[jboss-cvs] JBossAS SVN: r70899 - projects/docs/trunk/AS_4/Server_Configuration_Guide/zh-CN.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Mon Mar 17 00:23:07 EDT 2008
Author: xhuang at jboss.com
Date: 2008-03-17 00:23:06 -0400 (Mon, 17 Mar 2008)
New Revision: 70899
Modified:
projects/docs/trunk/AS_4/Server_Configuration_Guide/zh-CN/J2EE_Security_On_JBOSS.po
projects/docs/trunk/AS_4/Server_Configuration_Guide/zh-CN/Web_Services.po
Log:
update
Modified: projects/docs/trunk/AS_4/Server_Configuration_Guide/zh-CN/J2EE_Security_On_JBOSS.po
===================================================================
--- projects/docs/trunk/AS_4/Server_Configuration_Guide/zh-CN/J2EE_Security_On_JBOSS.po 2008-03-17 01:13:50 UTC (rev 70898)
+++ projects/docs/trunk/AS_4/Server_Configuration_Guide/zh-CN/J2EE_Security_On_JBOSS.po 2008-03-17 04:23:06 UTC (rev 70899)
@@ -10,7 +10,7 @@
"Project-Id-Version: J2EE_Security_On_JBOSS\n"
"Report-Msgid-Bugs-To: http://bugs.kde.org\n"
"POT-Creation-Date: 2007-11-05 06:04+0000\n"
-"PO-Revision-Date: 2008-03-13 11:00+1000\n"
+"PO-Revision-Date: 2008-03-17 14:17+1000\n"
"Last-Translator: Xi HUANG <xhuang at redhat.com>\n"
"Language-Team: Simplified Chinese <en at li.org>\n"
"MIME-Version: 1.0\n"
@@ -1803,6 +1803,13 @@
"The_relationship_between_the_JBossSX_framework_implementation_classes_and_the_JBoss_server_EJB_container_layer."
"\"/>."
msgstr ""
+"请注意,<literal>AuthenticationManager</literal>、<literal>RealmMapping</literal> 和 <literal>SecurityProxy</literal> 接口和 JAAS 相关的类并没有联系。虽然 JBossSX 架构非常依赖于 JAAS,但是实现 J2EE 安全模型所需的基本安全接口并非如此。JBossSX 框架只是简单的基于 JAAS 的基本安全插件接口的实现。<xref "
+"linkend=\"The_JBoss_Security_Model-"
+"The_relationship_between_the_JBossSX_framework_implementation_classes_and_the_JBoss_server_EJB_container_layer."
+"\"/> 里的组件图解释了这一点。这个插件架构暗示着你可以用自己的安全管理者实现来替换基于 JAAS 的 JBossSX 实现类。当你查看用于 <xref "
+"linkend=\"The_JBoss_Security_Model-"
+"The_relationship_between_the_JBossSX_framework_implementation_classes_and_the_JBoss_server_EJB_container_layer."
+"\"/> 里的 JBossSX 的配置的 JBossSX MBean 时,你将看到如何进行替换。"
#. Tag: title
#: J2EE_Security_On_JBOSS.xml:437
@@ -1810,13 +1817,13 @@
msgid ""
"The relationship between the JBossSX framework implementation classes and "
"the JBoss server EJB container layer."
-msgstr ""
+msgstr "JBossSX 框架的实现类和 JBoss 服务器 EJB 容器层之间的关系。"
#. Tag: title
#: J2EE_Security_On_JBOSS.xml:445
#, no-c-format
msgid "Enabling Declarative Security in JBoss Revisited"
-msgstr ""
+msgstr "启用 JBoss Revisited 里的声明式安全性"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:446
@@ -1831,16 +1838,18 @@
"xml_deployment_descriptors.\"/> shows the JBoss-specific EJB and web "
"application deployment descriptor's security-related elements."
msgstr ""
+"在本章之前对 J2EE 标准安全模型的讨论结束时,要求使用 JBoss 服务器专有的部署描述符来启用安全性。其配置的详情将在这里讨论。<xref linkend="
+"\"Enabling_Declarative_Security_in_JBoss_Revisited-"
+"The_security_element_subsets_of_the_JBoss_server_jboss.xml_and_jboss_web."
+"xml_deployment_descriptors.\"/> 展示了 JBoss 专有的 EJB 以及 web 应用程序部署描述符里和安全性相关的元素。"
#. Tag: title
#: J2EE_Security_On_JBOSS.xml:450
-#, fuzzy, no-c-format
+#, no-c-format
msgid ""
"The security element subsets of the JBoss server jboss.xml and jboss-web.xml "
"deployment descriptors."
-msgstr ""
-"The default jmx-invoker-adaptor-server.sar jboss-service.xml deployment "
-"descriptor"
+msgstr "JBoss 服务器的 jboss.xml 和 jboss-web.xml 部署描述符的和安全性相关的元素子集。"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:457
@@ -1854,7 +1863,7 @@
"domain in effect for all EJBs in the deployment unit. This is the typical "
"usage because mixing security managers within a deployment unit complicates "
"inter-component operation and administration."
-msgstr ""
+msgstr "<literal>security-domain</literal> 元素指定 JBoss 用于 EJB 和 web 容器的安全管理者接口实现的 JNDI 名称。这是一个实现 <literal>AuthenticationManager</literal> 和 <literal>RealmMapping</literal> 接口的对象。当作为一个顶层元素被指定时,它定义了开发单元里的所有 EJB 的实际安全域。这是一个典型用法,因为在部署单元里混合安全管理者把组件内的操作和管理复杂化了。"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:460
@@ -1863,7 +1872,7 @@
"To specify the security domain for an individual EJB, you specify the "
"<literal>security-domain</literal> at the container configuration level. "
"This will override any top-level security-domain element."
-msgstr ""
+msgstr "要为单个的 EJB 指定安全域,你可以指定容器配置级别的 <literal>security-domain</literal>。这将覆盖任何顶层的 security-domain 元素。"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:463
@@ -1878,7 +1887,7 @@
"target EJB to obtain a non-null <literal>Principal</literal> for the caller "
"using the <literal>getUserPrincipal</literal> method. This is a J2EE "
"specification requirement."
-msgstr ""
+msgstr "<literal>unauthenticated-principal</literal> 元素指定当未通过验证的用户调用 EJB 时,<literal>EJBContext.getUserPrincipal</literal> 方法返回的 <literal>Principal</literal> 对象的名称。请注意,这并不转移未通过验证的调用者的任何特殊权限。它的主要目的是允许未设置安全性的 servlet 和 JSP 页面调用未设置安全性的 EJB 并在调用者使用 <literal>getUserPrincipal</literal> 方法时允许目标 EJB 获取非空值的 <literal>Principal</literal>。这是 J2EE 规格所要求的。"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:466
@@ -1898,6 +1907,8 @@
"<literal>SecurityProxy</literal> implementation used by the default JBossSX "
"installation."
msgstr ""
+"<literal>security-proxy</literal> 元素指定允许不在 EJB 实现里嵌入安全逻辑而在 EJB 声明式安全模型外对每个请求进行检查的自定义的安全代理实现。这可能是对 <literal>org.jboss.security.SecurityProxy</literal> 接口的实现,也或许是不实现任何通用接口而实现 EJB 的 home、remote、local home 或 local 接口的对象。如果给定的类没有实现 <literal>SecurityProxy</literal> 接口,它的实例必须包裹在 <literal>SecurityProxy</"
+"literal> 实现里,把方法调用委托给这个对象。缺省的 JBossSX 安装使用的<literal>org.jboss.security.SubjectSecurityProxy</literal> 是一个 <literal>SecurityProxy</literal> 实现的示例。"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:469
@@ -2031,7 +2042,7 @@
msgid ""
"The jboss.xml descriptor, which configures the EchoSecurityProxy as the "
"custom security proxy for the EchoBean."
-msgstr ""
+msgstr "jboss.xml 描述符把 EchoSecurityProxy 配置为 EchoBean 的自定义安全代理。"
#. Tag: programlisting
#: J2EE_Security_On_JBOSS.xml:481
@@ -2049,6 +2060,17 @@
" </enterprise-beans>\n"
"</jboss>"
msgstr ""
+"<jboss>\n"
+" <security-domain>java:/jaas/other</security-domain>\n"
+" \n"
+" <enterprise-beans>\n"
+" <session>\n"
+" <ejb-name>EchoBean</ejb-name>\n"
+" <security-proxy>org.jboss.book.security.ex1."
+"EchoSecurityProxy</security-proxy>\n"
+" </session>\n"
+" </enterprise-beans>\n"
+"</jboss>"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:482
@@ -2058,6 +2080,8 @@
"<literal>EchoBean.echo</literal> method with the arguments <literal>Hello</"
"literal> and <literal>Four</literal> as illustrated in this fragment:"
msgstr ""
+"如下所示,现在让我们运行用参数 <literal>Hello</"
+"literal> 和 <literal>Four</literal> 调用 <literal>EchoBean.echo</literal> 方法的客户端来测试这个自定义代理:"
#. Tag: programlisting
#: J2EE_Security_On_JBOSS.xml:485
@@ -2082,6 +2106,24 @@
" }\n"
"}"
msgstr ""
+"public class ExClient\n"
+"{\n"
+" public static void main(String args[])\n"
+" throws Exception\n"
+" {\n"
+" Logger log = Logger.getLogger(\"ExClient\");\n"
+" log.info(\"Looking up EchoBean\");\n"
+"\n"
+" InitialContext iniCtx = new InitialContext();\n"
+" Object ref = iniCtx.lookup(\"EchoBean\");\n"
+" EchoHome home = (EchoHome) ref;\n"
+" Echo echo = home.create();\n"
+"\n"
+" log.info(\"Created Echo\");\n"
+" log.info(\"Echo.echo('Hello') = \"+echo.echo(\"Hello\"));\n"
+" log.info(\"Echo.echo('Four') = \"+echo.echo(\"Four\"));\n"
+" }\n"
+"}"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:486
@@ -2090,7 +2132,7 @@
"The first call should succeed, while the second should fail due to the fact "
"that <literal>Four</literal> is a four-letter word. Run the client as "
"follows using Ant from the examples directory:"
-msgstr ""
+msgstr "第一个调用应该会成功,而第二个应该失败,因为 <literal>Four</literal> 表示第 4 个单词。从 examples 目录里用 Ant 运行这个客户端:"
#. Tag: programlisting
#: J2EE_Security_On_JBOSS.xml:489
@@ -2110,6 +2152,19 @@
" [java] Caused by: java.lang.SecurityException: No 4 letter words\n"
"..."
msgstr ""
+"[examples]$ ant -Dchap=security -Dex=1 run-example\n"
+"run-example1:\n"
+"...\n"
+" [echo] Waiting for 5 seconds for deploy...\n"
+" [java] [INFO,ExClient] Looking up EchoBean\n"
+" [java] [INFO,ExClient] Created Echo\n"
+" [java] [INFO,ExClient] Echo.echo('Hello') = Hello\n"
+" [java] Exception in thread \"main\" java.rmi.AccessException: "
+"SecurityException; nested exception is: \n"
+" [java] java.lang.SecurityException: No 4 letter words\n"
+"...\n"
+" [java] Caused by: java.lang.SecurityException: No 4 letter words\n"
+"..."
