Author: bdaw
Date: 2007-04-30 06:45:43 -0400 (Mon, 30 Apr 2007)
New Revision: 7143
Modified:
docs/trunk/referenceGuide/en/modules/authentication.xml
docs/trunk/referenceGuide/en/modules/identity.xml
docs/trunk/referenceGuide/en/modules/ldap.xml
Log:
corrected code listing wrappings in identity docs
Modified: docs/trunk/referenceGuide/en/modules/authentication.xml
===================================================================
--- docs/trunk/referenceGuide/en/modules/authentication.xml 2007-04-30 10:00:03 UTC (rev
7142)
+++ docs/trunk/referenceGuide/en/modules/authentication.xml 2007-04-30 10:45:43 UTC (rev
7143)
@@ -94,7 +94,7 @@
file must be comparably hashed.
</listitem>
<listitem>
- <emphasis role="bold">hashEncoding</emphasis> -
The string format for the hashed pass and must be either "base64" or
"hex". Base64 is the default.
+ <emphasis role="bold">hashEncoding</emphasis> -
The string format for the hashed pass and st be either "base64" or
"hex". Base64 is the default.
</listitem>
<listitem>
<emphasis role="bold">additionalRole</emphasis> -
additional user <emphasis>Principal</emphasis> that will be added to user
<emphasis>Subject</emphasis>.
@@ -105,14 +105,21 @@
Configuration using portal database will look like this:
<programlisting>
<![CDATA[
- <login-module code =
"org.jboss.portal.identity.auth.DBIdentityLoginModule"
flag="sufficient">
- <module-option
name="dsJndiName">java:/PortalDS</module-option>
- <module-option name="principalsQuery">SELECT
jbp_password FROM jbp_users WHERE jbp_uname=?</module-option>
- <module-option name="rolesQuery">SELECT
jbp_roles.jbp_name, 'Roles' FROM jbp_role_membership INNER JOIN jbp_roles ON
jbp_role_membership.jbp_rid = jbp_roles.jbp_rid INNER JOIN jbp_users ON
jbp_role_membership.jbp_uid = jbp_users.jbp_uid WHERE
jbp_users.jbp_uname=?</module-option>
- <module-option
name="hashAlgorithm">MD5</module-option>
- <module-option
name="hashEncoding">HEX</module-option>
- <module-option
name="additionalRole">Authenticated</module-option>
- </login-module>
+<login-module code = "org.jboss.portal.identity.auth.DBIdentityLoginModule"
+ flag="sufficient">
+ <module-option name="dsJndiName">java:/PortalDS</module-option>
+ <module-option name="principalsQuery">
+ SELECT jbp_password FROM jbp_users WHERE jbp_uname=?
+ </module-option
+ <module-option name="rolesQuery">
+ SELECT jbp_roles.jbp_name, 'Roles' FROM jbp_role_membership INNER JOIN
+ jbp_roles ON jbp_role_membership.jbp_rid = jbp_roles.jbp_rid INNER JOIN jbp_users
ON
+ jbp_role_membership.jbp_uid = jbp_users.jbp_uid WHERE jbp_users.jbp_uname=?
+ </module-option>
+ <module-option name="hashAlgorithm">MD5</module-option>
+ <module-option name="hashEncoding">HEX</module-option>
+ <module-option
name="additionalRole">Authenticated</module-option>
+</login-module>
]]>
</programlisting>
</para>
@@ -170,17 +177,22 @@
made around <ulink
url="http://wiki.jboss.org/wiki/Wiki.jsp?page=LdapExtLoginModule&quo...
from JBossSX.
