Author: shawkins
Date: 2011-10-18 11:46:00 -0400 (Tue, 18 Oct 2011)
New Revision: 3558
Modified:
branches/7.4.x/documentation/admin-guide/src/main/docbook/en-US/content/security.xml
Log:
SOA-3448 fixing programlisting whitespace
Modified:
branches/7.4.x/documentation/admin-guide/src/main/docbook/en-US/content/security.xml
===================================================================
---
branches/7.4.x/documentation/admin-guide/src/main/docbook/en-US/content/security.xml 2011-10-18
10:52:08 UTC (rev 3557)
+++
branches/7.4.x/documentation/admin-guide/src/main/docbook/en-US/content/security.xml 2011-10-18
15:46:00 UTC (rev 3558)
@@ -115,22 +115,20 @@
<example>
<title>Example user.properties file</title>
<programlisting><![CDATA[# A users.properties file for
use with the UsersRolesLoginModule
- # username=password
-
- fred=password
- george=password
- ...]]></programlisting>
+# username=password
+
+fred=password
+george=password...]]></programlisting>
</example>
JAAS role assignments are stored in the
<profile>conf/props/teiid-security-roles.properties file.
<example>
<title>Example user.properties file</title>
<programlisting><![CDATA[# A roles.properties file for
use with the UsersRolesLoginModule
- # username=role1,role2,...
-
- data_role_1=fred,sally
- data_role_2=george
- ]]></programlisting>
+# username=role1,role2,...
+
+data_role_1=fred,sally
+data_role_2=george]]></programlisting>
</example>
User and role names are entirely up to the needs of the given
deployment. For example each application team can set their own security constraints for
their VDBs, by mapping their VDB data roles to application specific JAAS roles, e.g.
app_role_1=user1,user2,user3.
@@ -202,31 +200,27 @@
data source. Here is a sample configuration, this needs to be configured
in "teiid-jboss-beans.xml" file.
</para>
- <programlisting><![CDATA[
- <application-policy xmlns="urn:jboss:security-beans:1.0"
name="teiid-security">
- <authentication>
+ <programlisting><![CDATA[<application-policy
xmlns="urn:jboss:security-beans:1.0" name="teiid-security">
+ <authentication>
+
+ <login-module
code="org.jboss.security.auth.spi.UsersRolesLoginModule"
flag="required">
+ <module-option name =
"password-stacking">useFirstPass</module-option>
+ <module-option
name="usersProperties">props/teiid-security-users.properties</module-option>
+ <module-option
name="rolesProperties">props/teiid-security-roles.properties</module-option>
+ </login-module>
+
+ <login-module
code="org.jboss.resource.security.CallerIdentityLoginModule"
flag="required">
+ <module-option name =
"password-stacking">useFirstPass</module-option>
+ <module-option name =
"managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=DefaultDS</module-option>
+ </login-module>
+
+ </authentication>
+</application-policy>]]></programlisting>
- <login-module
code="org.jboss.security.auth.spi.UsersRolesLoginModule"
flag="required">
- <module-option name =
"password-stacking">useFirstPass</module-option>
- <module-option
name="usersProperties">props/teiid-security-users.properties</module-option>
- <module-option
name="rolesProperties">props/teiid-security-roles.properties</module-option>
- </login-module>
-
- <login-module
code="org.jboss.resource.security.CallerIdentityLoginModule"
flag="required">
- <module-option name =
"password-stacking">useFirstPass</module-option>
- <module-option name =
"managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=DefaultDS</module-option>
- </login-module>
-
- </authentication>
- </application-policy>
- ]]></programlisting>
-
<para>In the -ds.xml file that is defined as the
"managedConnectionFactoryName" in the above configuration,
you need to add the following element</para>
- <programlisting><![CDATA[
- <security-domain>teiid-security</security-domain>
- ]]></programlisting>
+
<programlisting><![CDATA[<security-domain>teiid-security</security-domain>]]></programlisting>
<para>In the above configuration example, in the primary login module
"UsersRolesLoginModule" is setup to hold the
passwords in the file, and when user logs in with password, the same password
will be also set on the logged in Subject after
@@ -251,31 +245,27 @@
map to different roles. If a user has multiple roles, the first role that has
the credential will be chosen.