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:490
@@ -2123,12 +2178,14 @@
"literal> generated by the <literal>EchoSecurityProxy</literal> was thrown to "
"abort the attempted method invocation as desired."
msgstr ""
+"结果是如我们所期望的, <literal>echo('Hello')</literal> 方法调用成功而 <literal>echo('Four')</literal> 方法导致看起来相当凌乱的输出。上面的输出已经是根据本书的页面进行了调整。这些异常信息的关键部分是 <literal>EchoSecurityProxy</literal> 产生的 <literal>SecurityException(\"No 4 letter words\")</"
+"literal> 被抛出来中止对该方法的调用。"
#. Tag: title
#: J2EE_Security_On_JBOSS.xml:498
-#, fuzzy, no-c-format
+#, no-c-format
msgid "The JBoss Security Extension Architecture"
-msgstr "JBossNS 架构"
+msgstr "JBoss 安全扩展架构"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:499
@@ -2201,7 +2258,7 @@
#: J2EE_Security_On_JBOSS.xml:520
#, no-c-format
msgid "How the JaasSecurityManager Uses JAAS"
-msgstr ""
+msgstr "JaasSecurityManager 如何使用 JAAS"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:521
@@ -2467,7 +2524,7 @@
#. Tag: programlisting
#: J2EE_Security_On_JBOSS.xml:612
-#, fuzzy, no-c-format
+#, no-c-format
msgid ""
"<jboss>\n"
" <!-- Configure all containers to be secured under the \"hades\" "
@@ -2476,9 +2533,12 @@
" <!-- ... -->\n"
"</jboss>"
msgstr ""
-"<jboss-web>\n"
-" <security-domain>java:/jaas/digest</security-domain>\n"
-"</jboss-web>"
+"<jboss>\n"
+" <!-- Configure all containers to be secured under the \"hades\" "
+"security domain -->\n"
+" <security-domain>java:/jaas/hades</security-domain>\n"
+" <!-- ... -->\n"
+"</jboss>"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:613
@@ -2632,6 +2692,12 @@
"String[] signature = {\"java.lang.String\"};\n"
"server.invoke(jaasMgr, \"flushAuthenticationCache\", params, signature);"
msgstr ""
+"MBeanServer server = ...;\n"
+"String jaasMgrName = \"jboss.security:service=JaasSecurityManager\";\n"
+"ObjectName jaasMgr = new ObjectName(jaasMgrName);\n"
+"Object[] params = {domainName};\n"
+"String[] signature = {\"java.lang.String\"};\n"
+"server.invoke(jaasMgr, \"flushAuthenticationCache\", params, signature);"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:666
@@ -2656,6 +2722,14 @@
"\", \n"
" params, signature);"
msgstr ""
+"MBeanServer server = ...;\n"
+"String jaasMgrName = \"jboss.security:service=JaasSecurityManager\";\n"
+"ObjectName jaasMgr = new ObjectName(jaasMgrName);\n"
+"Object[] params = {domainName};\n"
+"String[] signature = {\"java.lang.String\"};\n"
+"List users = (List) server.invoke(jaasMgr, \"getAuthenticationCachePrincipals"
+"\", \n"
+" params, signature);"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:673
@@ -2880,7 +2954,7 @@
#. Tag: programlisting
#: J2EE_Security_On_JBOSS.xml:779
-#, fuzzy, no-c-format
+#, no-c-format
msgid ""
"<application-policy name=\"jmx-console\">\n"
" <authentication>\n"
@@ -2894,28 +2968,14 @@
" </authentication>\n"
"</application-policy>"
msgstr ""
-"<application-policy name=\"digest\">\n"
+"<application-policy name=\"jmx-console\">\n"
" <authentication>\n"
" <login-module code=\"org.jboss.security.auth.spi."
-"UsersRolesLoginModule\"\n"
-" flag=\"required\">\n"
-" <module-option name=\"usersProperties\">digest-users."
-"properties</module-option>\n"
-" <module-option name=\"rolesProperties\">digest-roles."
-"properties</module-option>\n"
-" <module-option name=\"hashAlgorithm\">MD5</module-"
-"option>\n"
-" <module-option name=\"hashEncoding\">rfc2617</module-"
-"option>\n"
-" <module-option name=\"hashUserPassword\">false</module-"
-"option>\n"
-" <module-option name=\"hashStorePassword\">true</module-"
-"option>\n"
-" <module-option name=\"passwordIsA1Hash\">true</module-"
-"option>\n"
-" <module-option name=\"storeDigestCallback\">\n"
-" org.jboss.security.auth.spi.RFC2617Digest\n"
-" </module-option>\n"
+"UsersRolesLoginModule\" flag=\"required\">\n"
+" <module-option name=\"usersProperties\">props/jmx-console-"
+"users.properties</module-option>\n"
+" <module-option name=\"rolesProperties\">props/jmx-console-"
+"roles.properties</module-option>\n"
" </login-module>\n"
" </authentication>\n"
"</application-policy>"
@@ -2991,7 +3051,7 @@
#. Tag: programlisting
#: J2EE_Security_On_JBOSS.xml:811
-#, fuzzy, no-c-format
+#, no-c-format
msgid ""
"<application-policy name=\"todo\">\n"
" <authentication>\n"
@@ -3008,28 +3068,17 @@
" </authentication>\n"
"</application-policy>"
msgstr ""
-"<application-policy name=\"digest\">\n"
+"<application-policy name=\"todo\">\n"
" <authentication>\n"
+" <login-module code=\"org.jboss.security.auth.spi.LdapLoginModule"
+"\" \n"
+" flag=\"sufficient\">\n"
+" <!-- LDAP configuration -->\n"
+" </login-module>\n"
" <login-module code=\"org.jboss.security.auth.spi."
-"UsersRolesLoginModule\"\n"
-" flag=\"required\">\n"
-" <module-option name=\"usersProperties\">digest-users."
-"properties</module-option>\n"
-" <module-option name=\"rolesProperties\">digest-roles."
-"properties</module-option>\n"
-" <module-option name=\"hashAlgorithm\">MD5</module-"
-"option>\n"
-" <module-option name=\"hashEncoding\">rfc2617</module-"
-"option>\n"
-" <module-option name=\"hashUserPassword\">false</module-"
-"option>\n"
-" <module-option name=\"hashStorePassword\">true</module-"
-"option>\n"
-" <module-option name=\"passwordIsA1Hash\">true</module-"
-"option>\n"
-" <module-option name=\"storeDigestCallback\">\n"
-" org.jboss.security.auth.spi.RFC2617Digest\n"
-" </module-option>\n"
+"DatabaseServerLoginModule\" \n"
+" flag=\"sufficient\">\n"
+" <!-- database configuration -->\n"
" </login-module>\n"
" </authentication>\n"
"</application-policy>"
@@ -3071,6 +3120,11 @@
"attribute>\n"
"</mbean>"
msgstr ""
+"<mbean code=\"org.jboss.security.auth.login.XMLLoginConfig\"\n"
+" name=\"jboss.security:service=XMLLoginConfig\">\n"
+" <attribute name=\"ConfigResource\">login-config.xml</"
+"attribute>\n"
+"</mbean>"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:821
@@ -3187,6 +3241,11 @@
"service=XMLLoginConfig</attribute>\n"
" </mbean>"
msgstr ""
+"<mbean code=\"org.jboss.security.plugins.SecurityConfig\" \n"
+" name=\"jboss.security:service=SecurityConfig\">\n"
+" <attribute name=\"LoginConfig\">jboss.security:"
+"service=XMLLoginConfig</attribute>\n"
+" </mbean>"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:875
@@ -3228,6 +3287,8 @@
"public void pushLoginConfig(String objectName) throws\n"
" JMException, MalformedObjectNameException;"
msgstr ""
+"public void pushLoginConfig(String objectName) throws\n"
+" JMException, MalformedObjectNameException;"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:889
@@ -3337,6 +3398,27 @@
" </mbean>\n"
"</server>"
msgstr ""
+"<server>\n"
+" <mbean code=\"org.jboss.security.auth.login.DynamicLoginConfig\" name="
+"\"...\">\n"
+" <attribute name=\"AuthConfig\">login-config.xml</"
+"attribute>\n"
+"\n"
+" <!-- The service which supports dynamic processing of login-"
+"config.xml\n"
+" configurations.\n"
+" -->\n"
+" <depends optional-attribute-name=\"LoginConfigService\">\n"
+" jboss.security:service=XMLLoginConfig </depends>\n"
+"\n"
+" <!-- Optionally specify the security mgr service to use when\n"
+" this service is stopped to flush the auth caches of the domains\n"
+" registered by this service.\n"
+" -->\n"
+" <depends optional-attribute-name=\"SecurityManagerService\">\n"
+" jboss.security:service=JaasSecurityManager </depends>\n"
+" </mbean>\n"
+"</server>"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:924
@@ -3424,7 +3506,7 @@
#. Tag: programlisting
#: J2EE_Security_On_JBOSS.xml:952
-#, fuzzy, no-c-format
+#, no-c-format
msgid ""
"<application-policy name=\"todo\">\n"
" <authentication>\n"
@@ -3445,28 +3527,21 @@
" </authentication>\n"
"</application-policy>"
msgstr ""
-"<application-policy name=\"digest\">\n"
+"<application-policy name=\"todo\">\n"
" <authentication>\n"
+" <login-module code=\"org.jboss.security.auth.spi.LdapLoginModule"
+"\" \n"
+" flag=\"required\">\n"
+" <!-- LDAP configuration -->\n"
+" <module-option name=\"password-stacking\">useFirstPass</"
+"module-option>\n"
+" </login-module>\n"
" <login-module code=\"org.jboss.security.auth.spi."
-"UsersRolesLoginModule\"\n"
+"DatabaseServerLoginModule\" \n"
" flag=\"required\">\n"
-" <module-option name=\"usersProperties\">digest-users."
-"properties</module-option>\n"
-" <module-option name=\"rolesProperties\">digest-roles."
-"properties</module-option>\n"
-" <module-option name=\"hashAlgorithm\">MD5</module-"
-"option>\n"
-" <module-option name=\"hashEncoding\">rfc2617</module-"
-"option>\n"
-" <module-option name=\"hashUserPassword\">false</module-"
-"option>\n"
-" <module-option name=\"hashStorePassword\">true</module-"
-"option>\n"
-" <module-option name=\"passwordIsA1Hash\">true</module-"
-"option>\n"
-" <module-option name=\"storeDigestCallback\">\n"
-" org.jboss.security.auth.spi.RFC2617Digest\n"
-" </module-option>\n"
+" <!-- database configuration --> \n"
+" <module-option name=\"password-stacking\">useFirstPass</"
+"module-option>\n"
" </login-module>\n"
" </authentication>\n"
"</application-policy>"
@@ -3582,6 +3657,20 @@
" </application-policy>\n"
"</policy>"
msgstr ""
+"<policy>\n"
+" <application-policy name=\"testUsersRoles\">\n"
+" <authentication>\n"
+" <login-module code=\"org.jboss.security.auth.spi."
+"UsersRolesLoginModule\"\n"
+" flag=\"required\">\n"
+" <module-option name=\"hashAlgorithm\">MD5</module-"
+"option>\n"
+" <module-option name=\"hashEncoding\">base64</module-"
+"option> \n"
+" </login-module>\n"
+" </authentication>\n"
+" </application-policy>\n"
+"</policy>"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:994
@@ -3602,6 +3691,11 @@
" null,\n"
" \"password\");"
msgstr ""
+"String hashedPassword = Util.createPasswordHash(\"MD5\",\n"
+" Util.BASE64_ENCODING,\n"
+" null,\n"
+" null,\n"
+" \"password\");"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:998
@@ -3613,7 +3707,7 @@
#: J2EE_Security_On_JBOSS.xml:1001
#, no-c-format
msgid "echo -n password | openssl dgst -md5 -binary | openssl base64"
-msgstr ""
+msgstr "echo -n password | openssl dgst -md5 -binary | openssl base64"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:1002
@@ -3693,6 +3787,9 @@
"username2=password2\n"
"..."
msgstr ""
+"username1=password1\n"
+"username2=password2\n"
+"..."
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:1030
@@ -3710,6 +3807,9 @@
"username1.RoleGroup1=role3,role4,...\n"
"username2=role1,role3,..."
msgstr ""
+"username1=role1,role2,...\n"
+"username1.RoleGroup1=role3,role4,...\n"
+"username2=role1,role3,..."
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:1034
@@ -4038,7 +4138,7 @@
#. Tag: programlisting
#: J2EE_Security_On_JBOSS.xml:1175
-#, fuzzy, no-c-format
+#, no-c-format
msgid ""
"<application-policy name=\"testLDAP\">\n"
" <authentication>\n"
@@ -4077,31 +4177,42 @@
" </authentication>\n"
" </application-policy>"
msgstr ""
-"<application-policy name=\"digest\">\n"
-" <authentication>\n"
-" <login-module code=\"org.jboss.security.auth.spi."
-"UsersRolesLoginModule\"\n"
-" flag=\"required\">\n"
-" <module-option name=\"usersProperties\">digest-users."
-"properties</module-option>\n"
-" <module-option name=\"rolesProperties\">digest-roles."
-"properties</module-option>\n"
-" <module-option name=\"hashAlgorithm\">MD5</module-"
+"<application-policy name=\"testLDAP\">\n"
+" <authentication>\n"
+" <login-module code=\"org.jboss.security.auth.spi."