Sample configuration can look like this:</para>
<programlisting><![CDATA[
- <login-module
code="org.jboss.portal.identity.auth.SynchronizingLDAPExtLoginModule"
flag="required">
+ <login-module
code="org.jboss.portal.identity.auth.SynchronizingLDAPExtLoginModule"
+ flag="required">
<module-option name="synchronizeIdentity">true</module-option>
<module-option name="synchronizeRoles">true</module-option>
<module-option
name="additionalRole">Authenticated</module-option>
<module-option name="defaultAssignedRole">User</module-option>
<module-option
name="userModuleJNDIName">java:/portal/UserModule</module-option>
<module-option
name="roleModuleJNDIName">java:/portal/RoleModule</module-option>
- <module-option
name="membershipModuleJNDIName">java:/portal/MembershipModule</module-option>
- <module-option
name="userProfileModuleJNDIName">java:/portal/UserProfileModule</module-option>
- <module-option
name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
- <module-option
name="java.naming.provider.url">ldap://example.com:10389/</module-option>
+ <module-option
name="membershipModuleJNDIName">java:/portal/MembershipModule
+ </module-option>
+ <module-option
name="userProfileModuleJNDIName">java:/portal/UserProfileModule
+ </module-option>
+ <module-option
name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory
+ </module-option>
+ <module-option
name="java.naming.provider.url">ldap://example.com:10389/
+ </module-option>
<module-option
name="java.naming.security.authentication">simple</module-option>
<module-option name="bindDN">cn=Directory
Manager</module-option>
<module-option name="bindCredential">secret</module-option>
Modified: docs/trunk/referenceGuide/en/modules/identity.xml
===================================================================
--- docs/trunk/referenceGuide/en/modules/identity.xml 2007-04-30 10:00:03 UTC (rev 7142)
+++ docs/trunk/referenceGuide/en/modules/identity.xml 2007-04-30 10:45:43 UTC (rev 7143)
@@ -6,7 +6,7 @@
<email>boleslaw dot dawidowicz at redhat dot com</email>
</author>
</chapterinfo>
- <title>JBoss Portal Identity management</title>
+ <title>JBoss Portal Identity Management</title>
<para>This chapter addresses identity management in JBoss Portal
2.6</para>
<sect1 id="management_api">
<title>Identity management API</title>
@@ -80,25 +80,32 @@
</para>
<programlisting><![CDATA[
/**Retrieve a user by its name.*/
-User findUserByUserName(String userName) throws IdentityException,
IllegalArgumentException, NoSuchUserException;
+User findUserByUserName(String userName)
+ throws IdentityException, IllegalArgumentException, NoSuchUserException;
/**Retrieve a user by its id.*/
-User findUserById(Object id) throws IdentityException, IllegalArgumentException,
NoSuchUserException;
+User findUserById(Object id)
+ throws IdentityException, IllegalArgumentException, NoSuchUserException;
/**Retrieve a user by its id.*/
-User findUserById(String id) throws IdentityException, IllegalArgumentException,
NoSuchUserException;
+User findUserById(String id)
+ throws IdentityException, IllegalArgumentException, NoSuchUserException;
/** Creates a new user with the specified name.*/
-User createUser(String userName, String password) throws IdentityException,
IllegalArgumentException;
+User createUser(String userName, String password)
+ throws IdentityException, IllegalArgumentException;
/** Remove a user.*/
-void removeUser(Object id) throws IdentityException, IllegalArgumentException;
+void removeUser(Object id)
+ throws IdentityException, IllegalArgumentException;
/** Get a range of users.*/
-Set findUsers(int offset, int limit) throws IdentityException, IllegalArgumentException;
+Set findUsers(int offset, int limit)
+ throws IdentityException, IllegalArgumentException;
/** Get a range of users.*/
-Set findUsersFilteredByUserName(String filter, int offset, int limit) throws
IdentityException, IllegalArgumentException;
+Set findUsersFilteredByUserName(String filter, int offset, int limit)
+ throws IdentityException, IllegalArgumentException;
/**Returns the number of users.*/
int getUserCount() throws IdentityException, IllegalArgumentException;
@@ -111,47 +118,62 @@
</para>
<programlisting><![CDATA[
/** Retrieves a role by its name*/
-Role findRoleByName(String name) throws IdentityException, IllegalArgumentException;
+Role findRoleByName(String name)
+ throws IdentityException, IllegalArgumentException;
/**Retrieve a collection of role from the role names.*/
-Set findRolesByNames(String[] names) throws IdentityException, IllegalArgumentException;
+Set findRolesByNames(String[] names)
+ throws IdentityException, IllegalArgumentException;
/** Retrieves a role by its id.*/
-Role findRoleById(Object id) throws IdentityException, IllegalArgumentException;
+Role findRoleById(Object id)
+ throws IdentityException, IllegalArgumentException;
/** Retrieves a role by its id.*/
