interceptor type:
org.jboss.portal.cms.impl.interceptors.CacheInterceptor</literal>
-            </para>
-         </section-->
-      </section>
+      </section>      
    </section>
 </chapter>

Modified: docs/trunk/referenceGuide/en/modules/security.xml
===================================================================
--- docs/trunk/referenceGuide/en/modules/security.xml	2007-05-09 16:47:57 UTC (rev 7228)
+++ docs/trunk/referenceGuide/en/modules/security.xml	2007-05-09 17:00:11 UTC (rev 7229)
@@ -121,6 +121,144 @@
          <xref linkend="desc_example_portal"/>
       </para>
    </sect1>
+   
+   <sect1 id="security.security_cms">
+      <title>Securing the Content Management System</title>
+      <para>
+      The JBoss Portal CMS system consists of a directory structure of Files organized
unto their respective Folders. Both Files and Folders are
+      considered to be CMS resources that can be secured based on portal Roles and/or
Users. 
+      </para>
+      <para>
+      	The following features are supported by the fine grained security system of Portal
CMS:
+      	<itemizedlist>
+               <listitem>
+                  You can associate "Read", "Write", and
"Manage" Permissions at the CMS node level. (Both Files and Folders are treated
as CMS nodes)
+               </listitem>
+               <listitem>
+                  The Permissions are propagated recursively down a folder hierarchy
+               </listitem>
+               <listitem>
+                  Any Permissions specified explicitly on the CMS Node overrides the
policy inherited via recursive propagation
+               </listitem>
+               <listitem>
+                  You can manage the Permissions using the CMS Admin GUI tool via the
newly added "Secure Node" feature
+               </listitem>
+         </itemizedlist>
+      </para>
+      <para>
+      	<emphasis role="bold">Portal CMS Permission
Matrix:</emphasis>
+      	<table class="wikitable" border="1">
+			<tr><th>Permission</th><th>Allowed
Actions</th><th>Implies</th></tr>
+			<tr>
+				<td>Read</td>
+				<td><itemizedlist><listitem>Ability to read the contents of a
Folder</listitem><listitem>Ability to read a File and its
versions</listitem></itemizedlist></td>
+				<td> N/A</td>
+			</tr>
+			<tr>
+				<td>Write</td>
+				<td><itemizedlist><listitem>Ability to Create a New
Folder</listitem><listitem>Ability to Update an existing
Folder</listitem><listitem>Ability to Create a new
File</listitem><listitem>Ability to Update an existing
File</listitem></itemizedlist></td>
+				<td>Read Access</td>
+			</tr>
+			<tr>
+				<td>Manage</td>
+				<td><itemizedlist><listitem>Ability to Delete/Copy/Move/Rename
Files/Folders</listitem></itemizedlist></td>
+				<td>Write and Read Access</td>
+			</tr>
+		</table>
+      </para>
+      <sect2 id="security.security_cms_configuration">
+      	<title>CMS Security Configuration</title>
+      	<para>
+      		The configuration for the CMS Security service is specified in the
jboss-portal.sar/portal-cms.sar/META-INF/jboss-service.xml file. The portion of
+      		the configuration relevant for securing the CMS service is listed as follows:
+      		<programlisting><![CDATA[<!--  interceptor factory where all cms
interceptors are registered -->
+				   <mbean
+				     
code="org.jboss.portal.server.impl.invocation.JBossInterceptorStackFactory"
+				      name="portal:service=InterceptorStackFactory,type=Cms"
+				      xmbean-dd=""
+				     
xmbean-code="org.jboss.portal.jems.as.system.JBossServiceModelMBean">
+				      <xmbean/>
+				      <depends-list optional-attribute-name="InterceptorNames">
+				        
<depends-list-element>portal:service=Interceptor,type=Cms,name=ACL</depends-list-element>
+				        
<depends-list-element>portal:service=Interceptor,type=Cms,name=ApprovalWorkflow</depends-list-element>
+				      </depends-list>
+				   </mbean> 
+				    
+				   <!-- CMS Authorization Security Service -->
+				   <mbean
+				      code="org.jboss.portal.cms.security.AuthorizationManagerImpl"
+				      name="portal:service=AuthorizationManager,type=cms"
+				      xmbean-dd=""
+				     
xmbean-code="org.jboss.portal.jems.as.system.JBossServiceModelMBean">
+				      <xmbean/>
+				      <attribute
name="JNDIName">java:portal/cms/AuthorizationManager</attribute>  
+				      <depends optional-attribute-name="Provider"
proxy-type="attribute">
+				      	portal:service=AuthorizationProvider,type=cms
+				      </depends>         
+				   </mbean>   
+				   <mbean
+				      code="org.jboss.portal.cms.security.AuthorizationProviderImpl"
+				      name="portal:service=AuthorizationProvider,type=cms"
+				      xmbean-dd=""
+				     
xmbean-code="org.jboss.portal.jems.as.system.JBossServiceModelMBean">
+				      <xmbean/> 
+				      <depends optional-attribute-name="IdentityServiceController"
proxy-type="attribute">portal:service=Module,type=IdentityServiceController</depends>
    