+"LdapLoginModule\"\n"
+" flag=\"required\">\n"
+" <module-option name=\"java.naming.factory.initial\"> \n"
+" com.sun.jndi.ldap.LdapCtxFactory\n"
+" </module-option>\n"
+" <module-option name=\"java.naming.provider.url\">\n"
+" ldap://ldaphost.jboss.org:1389/\n"
+" </module-option>\n"
+" <module-option name=\"java.naming.security.authentication"
+"\">\n"
+" simple\n"
+" </module-option>\n"
+" <module-option name=\"principalDNPrefix\">uid=</"
+"module-option> \n"
+" <module-option name=\"principalDNSuffix\">\n"
+" ,ou=People,dc=jboss,dc=org\n"
+" </module-option>\n"
+"\n"
+" <module-option name=\"rolesCtxDN\">\n"
+" ou=Roles,dc=jboss,dc=org\n"
+" </module-option>\n"
+" <module-option name=\"uidAttributeID\">member</"
+"module-option>\n"
+" <module-option name=\"matchOnUserDN\">true</module-"
"option>\n"
-" <module-option name=\"hashEncoding\">rfc2617</module-"
+"\n"
+" <module-option name=\"roleAttributeID\">cn</module-"
"option>\n"
-" <module-option name=\"hashUserPassword\">false</module-"
-"option>\n"
-" <module-option name=\"hashStorePassword\">true</module-"
-"option>\n"
-" <module-option name=\"passwordIsA1Hash\">true</module-"
-"option>\n"
-" <module-option name=\"storeDigestCallback\">\n"
-" org.jboss.security.auth.spi.RFC2617Digest\n"
-" </module-option>\n"
-" </login-module>\n"
-" </authentication>\n"
-"</application-policy>"
+" <module-option name=\"roleAttributeIsDN\">false </"
+"module-option>\n"
+" </login-module>\n"
+" </authentication>\n"
+" </application-policy>"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:1176
@@ -4148,6 +4259,38 @@
"member: uid=jduke,ou=People,dc=jboss,dc=org\n"
"description: the JBossAdmin group"
msgstr ""
+"dn: dc=jboss,dc=org\n"
+"objectclass: top\n"
+"objectclass: dcObject\n"
+"objectclass: organization\n"
+"dc: jboss\n"
+"o: JBoss\n"
+"\n"
+"dn: ou=People,dc=jboss,dc=org\n"
+"objectclass: top\n"
+"objectclass: organizationalUnit\n"
+"ou: People\n"
+"\n"
+"dn: uid=jduke,ou=People,dc=jboss,dc=org\n"
+"objectclass: top\n"
+"objectclass: uidObject\n"
+"objectclass: person\n"
+"uid: jduke\n"
+"cn: Java Duke\n"
+"sn: Duke\n"
+"userPassword: theduke\n"
+"\n"
+"dn: ou=Roles,dc=jboss,dc=org\n"
+"objectclass: top\n"
+"objectclass: organizationalUnit\n"
+"ou: Roles\n"
+"\n"
+"dn: cn=JBossAdmin,ou=Roles,dc=jboss,dc=org\n"
+"objectclass: top\n"
+"objectclass: groupOfNames\n"
+"cn: JBossAdmin\n"
+"member: uid=jduke,ou=People,dc=jboss,dc=org\n"
+"description: the JBossAdmin group"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:1180
@@ -4289,6 +4432,10 @@
"INSERT INTO Roles VALUES('java', 'caller_java', '"
"CallerPrincipal')"
msgstr ""
+"INSERT INTO Principals VALUES('java', 'echoman')\n"
+"INSERT INTO Roles VALUES('java', 'Echo', 'Roles')\n"
+"INSERT INTO Roles VALUES('java', 'caller_java', '"
+"CallerPrincipal')"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:1215
@@ -4357,6 +4504,8 @@
"CREATE TABLE Users(username VARCHAR(64) PRIMARY KEY, passwd VARCHAR(64))\n"
"CREATE TABLE UserRoles(username VARCHAR(64), userRoles VARCHAR(32))"
msgstr ""
+"CREATE TABLE Users(username VARCHAR(64) PRIMARY KEY, passwd VARCHAR(64))\n"
+"CREATE TABLE UserRoles(username VARCHAR(64), userRoles VARCHAR(32))"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:1244
@@ -4366,7 +4515,7 @@
#. Tag: programlisting
#: J2EE_Security_On_JBOSS.xml:1247
-#, fuzzy, no-c-format
+#, no-c-format
msgid ""
"<policy>\n"
" <application-policy name=\"testDB\">\n"
@@ -4387,31 +4536,24 @@
" </application-policy>\n"
"</policy>"
msgstr ""
-"<application-policy name=\"digest\">\n"
-" <authentication>\n"
-" <login-module code=\"org.jboss.security.auth.spi."
-"UsersRolesLoginModule\"\n"
-" flag=\"required\">\n"
-" <module-option name=\"usersProperties\">digest-users."
-"properties</module-option>\n"
-" <module-option name=\"rolesProperties\">digest-roles."
-"properties</module-option>\n"
-" <module-option name=\"hashAlgorithm\">MD5</module-"
-"option>\n"
-" <module-option name=\"hashEncoding\">rfc2617</module-"
-"option>\n"
-" <module-option name=\"hashUserPassword\">false</module-"
-"option>\n"
-" <module-option name=\"hashStorePassword\">true</module-"
-"option>\n"
-" <module-option name=\"passwordIsA1Hash\">true</module-"
-"option>\n"
-" <module-option name=\"storeDigestCallback\">\n"
-" org.jboss.security.auth.spi.RFC2617Digest\n"
-" </module-option>\n"
-" </login-module>\n"
-" </authentication>\n"
-"</application-policy>"
+"<policy>\n"
+" <application-policy name=\"testDB\">\n"
+" <authentication>\n"
+" <login-module code=\"org.jboss.security.auth.spi."
+"DatabaseServerLoginModule\"\n"
+" flag=\"required\">\n"
+" <module-option name=\"dsJndiName\">java:/"
+"MyDatabaseDS</module-option>\n"
+" <module-option name=\"principalsQuery\">\n"
+" select passwd from Users username where username=?</"
+"module-option>\n"
+" <module-option name=\"rolesQuery\">\n"
+" select userRoles, 'Roles' from UserRoles where "
+"username=?</module-option>\n"
+" </login-module>\n"
+" </authentication>\n"
+" </application-policy>\n"
+"</policy>"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:1248
@@ -4425,7 +4567,7 @@
#: J2EE_Security_On_JBOSS.xml:1254
#, no-c-format
msgid "BaseCertLoginModule"
-msgstr ""
+msgstr "BaseCertLoginModule"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:1255
@@ -4456,7 +4598,7 @@
#. Tag: programlisting
#: J2EE_Security_On_JBOSS.xml:1261
-#, fuzzy, no-c-format
+#, no-c-format
msgid ""
"<mbean code=\"org.jboss.security.plugins.JaasSecurityDomain\"\n"
" name=\"jboss.ch8:service=SecurityDomain\">\n"
@@ -4469,12 +4611,15 @@
"attribute>\n"
"</mbean>"
msgstr ""
-"<mbean code=\"org.jboss.ha.jndi.HANamingService\" \n"
-" name=\"jboss:service=HAJNDI\"> \n"
-" <depends>jboss:service=MySpecialPartition</depends> \n"
-" <attribute name=\"PartitionName\">MySpecialPartition</"
-"attribute> \n"
-" <attribute name=\"Port\">56789</attribute> \n"
+"<mbean code=\"org.jboss.security.plugins.JaasSecurityDomain\"\n"
+" name=\"jboss.ch8:service=SecurityDomain\">\n"
+" <constructor>\n"
+" <arg type=\"java.lang.String\" value=\"jmx-console\"/>\n"
+" </constructor>\n"
+" <attribute name=\"KeyStoreURL\">resource:localhost.keystore</"
+"attribute>\n"
+" <attribute name=\"KeyStorePass\">unit-tests-server</"
+"attribute>\n"
"</mbean>"
#. Tag: para
@@ -4493,7 +4638,7 @@
#. Tag: programlisting
#: J2EE_Security_On_JBOSS.xml:1265
-#, fuzzy, no-c-format
+#, no-c-format
msgid ""
"<?xml version=\"1.0\"?>\n"
"<!DOCTYPE web-app PUBLIC\n"
@@ -4528,23 +4673,15 @@
msgstr ""
"<?xml version=\"1.0\"?>\n"
"<!DOCTYPE web-app PUBLIC\n"
-" \"-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN\"\n"
-" \"http://java.sun.com/dtd/web-app_2_3.dtd\">\n"
-"<web-app>\n"
-" <!-- ... -->\n"
-" \n"
-" <!-- A security constraint that restricts access to the HTML JMX "
-"console\n"
-" to users with the role JBossAdmin. Edit the roles to what you want "
-"and\n"
-" uncomment the WEB-INF/jboss-web.xml/security-domain element to "
-"enable\n"
-" secured access to the HTML JMX console.\n"
-" -->\n"
+" \"-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
+"\"\n"
+" \"http://java.sun.com/dtd/web-app_2_3.dtd\">\n"
+"<web-app> \n"
+" ... \n"
" <security-constraint>\n"
" <web-resource-collection>\n"
" <web-resource-name>HtmlAdaptor</web-resource-name>\n"
-" <description> An example security config that only allows "
+" <description>An example security config that only allows "
"users with\n"
" the role JBossAdmin to access the HTML JMX console web\n"
" application </description>\n"
@@ -4557,7 +4694,7 @@
" </auth-constraint>\n"
" </security-constraint>\n"
" <login-config>\n"
-" <auth-method>BASIC</auth-method>\n"
+" <auth-method>CLIENT-CERT</auth-method>\n"
" <realm-name>JBoss JMX Console</realm-name>\n"
" </login-config>\n"
" <security-role>\n"
@@ -4575,14 +4712,14 @@
#. Tag: programlisting
#: J2EE_Security_On_JBOSS.xml:1269
-#, fuzzy, no-c-format
+#, no-c-format
msgid ""
"<jboss-web>\n"
" <security-domain>java:/jaas/jmx-console</security-domain>\n"
"</jboss-web>"
msgstr ""
"<jboss-web>\n"
-" <security-domain>java:/jaas/http-invoker</security-domain>\n"
+" <security-domain>java:/jaas/jmx-console</security-domain>\n"
"</jboss-web>"
#. Tag: para
@@ -4596,7 +4733,7 @@
#. Tag: programlisting
#: J2EE_Security_On_JBOSS.xml:1273
-#, fuzzy, no-c-format
+#, no-c-format
msgid ""
"<application-policy name=\"jmx-console\">\n"
" <authentication>\n"
@@ -4621,28 +4758,25 @@
" </authentication>\n"
"</application-policy>"
msgstr ""
-"<application-policy name=\"digest\">\n"
+"<application-policy name=\"jmx-console\">\n"
" <authentication>\n"
" <login-module code=\"org.jboss.security.auth.spi."
-"UsersRolesLoginModule\"\n"
+"BaseCertLoginModule\" \n"
" flag=\"required\">\n"
-" <module-option name=\"usersProperties\">digest-users."
+" <module-option name=\"password-stacking\">useFirstPass</"
+"module-option>\n"
+" <module-option name=\"securityDomain\">java:/jaas/jmx-"
+"console</module-option>\n"
+" </login-module>\n"
+" <login-module code=\"org.jboss.security.auth.spi."
+"UsersRolesLoginModule\" \n"
+" flag=\"required\">\n"
+" <module-option name=\"password-stacking\">useFirstPass</"
+"module-option>\n"
+" <module-option name=\"usersProperties\">jmx-console-users."
"properties</module-option>\n"
-" <module-option name=\"rolesProperties\">digest-roles."
+" <module-option name=\"rolesProperties\">jmx-console-roles."
"properties</module-option>\n"
-" <module-option name=\"hashAlgorithm\">MD5</module-"
-"option>\n"
-" <module-option name=\"hashEncoding\">rfc2617</module-"
-"option>\n"
-" <module-option name=\"hashUserPassword\">false</module-"
-"option>\n"
-" <module-option name=\"hashStorePassword\">true</module-"
-"option>\n"
-" <module-option name=\"passwordIsA1Hash\">true</module-"
-"option>\n"
-" <module-option name=\"storeDigestCallback\">\n"
-" org.jboss.security.auth.spi.RFC2617Digest\n"
-" </module-option>\n"
" </login-module>\n"
" </authentication>\n"
"</application-policy>"
@@ -4679,6 +4813,19 @@
" MD5: 4A:9C:2B:CD:1B:50:AA:85:DD:89:F6:1D:F5:AF:9E:AB\n"
" SHA1: DE:DE:86:59:05:6C:00:E8:CC:C0:16:D3:C2:68:BF:95:B8:83:E9:58"
msgstr ""
+"[starksm at banshee9100 conf]$ keytool -printcert -file unit-tests-client."