-Role findRoleById(String id) throws IdentityException, IllegalArgumentException;
+Role findRoleById(String id)
+ throws IdentityException, IllegalArgumentException;
/** Create a new role with the specified name.*/
-Role createRole(String name, String displayName) throws IdentityException,
IllegalArgumentException;
+Role createRole(String name, String displayName)
+ throws IdentityException, IllegalArgumentException;
/** Remove a role.*/
-void removeRole(Object id) throws IdentityException, IllegalArgumentException;
+void removeRole(Object id)
+ throws IdentityException, IllegalArgumentException;
/** Returns the number of roles. */
-int getRolesCount() throws IdentityException;
+int getRolesCount()
+ throws IdentityException;
/** Get all the roles */
-Set findRoles() throws IdentityException;/** Retrieves a role by its name*/
-Role findRoleByName(String name) throws IdentityException, IllegalArgumentException;
+Set findRoles()
+ throws IdentityException;/** Retrieves a role by its name*/
+Role findRoleByName(String name)
+ throws IdentityException, IllegalArgumentException;
/**Retrieve a collection of role from the role names.*/
-Set findRolesByNames(String[] names) throws IdentityException, IllegalArgumentException;
+Set findRolesByNames(String[] names)
+ throws IdentityException, IllegalArgumentException;
/** Retrieves a role by its id.*/
-Role findRoleById(Object id) throws IdentityException, IllegalArgumentException;
+Role findRoleById(Object id)
+ throws IdentityException, IllegalArgumentException;
/** Retrieves a role by its id.*/
-Role findRoleById(String id) throws IdentityException, IllegalArgumentException;
+Role findRoleById(String id)
+ throws IdentityException, IllegalArgumentException;
/** Create a new role with the specified name.*/
-Role createRole(String name, String displayName) throws IdentityException,
IllegalArgumentException;
+Role createRole(String name, String displayName)
+ throws IdentityException, IllegalArgumentException;
/** Remove a role.*/
-void removeRole(Object id) throws IdentityException, IllegalArgumentException;
+void removeRole(Object id)
+ throws IdentityException, IllegalArgumentException;
/** Returns the number of roles. */
-int getRolesCount() throws IdentityException;
+int getRolesCount()
+ throws IdentityException;
/** Get all the roles */
Set findRoles() throws IdentityException;
@@ -172,14 +194,18 @@
Set getUsers(Role role) throws IdentityException, IllegalArgumentException;
-/** Creates a relationship beetween a role and set of users. Other roles that have
assotiontions with those users remain unaffected.*/
+/** Creates a relationship beetween a role and set of users. Other roles that have
+ assotiontions with those users remain unaffected.*/
void assignUsers(Role role, Set users) throws IdentityException,
IllegalArgumentException;
-/** Creates a relationship beetween a user and set of roles. This operation will erase
any other assotientions beetween the user and roles not specified in the provided set.*/
+/** Creates a relationship beetween a user and set of roles. This operation will erase
any
+ other assotientions beetween the user and roles not specified in the provided set.*/
void assignRoles(User user, Set roles) throws IdentityException,
IllegalArgumentException;
-/** Returns role members based on rolename - depreciated method ethod here only for
compatibility with old RoleModule interface */
-Set findRoleMembers(String roleName, int offset, int limit, String userNameFilter) throws
IdentityException, IllegalArgumentException;
+/** Returns role members based on rolename - depreciated method ethod here only
+ for compatibility with old RoleModule interface */
+Set findRoleMembers(String roleName, int offset, int limit, String userNameFilter)
+ throws IdentityException, IllegalArgumentException;
]]></programlisting>
</listitem>
<listitem>
@@ -188,13 +214,17 @@
interface exposes operations to access and manage informations stored in
User profile:
</para>
<programlisting><![CDATA[
-public Object getProperty(User user, String propertyName) throws IdentityException,
IllegalArgumentException;
+public Object getProperty(User user, String propertyName)
+ throws IdentityException, IllegalArgumentException;
-public void setProperty(User user, String name, Object property) throws
IdentityException, IllegalArgumentException;
+public void setProperty(User user, String name, Object property)
+ throws IdentityException, IllegalArgumentException;
-public Map getProperties(User user) throws IdentityException, IllegalArgumentException;
+public Map getProperties(User user)
+ throws IdentityException, IllegalArgumentException;
-public ProfileInfo getProfileInfo() throws IdentityException;
+public ProfileInfo getProfileInfo()
+ throws IdentityException;
]]></programlisting>
<warning>
UserProfileModule.getProperty() method returns an Object.