+				   </mbean>
+				   
+				   <!-- ACL Security Interceptor -->
+				   <mbean
+				      code="org.jboss.portal.cms.impl.interceptors.ACLInterceptor"
+				      name="portal:service=Interceptor,type=Cms,name=ACL"
+				      xmbean-dd=""
+				     
xmbean-code="org.jboss.portal.jems.as.system.JBossServiceModelMBean">
+				      <xmbean/>
+				      <attribute
name="JNDIName">java:/portal/cms/ACLInterceptor</attribute>
+				      <attribute
name="CmsSessionFactory">java:/portal/cms/CMSSessionFactory</attribute>
+				      <attribute
name="IdentitySessionFactory">java:/portal/IdentitySessionFactory</attribute>
+				      <attribute name="DefaultPolicy">
+				      	<policy>
+				      			<!-- permissions on the root cms node -->      			
+				      			<criteria name="path" value="/">
+				      				<permission name="cms" action="read">
+				      					<role name="Anonymous"/>
+				      				</permission>
+				      				<permission name="cms" action="write">
+				      					<role name="User"/>
+				      				</permission>
+				      				<permission name="cms" action="manage">
+				      					<role name="Admin"/>
+				      				</permission>
+				      			</criteria>
+				      			<!-- permissions on the default cms node -->      			
+				      			<criteria name="path" value="/default">
+				      				<permission name="cms" action="read">
+				      					<role name="Anonymous"/>
+				      				</permission>
+				      				<permission name="cms" action="write">
+				      					<role name="User"/>
+				      				</permission>
+				      				<permission name="cms" action="manage">
+				      					<role name="Admin"/>
+				      				</permission>
+				      			</criteria>      			
+				      			<!-- permissions on the private/protected node -->
+				      			<criteria name="path" value="/default/private">
+				      				<permission name="cms" action="manage">
+				      					<role name="Admin"/>
+				      				</permission>
+				      			</criteria>
+				      	</policy>
+				      </attribute>
+				      <depends optional-attribute-name="AuthorizationManager"
proxy-type="attribute">
+				      	portal:service=AuthorizationManager,type=cms
+				      </depends>            
+				      <depends>portal:service=Hibernate,type=CMS</depends>
+				     
<depends>portal:service=Module,type=IdentityServiceController</depends>      
+				   </mbean>]]>
+      		</programlisting>
+      	</para>
+      </sect2>
+   </sect1>
 
    <sect1 id="security.security_authentication">
       <title>Authentication with JBoss Portal</title>