+"export\n"
+"Owner: CN=unit-tests-client, OU=JBoss Inc., O=JBoss Inc., ST=Washington, "
+"C=US\n"
+"Issuer: CN=jboss.com, C=US, ST=Washington, L=Snoqualmie Pass, "
+"EMAILADDRESS=admin\n"
+"@jboss.com, OU=QA, O=JBoss Inc.\n"
+"Serial number: 100103\n"
+"Valid from: Wed May 26 07:34:34 PDT 2004 until: Thu May 26 07:34:34 PDT "
+"2005\n"
+"Certificate fingerprints:\n"
+" MD5: 4A:9C:2B:CD:1B:50:AA:85:DD:89:F6:1D:F5:AF:9E:AB\n"
+" SHA1: DE:DE:86:59:05:6C:00:E8:CC:C0:16:D3:C2:68:BF:95:B8:83:E9:58"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:1278
@@ -4702,6 +4849,10 @@
"\\=Washington,\\ C\\=US=JBossAdmin\n"
"admin=JBossAdmin"
msgstr ""
+"# A sample roles.properties file for use with the UsersRolesLoginModule\n"
+"CN\\=unit-tests-client,\\ OU\\=JBoss\\ Inc.,\\ O\\=JBoss\\ Inc.,\\ ST"
+"\\=Washington,\\ C\\=US=JBossAdmin\n"
+"admin=JBossAdmin"
#. Tag: title
#: J2EE_Security_On_JBOSS.xml:1285
@@ -4778,6 +4929,20 @@
" </application-policy>\n"
"</policy>"
msgstr ""
+"<policy>\n"
+" <application-policy name=\"testIdentity\">\n"
+" <authentication>\n"
+" <login-module code=\"org.jboss.security.auth.spi."
+"IdentityLoginModule\"\n"
+" flag=\"required\">\n"
+" <module-option name=\"principal\">jduke</module-"
+"option>\n"
+" <module-option name=\"roles\">TheDuke,"
+"AnimatedCharater</module-option>\n"
+" </login-module>\n"
+" </authentication>\n"
+" </application-policy>\n"
+"</policy>"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:1308
@@ -4925,6 +5090,14 @@
" // Put your login modules that need jBoss here\n"
"};"
msgstr ""
+"other {\n"
+" // Put your login modules that work without jBoss here\n"
+" \n"
+" // jBoss LoginModule\n"
+" org.jboss.security.ClientLoginModule required;\n"
+" \n"
+" // Put your login modules that need jBoss here\n"
+"};"
#. Tag: title
#: J2EE_Security_On_JBOSS.xml:1367
@@ -4968,6 +5141,12 @@
"java.util.Set getPublicCredentials()\n"
"java.util.Set getPublicCredentials(java.lang.Class c)"
msgstr ""
+"java.util.Set getPrincipals()\n"
+"java.util.Set getPrincipals(java.lang.Class c)\n"
+"java.util.Set getPrivateCredentials()\n"
+"java.util.Set getPrivateCredentials(java.lang.Class c)\n"
+"java.util.Set getPublicCredentials()\n"
+"java.util.Set getPublicCredentials(java.lang.Class c)"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:1375
@@ -5149,6 +5328,104 @@
" abstract protected Group[] getRoleSets() throws LoginException;\n"
"}"
msgstr ""
+"package org.jboss.security.auth.spi;\n"
+"/**\n"
+" * This class implements the common functionality required for a JAAS\n"
+" * server-side LoginModule and implements the JBossSX standard\n"
+" * Subject usage pattern of storing identities and roles. Subclass\n"
+" * this module to create your own custom LoginModule and override the\n"
+" * login(), getRoleSets(), and getIdentity() methods.\n"
+" */\n"
+"public abstract class AbstractServerLoginModule\n"
+" implements javax.security.auth.spi.LoginModule\n"
+"{\n"
+" protected Subject subject;\n"
+" protected CallbackHandler callbackHandler;\n"
+" protected Map sharedState;\n"
+" protected Map options;\n"
+" protected Logger log;\n"
+"\n"
+" /** Flag indicating if the shared credential should be used */\n"
+" protected boolean useFirstPass;\n"
+" /** \n"
+" * Flag indicating if the login phase succeeded. Subclasses that\n"
+" * override the login method must set this to true on successful\n"
+" * completion of login\n"
+" */\n"
+" protected boolean loginOk;\n"
+" \n"
+" // ...\n"
+" /**\n"
+" * Initialize the login module. This stores the subject,\n"
+" * callbackHandler and sharedState and options for the login\n"
+" * session. Subclasses should override if they need to process\n"
+" * their own options. A call to super.initialize(...) must be\n"
+" * made in the case of an override.\n"
+" *\n"
+" * <p>\n"
+" * The options are checked for the <em>password-stacking</"
+"em> parameter.\n"
+" * If this is set to \"useFirstPass\", the login identity will be taken "
+"from the\n"
+" * <code>javax.security.auth.login.name</code> value of the "
+"sharedState map,\n"
+" * and the proof of identity from the\n"
+" * <code>javax.security.auth.login.password</code> value of "
+"the sharedState map.\n"
+" *\n"
+" * @param subject the Subject to update after a successful login.\n"
+" * @param callbackHandler the CallbackHandler that will be used to "
+"obtain the\n"
+" * the user identity and credentials.\n"
+" * @param sharedState a Map shared between all configured login module "
+"instances\n"
+" * @param options the parameters passed to the login module.\n"
+" */\n"
+" public void initialize(Subject subject,\n"
+" CallbackHandler callbackHandler,\n"
+" Map sharedState,\n"
+" Map options)\n"
+" {\n"
+" // ...\n"
+" }\n"
+" \n"
+"\n"
+" /**\n"
+" * Looks for javax.security.auth.login.name and\n"
+" * javax.security.auth.login.password values in the sharedState\n"
+" * map if the useFirstPass option was true and returns true if\n"
+" * they exist. If they do not or are null this method returns\n"
+" * false. \n"
+" * Note that subclasses that override the login method\n"
+" * must set the loginOk var to true if the login succeeds in\n"
+" * order for the commit phase to populate the Subject. This\n"
+" * implementation sets loginOk to true if the login() method\n"
+" * returns true, otherwise, it sets loginOk to false.\n"
+" */\n"
+" public boolean login() \n"
+" throws LoginException\n"
+" {\n"
+" // ...\n"
+" }\n"
+" \n"
+" /**\n"
+" * Overridden by subclasses to return the Principal that\n"
+" * corresponds to the user primary identity.\n"
+" */\n"
+" abstract protected Principal getIdentity();\n"
+" \n"
+" /**\n"
+" * Overridden by subclasses to return the Groups that correspond\n"
+" * to the role sets assigned to the user. Subclasses should\n"
+" * create at least a Group named \"Roles\" that contains the roles\n"
+" * assigned to the user. A second common group is\n"
+" * \"CallerPrincipal,\" which provides the application identity of\n"
+" * the user rather than the security domain identity.\n"
+" * \n"
+" * @return Group[] containing the sets of roles\n"
+" */\n"
+" abstract protected Group[] getRoleSets() throws LoginException;\n"
+"}"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:1396
@@ -5275,6 +5552,97 @@
" throws LoginException;\n"
"}"
msgstr ""
+"package org.jboss.security.auth.spi;\n"
+"\n"
+"/**\n"
+" * An abstract subclass of AbstractServerLoginModule that imposes a\n"
+" * an identity == String username, credentials == String password\n"
+" * view on the login process. Subclasses override the\n"
+" * getUsersPassword() and getUsersRoles() methods to return the\n"
+" * expected password and roles for the user.\n"
+" */\n"
+"public abstract class UsernamePasswordLoginModule\n"
+" extends AbstractServerLoginModule\n"
+"{\n"
+" /** The login identity */\n"
+" private Principal identity;\n"
+" /** The proof of login identity */\n"
+" private char[] credential;\n"
+" /** The principal to use when a null username and password are seen */\n"
+" private Principal unauthenticatedIdentity;\n"
+"\n"
+" /**\n"
+" * The message digest algorithm used to hash passwords. If null then\n"
+" * plain passwords will be used. */\n"
+" private String hashAlgorithm = null;\n"
+"\n"
+" /**\n"
+" * The name of the charset/encoding to use when converting the\n"
+" * password String to a byte array. Default is the platform's\n"
+" * default encoding.\n"
+" */\n"
+" private String hashCharset = null;\n"
+"\n"
+" /** The string encoding format to use. Defaults to base64. */\n"
+" private String hashEncoding = null;\n"
+" \n"
+" // ...\n"
+" \n"
+" /** \n"
+" * Override the superclass method to look for an\n"
+" * unauthenticatedIdentity property. This method first invokes\n"
+" * the super version.\n"
+" *\n"
+" * @param options,\n"
+" * @option unauthenticatedIdentity: the name of the principal to\n"
+" * assign and authenticate when a null username and password are\n"
+" * seen.\n"
+" */\n"
+" public void initialize(Subject subject,\n"
+" CallbackHandler callbackHandler,\n"
+" Map sharedState,\n"
+" Map options)\n"
+" {\n"
+" super.initialize(subject, callbackHandler, sharedState,\n"
+" options);\n"
+" // Check for unauthenticatedIdentity option.\n"
+" Object option = options.get(\"unauthenticatedIdentity\");\n"
+" String name = (String) option;\n"
+" if (name != null) {\n"
+" unauthenticatedIdentity = new SimplePrincipal(name);\n"
+" }\n"
+" }\n"
+" \n"
+" // ...\n"
+" \n"
+" /**\n"
+" * A hook that allows subclasses to change the validation of the\n"
+" * input password against the expected password. This version\n"
+" * checks that neither inputPassword or expectedPassword are null\n"
+" * and that inputPassword.equals(expectedPassword) is true;\n"
+" *\n"
+" * @return true if the inputPassword is valid, false otherwise.\n"
+" */\n"
+" protected boolean validatePassword(String inputPassword,\n"
+" String expectedPassword)\n"
+" {\n"
+" if (inputPassword == null || expectedPassword == null) {\n"
+" return false;\n"
+" }\n"
+" return inputPassword.equals(expectedPassword);\n"
+" }\n"
+" \n"
+" /**\n"
+" * Get the expected password for the current username available\n"
+" * via the getUsername() method. This is called from within the\n"
+" * login() method after the CallbackHandler has returned the\n"
+" * username and candidate password.\n"
+" *\n"
+" * @return the valid password String\n"
+" */\n"
+" abstract protected String getUsersPassword()\n"
+" throws LoginException;\n"
+"}"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:1403
@@ -5507,6 +5875,98 @@
" } \n"
"}"
msgstr ""
+"package org.jboss.book.security.ex2;\n"
+" \n"
+"import java.security.acl.Group;\n"
+"import java.util.Map;\n"
+"import javax.naming.InitialContext;\n"
+"import javax.naming.NamingException;\n"
+"import javax.security.auth.Subject;\n"
+"import javax.security.auth.callback.CallbackHandler;\n"
+"import javax.security.auth.login.LoginException;\n"
+"\n"
+"import org.jboss.security.SimpleGroup;\n"
+"import org.jboss.security.SimplePrincipal;\n"
+"import org.jboss.security.auth.spi.UsernamePasswordLoginModule;\n"
+"\n"
+"/** \n"
+" * An example custom login module that obtains passwords and roles\n"
+" * for a user from a JNDI lookup.\n"
+" * \n"
+" * @author Scott.Stark at jboss.org\n"
+" * @version $Revision: 1.12 $\n"
+"*/\n"
+"public class JndiUserAndPass \n"
+" extends UsernamePasswordLoginModule\n"
+"{\n"
+" /** The JNDI name to the context that handles the password/username "
+"lookup */\n"
+" private String userPathPrefix;\n"
+" /** The JNDI name to the context that handles the roles/ username lookup "
+"*/\n"
+" private String rolesPathPrefix;\n"
+" \n"
+" /**\n"
+" * Override to obtain the userPathPrefix and rolesPathPrefix options.\n"
+" */\n"
+" public void initialize(Subject subject, CallbackHandler "
+"callbackHandler,\n"
+" Map sharedState, Map options)\n"
+" {\n"
+" super.initialize(subject, callbackHandler, sharedState, options);\n"
+" userPathPrefix = (String) options.get(\"userPathPrefix\");\n"
+" rolesPathPrefix = (String) options.get(\"rolesPathPrefix\");\n"
+" }\n"
+" \n"
+" /**\n"
+" * Get the roles the current user belongs to by querying the\n"
+" * rolesPathPrefix + '/' + super.getUsername() JNDI location.\n"
+" */\n"
+" protected Group[] getRoleSets() throws LoginException\n"
+" {\n"
+" try {\n"
+" InitialContext ctx = new InitialContext();\n"
+" String rolesPath = rolesPathPrefix + '/' + super."