@@ -277,7 +307,10 @@
get the <emphasis
role="bold">IdentityServiceController</emphasis>
mbean. You may want to inject it into your services like this:
</para>
- <programlisting><![CDATA[<depends
optional-attribute-name="IdentityServiceController"
proxy-type="attribute">portal:service=Module,type=IdentityServiceController</depends>]]></programlisting>
+ <programlisting><![CDATA[
+<depends optional-attribute-name="IdentityServiceController"
proxy-type="attribute">
+ portal:service=Module,type=IdentityServiceController
+</depends>]]></programlisting>
<para>
or simply obtain in your code by doing a lookup using
the <emphasis
role="bold">portal:service=Module,type=IdentityServiceController</emphasis>
@@ -286,11 +319,19 @@
</para>
<programlisting>
-(UserModule)identityServiceController.getIdentityContext().getObject(IdentityContext.TYPE_USER_MODULE);
-(RoleModule)identityServiceController.getIdentityContext().getObject(IdentityContext.TYPE_ROLE_MODULE);
-(MembershipModule)identityServiceController.getIdentityContext().getObject(IdentityContext.TYPE_MEMBERSHIP_MODULE);
-(UserProfileModule)identityServiceController.getIdentityContext().getObject(IdentityContext.TYPE_USER_PROFILE_MODULE);</programlisting>
+(UserModule)identityServiceController.getIdentityContext()
+ .getObject(IdentityContext.TYPE_USER_MODULE);
+(RoleModule)identityServiceController.getIdentityContext()
+ .getObject(IdentityContext.TYPE_ROLE_MODULE);
+
+(MembershipModule)identityServiceController.getIdentityContext()
+ .getObject(IdentityContext.TYPE_MEMBERSHIP_MODULE);
+
+(UserProfileModule)identityServiceController.getIdentityContext()
+ .getObject(IdentityContext.TYPE_USER_PROFILE_MODULE);
+ </programlisting>
+
</sect2>
<sect2>
<title>API changes since 2.4</title>
@@ -317,7 +358,8 @@
// Instead of: user.setEnabled(value)
userProfileModule.setProperty(user, User.INFO_USER_ENABLED, value);
-// In a similar way you should change rest of methods that are missing in User interface
in 2.6 by the call to the UserProfileModule
+// In a similar way you should change rest of methods that are missing in User interface
+// in 2.6 by the call to the UserProfileModule
// Instead of: user.getProperties()
userProfileModule.getProperties(user);
@@ -355,8 +397,10 @@
</para>
<programlisting><![CDATA[
// Instead of
-// RoleModule.findRoleMembers(String roleName, int offset, int limit, String
userNameFilter) throws IdentityException;
-membershipModule.findRoleMembers(String roleName, int offset, int limit, String
userNameFilter)
+// RoleModule.findRoleMembers(String roleName, int offset, int limit, String
userNameFilter)
+// throws IdentityException;
+membershipModule.findRoleMembers(String roleName, int offset, int limit,
+ String userNameFilter)
// Instead of
// RoleModule.setRoles(User user, Set roles) throws IdentityException;
@@ -406,7 +450,6 @@
xmbean-code="org.jboss.portal.jems.as.system.JBossServiceModelMBean">
<xmbean/>
<depends>portal:service=Hibernate</depends>
-
<!--<depends>jboss.jca:service=DataSourceBinding,name=@portal.datasource.name@</depends>-->
<attribute
name="JndiName">java:/portal/IdentityServiceController</attribute>
<attribute name="RegisterMBeans">true</attribute>
<attribute
name="ConfigFile">conf/identity/identity-config.xml</attribute>
@@ -777,7 +820,7 @@
</sect1>
<sect1>
<title>Identity modules implementations</title>
- <note>Identity modules implementations related to LDAP are described in this
<link
linkend="ldap.ldap_identity_modules">section</link></note>
+ <note>Identity modules implementations related to LDAP are described in
<link linkend="ldap.ldap_identity_modules">LDAP</link>
chapter</note>
<sect2>
<title>Database modules</title>
<para>JBoss portal comes with a set of database related identity modules
implementations done using Hibernate - those are configured
Modified: docs/trunk/referenceGuide/en/modules/ldap.xml
===================================================================
--- docs/trunk/referenceGuide/en/modules/ldap.xml 2007-04-30 10:00:03 UTC (rev 7142)
+++ docs/trunk/referenceGuide/en/modules/ldap.xml 2007-04-30 10:45:43 UTC (rev 7143)
@@ -29,7 +29,6 @@
xmbean-code="org.jboss.portal.jems.as.system.JBossServiceModelMBean">
<xmbean/>
<depends>portal:service=Hibernate</depends>
-
<!--<depends>jboss.jca:service=DataSourceBinding,name=@portal.datasource.name@</depends>-->
<attribute
name="JndiName">java:/portal/IdentityServiceController</attribute>
<attribute name="RegisterMBeans">true</attribute>
<attribute
name="ConfigFile">conf/identity/identity-config.xml</attribute>
@@ -476,11 +475,12 @@
<note>In <emphasis>UserModule</emphasis> there are two methods
that handle offset/limit (pagination) behaviour.