Below find the sample configuration.</para>
- <programlisting><![CDATA[
- <application-policy xmlns="urn:jboss:security-beans:1.0"
name="teiid-security">
- <authentication>
-
- <login-module
code="org.jboss.security.auth.spi.UsersRolesLoginModule"
flag="required">
- <module-option name =
"password-stacking">useFirstPass</module-option>
- <module-option
name="usersProperties">props/teiid-security-users.properties</module-option>
- <module-option
name="rolesProperties">props/teiid-security-roles.properties</module-option>
- </login-module>
-
- <login-module
code="org.teiid.jboss.RoleBasedCredentialMapIdentityLoginModule"
flag="required">
- <module-option name =
"password-stacking">useFirstPass</module-option>
- <module-option
name="credentialMap">props/teiid-credentialmap.properties</module-option>
- <module-option name =
"managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=DefaultDS</module-option>
- </login-module>
-
- </authentication>
- </application-policy>
- ]]></programlisting>
+ <programlisting><![CDATA[<application-policy
xmlns="urn:jboss:security-beans:1.0" name="teiid-security">
+ <authentication>
+
+ <login-module
code="org.jboss.security.auth.spi.UsersRolesLoginModule"
flag="required">
+ <module-option name =
"password-stacking">useFirstPass</module-option>
+ <module-option
name="usersProperties">props/teiid-security-users.properties</module-option>
+ <module-option
name="rolesProperties">props/teiid-security-roles.properties</module-option>
+ </login-module>
+
+ <login-module
code="org.teiid.jboss.RoleBasedCredentialMapIdentityLoginModule"
flag="required">
+ <module-option name =
"password-stacking">useFirstPass</module-option>
+ <module-option
name="credentialMap">props/teiid-credentialmap.properties</module-option>
+ <module-option name =
"managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=DefaultDS</module-option>
+ </login-module>
+
+ </authentication>
+</application-policy>]]></programlisting>
<para>In the -ds.xml file that is defined as the
"managedConnectionFactoryName" in the above configuration,
you need to add the following element</para>
- <programlisting><![CDATA[
- <security-domain>teiid-security</security-domain>
- ]]></programlisting>
+
<programlisting><![CDATA[<security-domain>teiid-security</security-domain>]]></programlisting>
<para>In the above configuration example, in the primary login module
"UsersRolesLoginModule" is setup for logging in
the primary user and assign some roles. The
"RoleBasedCredentialMap" login module is configured to hold
@@ -288,19 +278,17 @@
password in the file defined by the "credentialMap" property, and
define following properties in
the "RoleBasedCredentialMap" login module.</para>
- <programlisting><![CDATA[
- <login-module
code="org.teiid.jboss.RoleBasedCredentialMapIdentityLoginModule"
flag="required">
- <module-option name =
"password-stacking">useFirstPass</module-option>
- <module-option
name="credentialMap">props/teiid-credentialmap.properties</module-option>
- <module-option name =
"managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=DefaultDS</module-option>
-
- <!-- below properties are only required when passwords are encrypted
-->
- <module-option name =
"pbealgo">PBEWithMD5AndDES</module-option>
- <module-option name =
"pbepass">testPBEIdentityLoginModule</module-option>
- <module-option name =
"salt">abcdefgh</module-option>
- <module-option name =
"iterationCount">19</module-option>
- </login-module>
- ]]></programlisting>
+ <programlisting><![CDATA[<login-module
code="org.teiid.jboss.RoleBasedCredentialMapIdentityLoginModule"
flag="required">
+ <module-option name =
"password-stacking">useFirstPass</module-option>
+ <module-option
name="credentialMap">props/teiid-credentialmap.properties</module-option>
+ <module-option name =
"managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=DefaultDS</module-option>
+
+ <!-- below properties are only required when passwords are encrypted -->
+ <module-option name =
"pbealgo">PBEWithMD5AndDES</module-option>
+ <module-option name =
"pbepass">testPBEIdentityLoginModule</module-option>
+ <module-option name = "salt">abcdefgh</module-option>
+ <module-option name = "iterationCount">19</module-option>
+</login-module>]]></programlisting>
<para>For full details about encryption of the password, please follow
this
<ulink
url="http://community.jboss.org/docs/DOC-9703">document</...