+"getUsername();\n"
+"\n"
+" String[] roles = (String[]) ctx.lookup(rolesPath);\n"
+" Group[] groups = {new SimpleGroup(\"Roles\")};\n"
+" log.info(\"Getting roles for user=\"+super.getUsername());\n"
+" for(int r = 0; r < roles.length; r ++) {\n"
+" SimplePrincipal role = new SimplePrincipal(roles[r]);\n"
+" log.info(\"Found role=\"+roles[r]);\n"
+" groups[0].addMember(role);\n"
+" }\n"
+" return groups;\n"
+" } catch(NamingException e) {\n"
+" log.error(\"Failed to obtain groups for\n"
+" user=\"+super.getUsername(), e);\n"
+" throw new LoginException(e.toString(true));\n"
+" }\n"
+" }\n"
+" \n"
+" /** \n"
+" * Get the password of the current user by querying the\n"
+" * userPathPrefix + '/' + super.getUsername() JNDI location.\n"
+" */\n"
+" protected String getUsersPassword() \n"
+" throws LoginException\n"
+" {\n"
+" try {\n"
+" InitialContext ctx = new InitialContext();\n"
+" String userPath = userPathPrefix + '/' + super."
+"getUsername();\n"
+" log.info(\"Getting password for user=\"+super.getUsername());\n"
+" String passwd = (String) ctx.lookup(userPath);\n"
+" log.info(\"Found password=\"+passwd);\n"
+" return passwd;\n"
+" } catch(NamingException e) {\n"
+" log.error(\"Failed to obtain password for\n"
+" user=\"+super.getUsername(), e);\n"
+" throw new LoginException(e.toString(true));\n"
+" }\n"
+" } \n"
+"}"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:1466
@@ -5548,6 +6008,14 @@
" [java] [INFO,ExClient] Created Echo\n"
" [java] [INFO,ExClient] Echo.echo('Hello') = Hello"
msgstr ""
+"[examples]$ ant -Dchap=security -Dex=2 run-example\n"
+"...\n"
+"run-example2:\n"
+" [echo] Waiting for 5 seconds for deploy...\n"
+" [java] [INFO,ExClient] Login with username=jduke, password=theduke\n"
+" [java] [INFO,ExClient] Looking up EchoBean2\n"
+" [java] [INFO,ExClient] Created Echo\n"
+" [java] [INFO,ExClient] Echo.echo('Hello') = Hello"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:1473
@@ -5561,16 +6029,17 @@
#. Tag: programlisting
#: J2EE_Security_On_JBOSS.xml:1476
-#, fuzzy, no-c-format
+#, no-c-format
msgid ""
"<?xml version=\"1.0\"?>\n"
"<jboss>\n"
" <security-domain>java:/jaas/security-ex2</security-domain>\n"
"</jboss>"
msgstr ""
-"<jboss-web>\n"
-" <security-domain>java:/jaas/digest</security-domain>\n"
-"</jboss-web>"
+"<?xml version=\"1.0\"?>\n"
+"<jboss>\n"
+" <security-domain>java:/jaas/security-ex2</security-domain>\n"
+"</jboss>"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:1477
@@ -5597,6 +6066,18 @@
" </authentication>\n"
"</application-policy>"
msgstr ""
+"<application-policy name = \"security-ex2\">\n"
+" <authentication>\n"
+" <login-module code=\"org.jboss.book.security.ex2.JndiUserAndPass"
+"\"\n"
+" flag=\"required\">\n"
+" <module-option name = \"userPathPrefix\">/security/store/"
+"password</module-option>\n"
+" <module-option name = \"rolesPathPrefix\">/security/store/"
+"roles</module-option>\n"
+" </login-module>\n"
+" </authentication>\n"
+"</application-policy>"
#. Tag: title
#: J2EE_Security_On_JBOSS.xml:1488
@@ -5848,6 +6329,15 @@
" ;\n"
"};"
msgstr ""
+"srp {\n"
+" org.jboss.security.srp.jaas.SRPLoginModule required\n"
+" srpServerJndiName=\"SRPServerInterface\"\n"
+" ;\n"
+" \n"
+" org.jboss.security.ClientLoginModule required\n"
+" password-stacking=\"useFirstPass\"\n"
+" ;\n"
+"};"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:1587
@@ -6128,6 +6618,57 @@
" throws SecurityException;\n"
"}"
msgstr ""
+"package org.jboss.security.srp;\n"
+"\n"
+"import java.io.IOException;\n"
+"import java.io.Serializable;\n"
+"import java.security.KeyException;\n"
+"\n"
+"public interface SRPVerifierStore\n"
+"{\n"
+" public static class VerifierInfo implements Serializable\n"
+" {\n"
+" /**\n"
+" * The username the information applies to. Perhaps redundant\n"
+" * but it makes the object self contained.\n"
+" */\n"
+" public String username;\n"
+"\n"
+" /** The SRP password verifier hash */\n"
+" public byte[] verifier;\n"
+" /** The random password salt originally used to verify the password "
+"*/\n"
+" public byte[] salt;\n"
+" /** The SRP algorithm primitive generator */\n"
+" public byte[] g;\n"
+" /** The algorithm safe-prime modulus */\n"
+" public byte[] N;\n"
+" }\n"
+" \n"
+" /**\n"
+" * Get the indicated user's password verifier information.\n"
+" */\n"
+" public VerifierInfo getUserVerifier(String username)\n"
+" throws KeyException, IOException;\n"
+" /** \n"
+" * Set the indicated users' password verifier information. This\n"
+" * is equivalent to changing a user's password and should\n"
+" * generally invalidate any existing SRP sessions and caches.\n"
+" */\n"
+" public void setUserVerifier(String username, VerifierInfo info)\n"
+" throws IOException;\n"
+"\n"
+" /** \n"
+" * Verify an optional auxiliary challenge sent from the client to\n"
+" * the server. The auxChallenge object will have been decrypted\n"
+" * if it was sent encrypted from the client. An example of a\n"
+" * auxiliary challenge would be the validation of a hardware token\n"
+" * (SafeWord, SecureID, iButton) that the server validates to\n"
+" * further strengthen the SRP password exchange.\n"
+" */\n"
+" public void verifyUserChallenge(String username, Object auxChallenge)\n"
+" throws SecurityException;\n"
+"}"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:1671
@@ -6454,6 +6995,16 @@
"users.properties\n"
"security-ex3.sar"
msgstr ""
+"[examples]$ jar tf output/security/security-ex3.jar \n"
+"META-INF/MANIFEST.MF\n"
+"META-INF/ejb-jar.xml\n"
+"META-INF/jboss.xml\n"
+"org/jboss/book/security/ex3/Echo.class\n"
+"org/jboss/book/security/ex3/EchoBean.class\n"
+"org/jboss/book/security/ex3/EchoHome.class\n"
+"roles.properties\n"
+"users.properties\n"
+"security-ex3.sar"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:1787
@@ -6520,6 +7071,45 @@
" </mbean>\n"
"</server>"
msgstr ""
+"<server>\n"
+" <!-- The custom JAAS login configuration that installs\n"
+" a Configuration capable of dynamically updating the\n"
+" config settings -->\n"
+"\n"
+" <mbean code=\"org.jboss.book.security.service.SecurityConfig\" \n"
+" name=\"jboss.docs.security:service=LoginConfig-EX3\">\n"
+" <attribute name=\"AuthConfig\">META-INF/login-config.xml</"
+"attribute>\n"
+" <attribute name=\"SecurityConfigName\">jboss.security:"
+"name=SecurityConfig</attribute>\n"
+" </mbean>\n"
+"\n"
+" <!-- The SRP service that provides the SRP RMI server and server "
+"side\n"
+" authentication cache -->\n"
+" <mbean code=\"org.jboss.security.srp.SRPService\" \n"
+" name=\"jboss.docs.security:service=SRPService\">\n"
+" <attribute name=\"VerifierSourceJndiName\">srp-test/security-"
+"ex3</attribute>\n"
+" <attribute name=\"JndiName\">srp-test/SRPServerInterface</"
+"attribute>\n"
+" <attribute name=\"AuthenticationCacheJndiName\">srp-test/"
+"AuthenticationCache</attribute>\n"
+" <attribute name=\"ServerPort\">0</attribute>\n"
+" <depends>jboss.docs.security:"
+"service=PropertiesVerifierStore</depends>\n"
+" </mbean>\n"
+"\n"
+" <!-- The SRP store handler service that provides the user password "
+"verifier\n"
+" information -->\n"
+" <mbean code=\"org.jboss.security.ex3.service.PropertiesVerifierStore"
+"\"\n"
+" name=\"jboss.docs.security:service=PropertiesVerifierStore\">\n"
+" <attribute name=\"JndiName\">srp-test/security-ex3</"
+"attribute>\n"
+" </mbean>\n"
+"</server>"
#. Tag: title
#: J2EE_Security_On_JBOSS.xml:1792
@@ -6541,6 +7131,15 @@
" ;\n"
"};"
msgstr ""
+"srp {\n"
+" org.jboss.security.srp.jaas.SRPLoginModule required\n"
+" srpServerJndiName=\"srp-test/SRPServerInterface\"\n"
+" ;\n"
+" \n"
+" org.jboss.security.ClientLoginModule required\n"
+" password-stacking=\"useFirstPass\"\n"
+" ;\n"
+"};"
#. Tag: title
#: J2EE_Security_On_JBOSS.xml:1794
@@ -6569,6 +7168,22 @@
" </authentication>\n"
"</application-policy>"
msgstr ""
+"<application-policy name=\"security-ex3\">\n"
+" <authentication>\n"
+" <login-module code=\"org.jboss.security.srp.jaas."
+"SRPCacheLoginModule\"\n"
+" flag = \"required\">\n"
+" <module-option name=\"cacheJndiName\">srp-test/"
+"AuthenticationCache</module-option>\n"
+" </login-module>\n"
+" <login-module code=\"org.jboss.security.auth.spi."
+"UsersRolesLoginModule\"\n"
+" flag = \"required\">\n"
+" <module-option name=\"password-stacking\">useFirstPass</"
+"module-option>\n"
+" </login-module>\n"
+" </authentication>\n"
+"</application-policy>"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:1796
@@ -6647,6 +7262,14 @@
" [java] Echo.echo()#1 = This is call 1\n"
" [java] Echo.echo()#2 = This is call 2"
msgstr ""
+"[examples]$ ant -Dchap=security -Dex=3 run-example\n"
+"...\n"
+"run-example3:\n"
+" [echo] Waiting for 5 seconds for deploy...\n"
+" [java] Logging in using the 'srp' configuration\n"
+" [java] Created Echo\n"
+" [java] Echo.echo()#1 = This is call 1\n"
+" [java] Echo.echo()#2 = This is call 2"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:1809
@@ -6752,6 +7375,10 @@
" permission java.security.AllPermission;\n"
"};"
msgstr ""
+"grant {\n"
+" // Allow everything for now\n"
+" permission java.security.AllPermission;\n"
+"};"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:1845
@@ -6792,7 +7419,7 @@
#: J2EE_Security_On_JBOSS.xml:1867
#, no-c-format
msgid "org.jboss.security.SecurityAssociation.getPrincipalInfo"
-msgstr ""
+msgstr "org.jboss.security.SecurityAssociation.getPrincipalInfo"
#. Tag: entry
#: J2EE_Security_On_JBOSS.xml:1870
@@ -6812,7 +7439,7 @@
#: J2EE_Security_On_JBOSS.xml:1878
#, no-c-format
msgid "org.jboss.security.SecurityAssociation.setPrincipalInfo"
-msgstr ""
+msgstr "org.jboss.security.SecurityAssociation.setPrincipalInfo"
#. Tag: entry
#: J2EE_Security_On_JBOSS.xml:1881
@@ -6903,6 +7530,25 @@
"\n"
"Note: Separate multiple options with a comma"
msgstr ""
+"[bin]$ java -Djava.security.debug=help\n"
+" \n"
+"all turn on all debugging\n"
+"access print all checkPermission results\n"
+"combiner SubjectDomainCombiner debugging\n"
+"jar jar verification\n"
+"logincontext login context results\n"
+"policy loading and granting\n"
+"provider security provider debugging\n"
+"scl permissions SecureClassLoader assigns\n"
+"\n"
+"The following can be used with access:\n"
+"\n"
+"stack include stack trace\n"
+"domain dumps all domains in context\n"
+"failure before throwing exception, dump stack\n"
+" and domain that didn't have permission\n"
+"\n"
+"Note: Separate multiple options with a comma"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:1916
@@ -6921,7 +7567,7 @@
#: J2EE_Security_On_JBOSS.xml:1922
#, no-c-format
msgid "Using SSL with JBoss using JSSE"
-msgstr ""
+msgstr "在 JBoss 里使用 SSL"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:1923
@@ -6934,7 +7580,7 @@
"certificate using the JDK keytool and included the resulting keystore file, "
"<literal>example.keystore</literal>. It was created using the following "
"command and input:"
-msgstr ""
+msgstr "JBoss 把 JSEE(Java Secure Socket Extension,JSSE)用于 SSL。JSSE 捆绑在 JDK 1.4 里。要使用 JSSE,你需要一个 SSL 服务器套接字使用的 X509 证书类型的公共密钥/私有密钥对。为了演示这个例子,我们已经用 JDK keytool 创建了一个自有签名的证书并包含了 keystore 文件:<literal>example.keystore</literal>。它是用下列命令和输入来创建的:"
#. Tag: programlisting
#: J2EE_Security_On_JBOSS.xml:1926
@@ -6944,6 +7590,9 @@
"+ssl -keyalg RSA -alias example -validity 3650 -dname \"cn=example,ou=admin "
"book,dc=jboss,dc=org\""
msgstr ""
+"keytool -genkey -keystore example.keystore -storepass rmi+ssl -keypass rmi"
+"+ssl -keyalg RSA -alias example -validity 3650 -dname \"cn=example,ou=admin "
+"book,dc=jboss,dc=org\""
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:1927
@@ -6952,7 +7601,7 @@
"This produces a keystore file called <literal>example.keystore</literal>. A "
"keystore is a database of security keys. There are two different types of "
"entries in a keystore:"
-msgstr ""
+msgstr "这产生了一个名为 <literal>example.keystore</literal> 的 keystore 文件。keystore 是包含安全密钥的数据库文件。在 keystore 里有两种不同类型的条目:"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:1932
@@ -6966,6 +7615,8 @@
"<literal>jarsigner</literal> tools only handle the later type of entry, that "
"is private keys and their associated certificate chains."