<programlisting>
<![CDATA[
- /** Get a range of users.*/
- Set findUsers(int offset, int limit) throws IdentityException,
IllegalArgumentException;
+/** Get a range of users.*/
+Set findUsers(int offset, int limit) throws IdentityException, IllegalArgumentException;
- /** Get a range of users.*/
- Set findUsersFilteredByUserName(String filter, int offset, int limit)
throws IdentityException, IllegalArgumentException;
+/** Get a range of users.*/
+Set findUsersFilteredByUserName(String filter, int offset, int limit)
+ throws IdentityException, IllegalArgumentException;
]]>
</programlisting>
Pagination support is not widely implemented in LDAP servers. Because
<emphasis>UserModule</emphasis>
@@ -1035,7 +1035,8 @@
<!-- For the JCR CMS -->
<application-policy name="cms">
<authentication>
- <login-module
code="org.apache.jackrabbit.core.security.SimpleLoginModule"
flag="required"/>
+ <login-module
code="org.apache.jackrabbit.core.security.SimpleLoginModule"
+ flag="required"/>
</authentication>
</application-policy>
@@ -1043,8 +1044,10 @@
<authentication>
<login-module code="org.jboss.security.auth.spi.LdapExtLoginModule"
flag="required">
- <module-option
name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
- <module-option
name="java.naming.provider.url">ldap://example.com:10389/</module-option>
+ <module-option
name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory
+ </module-option>
+ <module-option
name="java.naming.provider.url">ldap://example.com:10389/
+ </module-option>
<module-option
name="java.naming.security.authentication">simple</module-option>
<module-option name="bindDN">cn=Directory
Manager</module-option>
<module-option
name="bindCredential">lolo</module-option>
@@ -1059,15 +1062,18 @@
<module-option
name="allowEmptyPasswords">false</module-option>
</login-module>
- <login-module
code="org.jboss.portal.identity.auth.SynchronizingLoginModule"
flag="optional">
+ <login-module
code="org.jboss.portal.identity.auth.SynchronizingLoginModule"
+ flag="optional">
<module-option
name="synchronizeIdentity">true</module-option>
<module-option
name="synchronizeRoles">true</module-option>
<module-option
name="additionalRole">Authenticated</module-option>
<module-option
name="defaultAssignedRole">User</module-option>
<module-option
name="userModuleJNDIName">java:/portal/UserModule</module-option>
<module-option
name="roleModuleJNDIName">java:/portal/RoleModule</module-option>
- <module-option
name="membershipModuleJNDIName">java:/portal/MembershipModule</module-option>
- <module-option
name="userProfileModuleJNDIName">java:/portal/UserProfileModule</module-option>
+ <module-option
name="membershipModuleJNDIName">java:/portal/MembershipModule
+ </module-option>
+ <module-option
name="userProfileModuleJNDIName">java:/portal/UserProfileModule
+ </module-option>
</login-module>
</authentication>
@@ -1169,7 +1175,7 @@
<entry align="center"><emphasis>Not
Supported</emphasis></entry>
<entry
align="center"><emphasis>Supported</emphasis></entry>
</row>
- <row>
+ <!--<row>
<entry>Microsoft Active Directory</entry>
<entry align="center">?</entry>
<entry align="center">?</entry>
@@ -1198,7 +1204,7 @@
<entry align="center">?</entry>
<entry align="center">?</entry>
<entry align="center">?</entry>
- </row>
+ </row>-->
</tbody>
</tgroup>
</table>