Added: docs/trunk/referenceGuide/en/modules/workflow.xml
===================================================================
--- docs/trunk/referenceGuide/en/modules/workflow.xml	                        (rev 0)
+++ docs/trunk/referenceGuide/en/modules/workflow.xml	2007-05-09 17:00:11 UTC (rev 7229)
@@ -0,0 +1,175 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<chapter id="workflow">
+   <chapterinfo>
+      <author>
+         <firstname>Sohil</firstname>
+         <surname>Shah</surname>
+         <email>sshah @ redhat dot com</email>
+      </author>      
+   </chapterinfo>
+   <title>Portal Workflow</title>
+   <para>
+   		JBoss Portal packages a Workflow Service based on JBPM. This service provides you
with the JBPM services that your portal can use
+   		to build out the end-user/application workflows that should meet your portal's
requirements. 
+   </para>   
+   <section>
+      <title>JBPM Workflow Engine Integration</title>
+      <para>
+      	The JBPM Workflow service is packaged as an mbean and takes care of all the
low-level JBPM related functions. The configuration is found in
+      	jboss-portal.sar/portal-cms.sar/portal-workflow.sar/META-INF/jboss-service.xml.
The mbean service configuration is as follows:
+      	<programlisting>
+      	<![CDATA[
+      		<!-- Hibernate service -->   
+			<mbean
+		      code="org.jboss.portal.jems.hibernate.SessionFactoryBinder"
+		      name="portal:service=Hibernate,type=Workflow"
+		      xmbean-dd=""
+		     
xmbean-code="org.jboss.portal.jems.as.system.JBossServiceModelMBean">
+		      <xmbean/>
+		     
<depends>jboss.jca:service=DataSourceBinding,name=@portal.datasource.name@</depends>
+		      <attribute name="DoChecking">true</attribute>
+		      <attribute
name="ConfigLocation">conf/hibernate/workflow/hibernate.cfg.xml</attribute>
+		      <attribute
name="JNDIName">java:/portal/workflow/WorkFlowSessionFactory</attribute>
+		   </mbean>
+		   
+		    <!-- Workflow service -->   
+			<mbean
+		      code="org.jboss.portal.workflow.service.WorkflowServiceImpl"
+		      name="portal:service=Workflow,type=WorkflowService"
+		      xmbean-dd=""
+		     
xmbean-code="org.jboss.portal.jems.as.system.JBossServiceModelMBean">
+		      <xmbean/>
+		      <depends>portal:service=Hibernate,type=Workflow</depends>  
+		      <attribute name="JbpmConfigurationXml">
+		      	 <jbpm-configuration>	      	      
+			      	<jbpm-context>
+			      		<service name="persistence"
factory="org.jbpm.persistence.db.DbPersistenceServiceFactory"/> 
+			        </jbpm-context>	      	      	      
+			        <string name="resource.hibernate.cfg.xml"
value="conf/hibernate/workflow/hibernate.cfg.xml"/>
+			        <string name="resource.business.calendar"
value="org/jbpm/calendar/jbpm.business.calendar.properties"/>
+			        <string name="resource.default.modules"
value="org/jbpm/graph/def/jbpm.default.modules.properties"/>
+			        <string name="resource.converter"
value="org/jbpm/db/hibernate/jbpm.converter.properties"/>
+			        <string name="resource.action.types"
value="org/jbpm/graph/action/action.types.xml"/>
+			        <string name="resource.node.types"
value="org/jbpm/graph/node/node.types.xml"/>
+			        <string name="resource.varmapping"
value="org/jbpm/context/exe/jbpm.varmapping.xml"/>
+			     </jbpm-configuration>
+		      </attribute>                
+		   </mbean>
+      	]]>
+      	</programlisting>
+      </para>
+   </section>
+   <section>
+   		<title>CMS Publish/Approve Workflow Service</title>
+   		<para>
+   		The CMS Publish/Approval Workflow feature can be optionally turned on so that, every
file that is created or updated needs to go through an <emphasis
role="bold">Approval process</emphasis> 
+   		before it can be published to go Live. The current implementation, creates a pending
queue for managers. The managers can then either approve or reject the publishing of the
document in question.   		
+   		</para>
+   		<sect1>
+   			<title>How activate this feature?</title>
+   			<para>
+   				In the following file, jboss-portal.sar/portal-cms.sar/META-INF/jboss-service.xml,
activate this feature on the org.jboss.portal.cms.impl.jcr.JCRCMS MBean
+   				<programlisting>
+   				<![CDATA[
+   				<mbean
+			      code="org.jboss.portal.cms.impl.jcr.JCRCMS"
+			      name="portal:service=CMS"
+			      xmbean-dd=""
+			     
xmbean-code="org.jboss.portal.jems.as.system.JBossServiceModelMBean">
+			      <xmbean/>
+			      <!-- The datasource hibernate depends on, it can be commented when the file
store is used -->
+			     
<depends>jboss.jca:service=DataSourceBinding,name=PortalDS</depends>
+			      <depends>portal:service=JAASLoginModule</depends>
+			      <depends>portal:service=Hibernate,type=CMS</depends>
+			     
<depends>portal:service=Module,type=IdentityServiceController</depends>
+			      <!--depends optional-attribute-name="UserModule"
proxy-type="attribute">portal:service=Module,type=User</depends-->
+			
+			
+			
+			      <!-- Uncomment this to activate publish/approval workflow integration -->
+			      <depends optional-attribute-name="ApprovePublishWorkflow"
proxy-type="attribute">portal:service=ApprovePublish,type=Workflow</depends>
+			
+			
+			
+			      <depends optional-attribute-name="StackFactory"
proxy-type="attribute">portal:service=InterceptorStackFactory,type=Cms</depends>
           