msgstr ""
+"<emphasis role=\"bold\">key entries</emphasis>:每个条目都保持非常敏感的用密码编码的关键信息,它以受保护的形式储存来防止未授权的访问。通常,以这种形式保存的密钥是一个秘密密钥(secret key),或伴随有对应公共密钥的证书链的私有密钥。<literal>keytool</literal> 和 "
+"<literal>jarsigner</literal> 工具只处理后一种类型的条目,也就是私有密钥及其相关的证书链。"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:1937
@@ -6977,7 +7628,7 @@
"public key in the certificate indeed belongs to the identity identified by "
"the subject (owner) of the certificate. The issuer of the certificate "
"vouches for this, by signing the certificate."
-msgstr ""
+msgstr "<emphasis role=\"bold\">trusted certificate entries</emphasis>:每个条目都包含单一的属于另外一方的公共密钥。这之所以被称为信任证书(trusted certificate)是因为 keystore 的所有者相信证书里的公共密钥确实是属于证书主体(拥有者)标识的对象的。证书的发行者通过签名来保证这一点。"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:1942
@@ -6987,6 +7638,8 @@
"literal> examples file contents using the keytool shows one self-signed "
"certificate:"
msgstr ""
+"<literal>src/main/org/jboss/book/security/example.keystore</"
+"literal> 示例的内容展示了一个自签名的证书:"
#. Tag: programlisting
#: J2EE_Security_On_JBOSS.xml:1945
@@ -7019,6 +7672,32 @@
"*******************************************\n"
"*******************************************"
msgstr ""
+"[examples]$ keytool -list -v -keystore src/main/org/jboss/book/security/"
+"example.keystore\n"
+"Enter keystore password: rmi+ssl\n"
+"\n"
+"Keystore type: jks\n"
+"Keystore provider: SUN\n"
+"\n"
+"Your keystore contains 1 entry\n"
+"\n"
+"Alias name: example\n"
+"Creation date: Oct 31, 2006\n"
+"Entry type: keyEntry\n"
+"Certificate chain length: 1\n"
+"Certificate[1]:\n"
+"Owner: CN=example, OU=admin book, DC=jboss, DC=org\n"
+"Issuer: CN=example, OU=admin book, DC=jboss, DC=org\n"
+"Serial number: 45481c1b\n"
+"Valid from: Tue Oct 31 22:01:31 CST 2006 until: Fri Oct 28 23:01:31 CDT "
+"2016\n"
+"Certificate fingerprints:\n"
+" MD5: C2:CA:CA:D3:00:71:3E:32:CB:B3:C8:A8:4E:68:9A:BB\n"
+" SHA1: A6:44:EF:66:2A:49:14:B0:A4:14:74:8B:64:61:E4:E6:AF:E3:70:41\n"
+"\n"
+"\n"
+"*******************************************\n"
+"*******************************************"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:1946
@@ -7065,6 +7744,17 @@
" <attribute name=\"KeyStorePass\">rmi+ssl</attribute>\n"
"</mbean>"
msgstr ""
+"<!-- The SSL domain setup -->\n"
+"<mbean code=\"org.jboss.security.plugins.JaasSecurityDomain\"\n"
+" name=\"jboss.security:service=JaasSecurityDomain,domain=RMI+SSL"
+"\">\n"
+" <constructor>\n"
+" <arg type=\"java.lang.String\" value=\"RMI+SSL\"/>\n"
+" </constructor>\n"
+" <attribute name=\"KeyStoreURL\">example.keystore</"
+"attribute>\n"
+" <attribute name=\"KeyStorePass\">rmi+ssl</attribute>\n"
+"</mbean>"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:1951
@@ -7110,6 +7800,20 @@
"+SSL</depends>\n"
"</mbean>"
msgstr ""
+"<mbean code=\"org.jboss.invocation.jrmp.server.JRMPInvoker\"\n"
+" name=\"jboss:service=invoker,type=jrmp,socketType=SSL\">\n"
+" <attribute name=\"RMIObjectPort\">14445</attribute>\n"
+" <attribute name=\"RMIClientSocketFactory\"> \n"
+" org.jboss.security.ssl.RMISSLClientSocketFactory\n"
+" </attribute>\n"
+" <attribute name=\"RMIServerSocketFactory\">\n"
+" org.jboss.security.ssl.RMISSLServerSocketFactory\n"
+" </attribute>\n"
+" <attribute name=\"SecurityDomain\">java:/jaas/RMI+SSL</"
+"attribute>\n"
+" <depends>jboss.security:service=JaasSecurityDomain,domain=RMI"
+"+SSL</depends>\n"
+"</mbean>"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:1958
@@ -7123,7 +7827,7 @@
#. Tag: programlisting
#: J2EE_Security_On_JBOSS.xml:1961
-#, fuzzy, no-c-format
+#, no-c-format
msgid ""
"<?xml version=\"1.0\"?>\n"
"<jboss>\n"
@@ -7177,68 +7881,57 @@
" </invoker-proxy-bindings>\n"
"</jboss>"
msgstr ""
+"<?xml version=\"1.0\"?>\n"
"<jboss>\n"
-" <session>\n"
-" <ejb-name>nextgen_RetryInterceptorStatelessSession</ejb-"
-"name>\n"
-" <invoker-bindings>\n"
-" <invoker>\n"
-" <invoker-proxy-binding-name>\n"
-" clustered-retry-stateless-rmi-invoker\n"
-" </invoker-proxy-binding-name>\n"
-" <jndi-name>\n"
-" nextgen_RetryInterceptorStatelessSession\n"
-" </jndi-name>\n"
-" </invoker>\n"
-" </invoker-bindings>\n"
-" <clustered>true</clustered>\n"
-" </session>\n"
-"\n"
-" <invoker-proxy-binding>\n"
-" <name>clustered-retry-stateless-rmi-invoker</name>\n"
-" <invoker-mbean>jboss:service=invoker,type=jrmpha</invoker-"
-"mbean>\n"
-" <proxy-factory>org.jboss.proxy.ejb.ProxyFactoryHA</proxy-"
+" <enterprise-beans>\n"
+" <session>\n"
+" <ejb-name>EchoBean4</ejb-name>\n"
+" <configuration-name>Standard Stateless SessionBean</"
+"configuration-name>\n"
+" <invoker-bindings>\n"
+" <invoker>\n"
+" <invoker-proxy-binding-name>\n"
+" stateless-ssl-invoker\n"
+" </invoker-proxy-binding-name>\n"
+" </invoker>\n"
+" </invoker-bindings>\n"
+" </session>\n"
+" </enterprise-beans>\n"
+" \n"
+" <invoker-proxy-bindings>\n"
+" <invoker-proxy-binding>\n"
+" <name>stateless-ssl-invoker</name>\n"
+" <invoker-mbean>jboss:service=invoker,type=jrmp,"
+"socketType=SSL</invoker-mbean>\n"
+" <proxy-factory>org.jboss.proxy.ejb.ProxyFactory</proxy-"
"factory>\n"
-" <proxy-factory-config>\n"
+" <proxy-factory-config>\n"
" <client-interceptors>\n"
" <home>\n"
-" <interceptor>\n"
-" org.jboss.proxy.ejb.HomeInterceptor\n"
-" </interceptor>\n"
-" <interceptor>\n"
-" org.jboss.proxy.SecurityInterceptor\n"
-" </interceptor>\n"
-" <interceptor>\n"
-" org.jboss.proxy.TransactionInterceptor\n"
-" </interceptor>\n"
-" <interceptor>\n"
-" org.jboss.proxy.ejb.RetryInterceptor\n"
-" </interceptor>\n"
-" <interceptor>\n"
-" org.jboss.invocation.InvokerInterceptor\n"
-" </interceptor>\n"
+" <interceptor>org.jboss.proxy.ejb."
+"HomeInterceptor</interceptor>\n"
+" <interceptor>org.jboss.proxy."
+"SecurityInterceptor</interceptor>\n"
+" <interceptor>org.jboss.proxy."
+"TransactionInterceptor</interceptor>\n"
+" <interceptor>org.jboss.invocation."
+"InvokerInterceptor</interceptor>\n"
" </home>\n"
" <bean>\n"
-" <interceptor>\n"
-" org.jboss.proxy.ejb.StatelessSessionInterceptor\n"
-" </interceptor>\n"
-" <interceptor>\n"
-" org.jboss.proxy.SecurityInterceptor\n"
-" </interceptor>\n"
-" <interceptor>\n"
-" org.jboss.proxy.TransactionInterceptor\n"
-" </interceptor>\n"
-" <interceptor>\n"
-" org.jboss.proxy.ejb.RetryInterceptor\n"
-" </interceptor>\n"
-" <interceptor>\n"
-" org.jboss.invocation.InvokerInterceptor\n"
-" </interceptor>\n"
+" <interceptor>org.jboss.proxy.ejb."
+"StatelessSessionInterceptor</interceptor>\n"
+" <interceptor>org.jboss.proxy."
+"SecurityInterceptor</interceptor>\n"
+" <interceptor>org.jboss.proxy."
+"TransactionInterceptor</interceptor>\n"
+" <interceptor>org.jboss.invocation."
+"InvokerInterceptor</interceptor>\n"
" </bean>\n"
" </client-interceptors>\n"
-" </proxy-factory-config>\n"
-" </invoker-proxy-binding>"
+" </proxy-factory-config>\n"
+" </invoker-proxy-binding>\n"
+" </invoker-proxy-bindings>\n"
+"</jboss>"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:1962
@@ -7269,6 +7962,17 @@
"n: No trusted certificate found\n"
"..."
msgstr ""
+"[examples]$ ant -Dchap=security -Dex=4b run-example\n"
+"...\n"
+"run-example4b:\n"
+"...\n"
+" [java] Exception in thread \"main\" java.rmi.ConnectIOException: error "
+"during JRMP connect\n"
+"ion establishment; nested exception is: \n"
+" [java] javax.net.ssl.SSLHandshakeException: sun.security.validator."
+"ValidatorExceptio\n"
+"n: No trusted certificate found\n"
+"..."