+			      <attribute name="DoChecking">true</attribute>
+			      <attribute
name="DefaultContentLocation">portal/cms/conf/default-content/default/</attribute>
+			      <attribute name="DefaultLocale">en</attribute>
+			      <attribute
name="RepositoryName">PortalRepository</attribute>
+			      <attribute
name="HomeDir">${jboss.server.data.dir}${/}portal${/}cms${/}conf</attribute>
     
+			      <attribute name="Config">
+   				]]>
+   				</programlisting>
+   			</para>
+   		</sect1>
+   		<sect1>
+   			<title>How to configure this feature?</title>
+   			<para>
+   				The configuration for this workflow service is found in the
jboss-portal.sar/portal-cms.sar/portal-workflow.sar/META-INF/jboss-service.xml
+   				file
+   				<programlisting>
+   				<![CDATA[
+   					<!-- ApprovePublish workflow service -->   
+					<mbean
+				      code="org.jboss.portal.workflow.cms.ApprovePublishImpl"
+				      name="portal:service=ApprovePublish,type=Workflow"
+				      xmbean-dd=""
+				     
xmbean-code="org.jboss.portal.jems.as.system.JBossServiceModelMBean">
+				      <xmbean/>
+				      <depends optional-attribute-name="WorkflowService"
proxy-type="attribute">
+				      	portal:service=Workflow,type=WorkflowService
+				      </depends>
+				      <depends optional-attribute-name="IdentityServiceController"
proxy-type="attribute">
+				      	portal:service=Module,type=IdentityServiceController
+				      </depends>     
+				      <!-- JBPM process definition -->
+				      <attribute name="Process">     	     
+				  	         <!-- cms approval workflow -->
+				  	   		 <process-definition name="approval_workflow">
+						      <start-state>
+						      	<transition to="request_approval"/>			      		
+						        </start-state>
+						        <task-node name="request_approval"
signal="first">
+						          <task name="approve_publish">
+						            <assignment
class="org.jboss.portal.cms.workflow.PublishAssignmentHandler"/>
+						            <event type="task-start">
+						            	<action
class="org.jboss.portal.cms.workflow.FinalizePublish"/>	
+						            </event>
+						            <exception-handler>
+						            	<action
class="org.jboss.portal.workflow.cms.TaskExceptionHandler"/>	
+						            </exception-handler>
+						          </task>		          
+						          <transition name="approval" to="end"/>		       
  		      	  
+					              <transition name="rejection" to="end"/>	    
                  
+						        </task-node>			      
+						        <end-state name="end"/>		          
+						     </process-definition>		      		      			      
+				      </attribute>
+				      <!-- 
+				      		  overwrite = false creates the process first time if does not exist, for
+				      	      subsequent server restarts, this process definition remains in tact
+				      	          
+				  	          overwrite = true creates the process first time if does not exist,
+				  	          for subsequent server restarts, it creates a new version of the process
definition
+				  	          which will be used for processes created from then onwards. Old
processes created
+				  	          for an older version of the definition remain in tact and use their
corresponding
+				  	          process definition.
+				  	          
+				  	          Typically use overwrite=false and overwrite=true only when a new process
definition
+				  	          related to this workflow needs to be deployed
+				      -->
+				      <attribute name="Overwrite">false</attribute>
+				      <!-- 
+				      		a comma separated list of portal roles that are designated
+				      		to act as workflow managers. They are allowed to 
+				      		approve/reject content publish requests       		      		
+				      -->
+				      <attribute name="ManagerRoles">Admin</attribute>
+		      		  <attribute
name="JNDIName">java:portal/ApprovePublishWorkflow</attribute>
+		      		 </mbean>  
+   				]]>
+   				</programlisting>
+   			</para>
+   		</sect1>
+   </section>   
+</chapter>


Property changes on: docs/trunk/referenceGuide/en/modules/workflow.xml
___________________________________________________________________
Name: svn:executable
   + *


    

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

JBoss Portal SVN: r7229 - in docs/trunk/referenceGuide: en and 1 other directories.