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:1966
@@ -7306,6 +8010,14 @@
" [java] Created Echo\n"
" [java] Echo.echo()#1 = This is call 1"
msgstr ""
+"[examples]$ ant -Dchap=security -Dex=4 run-example\n"
+"...\n"
+"run-example4:\n"
+" [copy] Copying 1 file to /tmp/jboss-4.2.0/server/production/deploy\n"
+" [echo] Waiting for 5 seconds for deploy...\n"
+"...\n"
+" [java] Created Echo\n"
+" [java] Echo.echo()#1 = This is call 1"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:1970
@@ -7339,6 +8051,9 @@
" at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer\n"
"..."
msgstr ""
+"javax.naming.NameNotFoundException: EchoBean4 not bound\n"
+" at sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer\n"
+"..."
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:1977
@@ -7355,7 +8070,7 @@
#: J2EE_Security_On_JBOSS.xml:1983
#, no-c-format
msgid "Configuring JBoss for use Behind a Firewall"
-msgstr ""
+msgstr "通过防火墙使用 JBoss 所需的配置"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:1984
@@ -7370,18 +8085,21 @@
"Additional_ports_in_the_all_configuration\"/> shows the same information for "
"the additional ports that exist in the all configuration file set."
msgstr ""
+"JBoss 带有许多基于套接字的使用侦听端口的服务。本节我们将列出当通过防火墙访问 JBoss 时需要进行配置的服务和端口。下表展示了 default 配置文件集里的端口、套接字类型以及相关的服务。而 <xref linkend="
+"\"Configuring_JBoss_for_use_Behind_a_Firewall-"
+"Additional_ports_in_the_all_configuration\"/> 展示了存在于 all 配置文件集里的其他端口的信息。"
#. Tag: title
#: J2EE_Security_On_JBOSS.xml:1988
-#, fuzzy, no-c-format
+#, no-c-format
msgid "The ports found in the default configuration"
-msgstr "这个文件提供了缺省的容器配置。"
+msgstr "在 default 配置里使用的端口"
#. Tag: entry
#: J2EE_Security_On_JBOSS.xml:1995 J2EE_Security_On_JBOSS.xml:2106
-#, fuzzy, no-c-format
+#, no-c-format
msgid "Port"
-msgstr "引用(import)"
+msgstr "端口"
#. Tag: entry
#: J2EE_Security_On_JBOSS.xml:1998 J2EE_Security_On_JBOSS.xml:2109
@@ -7391,15 +8109,15 @@
#. Tag: entry
#: J2EE_Security_On_JBOSS.xml:2001 J2EE_Security_On_JBOSS.xml:2112
-#, fuzzy, no-c-format
+#, no-c-format
msgid "Service"
-msgstr "HTTP 服务"
+msgstr "服务"
#. Tag: entry
#: J2EE_Security_On_JBOSS.xml:2008
#, no-c-format
msgid "1098"
-msgstr ""
+msgstr "1098"
#. Tag: entry
#: J2EE_Security_On_JBOSS.xml:2011 J2EE_Security_On_JBOSS.xml:2022
@@ -7408,179 +8126,179 @@
#: J2EE_Security_On_JBOSS.xml:2077 J2EE_Security_On_JBOSS.xml:2088
#: J2EE_Security_On_JBOSS.xml:2122 J2EE_Security_On_JBOSS.xml:2133
#: J2EE_Security_On_JBOSS.xml:2177 J2EE_Security_On_JBOSS.xml:2188
-#, fuzzy, no-c-format
+#, no-c-format
msgid "<entry>TCP</entry>"
-msgstr "<entry>DB2</entry>"
+msgstr "<entry>TCP</entry>"
#. Tag: literal
#: J2EE_Security_On_JBOSS.xml:2015 J2EE_Security_On_JBOSS.xml:2026
-#, fuzzy, no-c-format
+#, no-c-format
msgid "org.jboss.naming.NamingService"
-msgstr "The org.jboss.naming.NamingContextFactory"
+msgstr "org.jboss.naming.NamingService"
#. Tag: entry
#: J2EE_Security_On_JBOSS.xml:2019
#, no-c-format
msgid "1099"
-msgstr ""
+msgstr "1099"
#. Tag: entry
#: J2EE_Security_On_JBOSS.xml:2030
#, no-c-format
msgid "4444"
-msgstr ""
+msgstr "4444"
#. Tag: literal
#: J2EE_Security_On_JBOSS.xml:2037
#, no-c-format
msgid "org.jboss.invocation.jrmp.server.JRMPInvoker"
-msgstr ""
+msgstr "org.jboss.invocation.jrmp.server.JRMPInvoker"
#. Tag: entry
#: J2EE_Security_On_JBOSS.xml:2041
#, no-c-format
msgid "4445"
-msgstr ""
+msgstr "4445"
#. Tag: literal
#: J2EE_Security_On_JBOSS.xml:2048
#, no-c-format
msgid "org.jboss.invocation.pooled.server.PooledInvoker"
-msgstr ""
+msgstr "org.jboss.invocation.pooled.server.PooledInvoker"
#. Tag: entry
#: J2EE_Security_On_JBOSS.xml:2052
#, no-c-format
msgid "8009"
-msgstr ""
+msgstr "8009"
#. Tag: literal
#: J2EE_Security_On_JBOSS.xml:2059 J2EE_Security_On_JBOSS.xml:2070
#, no-c-format
msgid "org.jboss.web.tomcat.tc4.EmbeddedTomcatService"
-msgstr ""
+msgstr "org.jboss.web.tomcat.tc4.EmbeddedTomcatService"
#. Tag: entry
#: J2EE_Security_On_JBOSS.xml:2063
#, no-c-format
msgid "8080"
-msgstr ""
+msgstr "8080"
#. Tag: entry
#: J2EE_Security_On_JBOSS.xml:2074
#, no-c-format
msgid "8083"
-msgstr ""
+msgstr "8083"
#. Tag: literal
#: J2EE_Security_On_JBOSS.xml:2081
#, no-c-format
msgid "org.jboss.web.WebService"
-msgstr ""
+msgstr "org.jboss.web.WebService"
#. Tag: entry
#: J2EE_Security_On_JBOSS.xml:2085
#, no-c-format
msgid "8093"
-msgstr ""
+msgstr "8093"
#. Tag: literal
#: J2EE_Security_On_JBOSS.xml:2092
#, no-c-format
msgid "org.jboss.mq.il.uil2.UILServerILService"
-msgstr ""
+msgstr "org.jboss.mq.il.uil2.UILServerILService"
#. Tag: title
#: J2EE_Security_On_JBOSS.xml:2099
-#, fuzzy, no-c-format
+#, no-c-format
msgid "Additional ports in the all configuration"
-msgstr "A virtual host configuration."
+msgstr "all 配置里的其他端口"
#. Tag: entry
#: J2EE_Security_On_JBOSS.xml:2119
#, no-c-format
msgid "1100"
-msgstr ""
+msgstr "1100"
#. Tag: literal
#: J2EE_Security_On_JBOSS.xml:2126 J2EE_Security_On_JBOSS.xml:2137
#: J2EE_Security_On_JBOSS.xml:2148
#, no-c-format
msgid "org.jboss.ha.jndi.HANamingService"
-msgstr ""
+msgstr "org.jboss.ha.jndi.HANamingService"
#. Tag: entry
#: J2EE_Security_On_JBOSS.xml:2130
#, no-c-format
msgid "1101"
-msgstr ""
+msgstr "1101"
#. Tag: entry
#: J2EE_Security_On_JBOSS.xml:2141
#, no-c-format
msgid "1102"
-msgstr ""
+msgstr "1102"
#. Tag: entry
#: J2EE_Security_On_JBOSS.xml:2144 J2EE_Security_On_JBOSS.xml:2155
#: J2EE_Security_On_JBOSS.xml:2166 J2EE_Security_On_JBOSS.xml:2202
-#, fuzzy, no-c-format
+#, no-c-format
msgid "<entry>UDP</entry>"
-msgstr "<entry>DB2</entry>"
+msgstr "<entry>UDP</entry>"
#. Tag: entry
#: J2EE_Security_On_JBOSS.xml:2152
#, no-c-format
msgid "1161"
-msgstr ""
+msgstr "1161"
#. Tag: literal
#: J2EE_Security_On_JBOSS.xml:2159
#, no-c-format
msgid "org.jboss.jmx.adaptor.snmp.agent.SnmpAgentService"
-msgstr ""
+msgstr "org.jboss.jmx.adaptor.snmp.agent.SnmpAgentService"
#. Tag: entry
#: J2EE_Security_On_JBOSS.xml:2163
#, no-c-format
msgid "1162"
-msgstr ""
+msgstr "1162"
#. Tag: literal
#: J2EE_Security_On_JBOSS.xml:2170
#, no-c-format
msgid "org.jboss.jmx.adaptor.snmp.trapd.TrapdService"
-msgstr ""
+msgstr "org.jboss.jmx.adaptor.snmp.trapd.TrapdService"
#. Tag: entry
#: J2EE_Security_On_JBOSS.xml:2174
#, no-c-format
msgid "3528"
-msgstr ""
+msgstr "3528"
#. Tag: literal
#: J2EE_Security_On_JBOSS.xml:2181
#, no-c-format
msgid "org.jboss.invocation.iiop.IIOPInvoker"
-msgstr ""
+msgstr "org.jboss.invocation.iiop.IIOPInvoker"
#. Tag: entry
#: J2EE_Security_On_JBOSS.xml:2185
#, no-c-format
msgid "4447"
-msgstr ""
+msgstr "4447"
#. Tag: literal
#: J2EE_Security_On_JBOSS.xml:2192
#, no-c-format
msgid "org.jboss.invocation.jrmp.server.JRMPInvokerHA"
-msgstr ""
+msgstr "org.jboss.invocation.jrmp.server.JRMPInvokerHA"
#. Tag: entry
#: J2EE_Security_On_JBOSS.xml:2196
#, no-c-format
msgid "45566"
-msgstr ""
+msgstr "45566"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:2197
@@ -7588,19 +8306,19 @@
msgid ""
"Plus two additional anonymous UDP ports, one can be set using the "
"<literal>rcv_port</literal>, and the other cannot be set."
-msgstr ""
+msgstr "还有其他两个匿名 UDP 端口,一个可以通过 <literal>rcv_port</literal> 设置,而另外一个则不能被设置。"
#. Tag: literal
#: J2EE_Security_On_JBOSS.xml:2206
#, no-c-format
msgid "org.jboss.ha.framework.server.ClusterPartition"
-msgstr ""
+msgstr "org.jboss.ha.framework.server.ClusterPartition"
#. Tag: title
#: J2EE_Security_On_JBOSS.xml:2215
#, no-c-format
msgid "How to Secure the JBoss Server"
-msgstr ""
+msgstr "怎样设置 JBoss 服务器的安全性"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:2216
@@ -7610,13 +8328,13 @@
"removed to prevent unauthorized access to administrative functions in a "
"deployment. This section describes the various admin services and how to "
"secure them."
-msgstr ""
+msgstr "JBoss 带有几个用于管理的入口,你需要设置它们的安全性或者进行删除。本节介绍各种管理服务以及如何设置其安全性。"
#. Tag: title
#: J2EE_Security_On_JBOSS.xml:2220
-#, fuzzy, no-c-format
+#, no-c-format
msgid "The JMX Console"
-msgstr "Securing the JMX Console"
+msgstr "JMX 控制台"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:2221
@@ -7627,13 +8345,13 @@
"to arbitrary admin type access like shutting down the server, stopping "
"services, deploying new services, etc. It should either be secured like any "
"other web application, or removed."
-msgstr ""
+msgstr "deploy 目录下的 <literal>jmx-console.war</literal> 提供 JMX 微内核的 HTML 视图。因此,它提供任意管理型的访问控制(如关闭服务器、停止服务、部署新服务等)。它应该象其他 web 应用程序一样设置安全性,或者删除。"
#. Tag: title
#: J2EE_Security_On_JBOSS.xml:2227
#, no-c-format
msgid "The Web Console"
-msgstr ""
+msgstr "Web 控制台"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:2228
@@ -7649,12 +8367,16 @@
"commented out setup for a security domain in <literal>WEB-INF/jboss-web.xml</"
"literal>."
msgstr ""
+"<literal>deploy/"
+"management</literal> 目录下的 <literal>web-console.war</literal> 是 JMX 微内核里的另外一个 web 应用程序。它使用 applet 和 HTML 视图的组合并提供和 <literal>jmx-"
+"console.war</literal> 相同级别的对管理功能的访问。因此,应该对它设置安全性或者删除它。<literal>web-console.war</literal> 在其 <literal>WEB-INF/web.xml</literal> 目录下带有用于基本的安全性的被注释的模板,在 <literal>WEB-INF/jboss-web.xml</"
+"literal> 目录下它包含被注释的用于安全域的设置。"
#. Tag: title
#: J2EE_Security_On_JBOSS.xml:2234
#, no-c-format
msgid "The HTTP Invokers"
-msgstr ""
+msgstr "HTTP 调用者"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:2235
@@ -7676,12 +8398,17 @@
"domain setup in the <literal>http-invoker.sar/invoker.war/WEB-INF/jboss-web."
"xml</literal> descriptor."
msgstr ""
+"在 deploy 目录里的 <literal>http-invoker.sar</literal> 是提供对 EJB 和 JNDI <literal>Naming</"
+"literal> 命名服务的 RMI/HTTP 访问的服务。它包括一个处理往 <literal>MBeanServer</"
+"literal> 分发排列的 <literal>org.jboss.invocation.Invocation</literal> 对象的 servlet。这允许对通过 HTTP 支持脱管调用者操作的 MBean 有效地进行访问,因为你可以知道怎样格式化合适的 HTTP post 请求。你需要设置 <literal>http-invoker.sar/invoker.war/WEB-INF/web.xml</literal> 部署描述符里的 <literal>JMXInvokerServlet</literal> servlet 的安全性来控制这种访问的安全性。在缺省情况下,根据为 <literal>/restricted/"
+"JMXInvokerServlet</literal> 路径定义的安全映射,你可以简单地删除其他路径并在 <literal>http-invoker.sar/invoker.war/WEB-INF/jboss-web."
+"xml</literal> 描述符里配置 <literal>http-invoker</literal> 安全性域。"
#. Tag: title
#: J2EE_Security_On_JBOSS.xml:2241
-#, fuzzy, no-c-format
+#, no-c-format
msgid "The JMX Invoker"
-msgstr "The JBoss JMX Microkernel"
+msgstr "JMX 调用者"
#. Tag: para
#: J2EE_Security_On_JBOSS.xml:2242
@@ -7694,5 +8421,5 @@
"<literal>http-invoker.sar</literal> as described in the previous section. In "
"the future this service will be deployed as an XMBean with a security "
"interceptor that supports role based access checks."
-msgstr ""
+msgstr "<literal>jmx-invoker-adaptor-server.sar</literal> 是通过 RMI 兼容接口并使用 RMI/JRMP 脱管调用者服务开放 JMX MBeanServer 的服务。设置这个服务的安全性的唯一途径是把协议切换至 RMI/HTTP 并如前面章节所描述的那样,设置 <literal>http-invoker.sar</literal> 的安全性。以后这个服务将被部署为带有支持基于角色的访问检查的拦截器的 XMBean。"
Modified: projects/docs/trunk/AS_4/Server_Configuration_Guide/zh-CN/Web_Services.po
===================================================================
--- projects/docs/trunk/AS_4/Server_Configuration_Guide/zh-CN/Web_Services.po 2008-03-17 01:13:50 UTC (rev 70898)
+++ projects/docs/trunk/AS_4/Server_Configuration_Guide/zh-CN/Web_Services.po 2008-03-17 04:23:06 UTC (rev 70899)
@@ -1,3 +1,4 @@
+# translation of Web_Services.po to Simplified Chinese
# translation of Web_Services.po to
# Language /tmp/mike/JBEAP420/JBAS translations for JBEAP package.
# Copyright (C) 2007, 2008 Free Software Foundation, Inc.
@@ -9,9 +10,9 @@
"Project-Id-Version: Web_Services\n"
"Report-Msgid-Bugs-To: http://bugs.kde.org\n"
"POT-Creation-Date: 2007-12-03 00:52+0000\n"
-"PO-Revision-Date: 2008-02-01 09:13+1000\n"
+"PO-Revision-Date: 2008-03-17 14:18+1000\n"
"Last-Translator: Xi HUANG <xhuang at redhat.com>\n"
-"Language-Team: <zh at li.org>\n"
+"Language-Team: Simplified Chinese <en at li.org>\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
@@ -107,6 +108,23 @@
"</message>\n"
" ]]>"
msgstr ""
+"<![CDATA[\n"
+"<complexType name='concatType'>\n"
+" <sequence>\n"
+" <element name='String_1' nillable='true' type='string'/>\n"
+" <element name='long_1' type='long'/>\n"
+" </sequence>\n"
+" </complexType>\n"
+" <element name='concat' type='tns:concatType'/>\n"
+" Therefore, message parts must refer to an element from the schema. \n"
+" <message name='EndpointInterface_concat'>\n"
+" <part name='parameters' element='tns:concat'/>\n"
+" </message>\n"
+"The following message definition is invalid. \n"
+"<message name='EndpointInterface_concat'>\n"
+" <part name='parameters' type='tns:concatType'/>\n"
+"</message>\n"
+" ]]>"
#. Tag: title
#: Web_Services.xml:27
@@ -141,6 +159,18 @@
"}\n"
"]]>"
msgstr ""
+"<![CDATA[\n"
+"@WebService\n"
+"@SOAPBinding(parameterStyle = SOAPBinding.ParameterStyle.BARE)\n"
+"public class DocBareServiceImpl\n"
+"{\n"
+"@WebMethod\n"
+"public SubmitBareResponse submitPO(SubmitBareRequest poRequest)\n"
+"{\n"
+" ...\n"
+"}\n"
+"}\n"
+"]]>"
#. Tag: para
#: Web_Services.xml:34
@@ -170,6 +200,21 @@
" ...\n"
"}]]>"
msgstr ""
+"<![CDATA[\n"
+" @XmlAccessorType(XmlAccessType.FIELD)\n"
+" @XmlType(name = \"SubmitBareRequest\", namespace=\"http://"
+"soapbinding.samples.jaxws.ws.test.jboss.org/\", propOrder = { \"product"
+"\" })\n"
+" @XmlRootElement(namespace=\"http://soapbinding.samples.jaxws.ws.test."
+"jboss.org/\", name = \"SubmitPO\")\n"
+" public class SubmitBareRequest\n"
+" {\n"
+" @XmlElement(namespace=\"http://soapbinding.samples.jaxws.ws.test."
+"jboss.org/\", required = true)\n"
+" private String product;\n"
+" \n"
+" ...\n"
+"}]]>"
#. Tag: title
#: Web_Services.xml:40
@@ -242,6 +287,22 @@
" </operation>\n"
" </binding>]]>"
msgstr ""
+"<![CDATA[\n"
+" <binding name='EndpointInterfaceBinding' type='tns:EndpointInterface'>\n"
+" <soap:binding style='rpc' transport='http://schemas.xmlsoap.org/"
+"soap/http'/>\n"
+" <operation name='echo'>\n"
+" <soap:operation soapAction=''/>\n"
+" <input>\n"
+" <soap:body namespace='http://org.jboss.ws/samples/"
+"jsr181pojo' use='literal'/>\n"
+" </input>\n"
+" <output>\n"
+" <soap:body namespace='http://org.jboss.ws/samples/"
+"jsr181pojo' use='literal'/>\n"
+" </output>\n"
+" </operation>\n"
+" </binding>]]>"
#. Tag: para
#: Web_Services.xml:72
@@ -361,6 +422,16 @@
" }\n"
" } ]]>"
msgstr ""
+"<![CDATA[@WebService\n"
+"@SOAPBinding(style = SOAPBinding.Style.RPC)\n"
+"public class JSEBean01\n"
+" {\n"
+" @WebMethod\n"
+" public String echo(String input)\n"
+" {\n"
+" ...\n"
+" }\n"
+" } ]]>"
#. Tag: title
#: Web_Services.xml:128
@@ -391,6 +462,18 @@
" </servlet-mapping>\n"
"</web-app> ]]>"
msgstr ""
+"<![CDATA[\n"
+"<web-app ...>\n"
+" <servlet>\n"
+" <servlet-name>TestService</servlet-name>\n"
+" <servlet-class>org.jboss.test.ws.jaxws.samples.jsr181pojo."
+"JSEBean01</servlet-class>\n"
+" </servlet>\n"
+" <servlet-mapping>\n"
+" <servlet-name>TestService</servlet-name>\n"
+" <url-pattern>/*</url-pattern>\n"
+" </servlet-mapping>\n"
+"</web-app> ]]>"
#. Tag: title
#: Web_Services.xml:138
@@ -437,6 +520,9 @@
"http://yourhost:8080/jbossws/services\n"
"]]>"
msgstr ""
+"<![CDATA[\n"
+"http://yourhost:8080/jbossws/services\n"
+"]]>"
#. Tag: para
#: Web_Services.xml:158 Web_Services.xml:178
@@ -485,6 +571,21 @@
" }\n"
" }]]>"
msgstr ""
+"<![CDATA[\n"
+" @Stateless\n"
+" @Remote(EJB3RemoteInterface.class)\n"
+" @RemoteBinding(jndiBinding = "/ejb3/EJB3EndpointInterface")\n"
+" \n"
+" @WebService\n"
+" @SOAPBinding(style = SOAPBinding.Style.RPC)\n"
+" public class EJB3Bean01 implements EJB3RemoteInterface\n"
+" {\n"
+" @WebMethod\n"
+" public String echo(String input)\n"
+" {\n"
+" ...\n"
+" }\n"
+" }]]>"
#. Tag: para
#: Web_Services.xml:167
@@ -521,6 +622,16 @@
"</fileset>\n"
"</jar>]]>"
msgstr ""
+"<![CDATA[\n"
+"<jar jarfile="${build.dir}/libs/jbossws-samples-jsr181ejb.jar""
+">\n"
+"<fileset dir="${build.dir}/classes">\n"
+"<include name="org/jboss/test/ws/samples/jsr181ejb/EJB3Bean01."
+"class"/>\n"
+"<include name="org/jboss/test/ws/samples/jsr181ejb/"
+"EJB3RemoteInterface.class"/>\n"
+"</fileset>\n"
+"</jar>]]>"
#. Tag: emphasis
#: Web_Services.xml:174
@@ -535,6 +646,8 @@
"<![CDATA[\n"
" http://yourhost:8080/jbossws/services]]>"
msgstr ""
+"<![CDATA[\n"
+" http://yourhost:8080/jbossws/services]]>"
#. Tag: title
#: Web_Services.xml:181
@@ -586,6 +699,16 @@
" }\n"
"}]]>"
msgstr ""
+"<![CDATA[\n"
+"@WebServiceProvider\n"
+"@ServiceMode(value = Service.Mode.PAYLOAD)\n"
+"public class ProviderBeanPayload implements Provider<Source>\n"
+"{\n"
+"public Source invoke(Source req)\n"
+"{\n"
+"// Access the entire request PAYLOAD and return the response PAYLOAD\n"
+" }\n"
+"}]]>"
#. Tag: para
#: Web_Services.xml:186
@@ -598,9 +721,9 @@
#. Tag: title
#: Web_Services.xml:189
-#, fuzzy, no-c-format
+#, no-c-format
msgid "WebServiceContext"
-msgstr "代理服务"
+msgstr "WebServiceContext"
#. Tag: para
#: Web_Services.xml:190
@@ -647,6 +770,35 @@
"}\n"
"]]>"
msgstr ""
+"<![CDATA[\n"
+"@WebService\n"
+"public class EndpointJSE\n"
+"{\n"
+"@Resource\n"
+"WebServiceContext wsCtx;\n"
+" \n"
+"@WebMethod\n"
+"public String testGetMessageContext()\n"
+"{\n"
+"SOAPMessageContext jaxwsContext = (SOAPMessageContext)wsCtx.getMessageContext"
+"();\n"
+"return jaxwsContext != null ? "pass" : "fail";\n"
+"}\n"
+"..\n"
+"@WebMethod\n"
+"public String testGetUserPrincipal()\n"
+"{\n"
+"Principal principal = wsCtx.getUserPrincipal();\n"
+"return principal.getName();\n"
+"}\n"
+" \n"
+"@WebMethod\n"
+"public boolean testIsUserInRole(String role)\n"
+"{\n"
+"return wsCtx.isUserInRole(role);\n"
+"}\n"
+"}\n"
+"]]>"
#. Tag: title
#: Web_Services.xml:194
@@ -656,9 +808,9 @@
#. Tag: title
#: Web_Services.xml:196
-#, fuzzy, no-c-format
+#, no-c-format
msgid "Service"
-msgstr "代理服务"
+msgstr "服务"
#. Tag: para
#: Web_Services.xml:197
@@ -755,6 +907,27 @@
"...\n"
"}]]>"
msgstr ""
+"<![CDATA[\n"
+"// Generated Service Class\n"
+" \n"
+" @WebServiceClient(name="StockQuoteService", targetNamespace=""
+"http://example.com/stocks", wsdlLocation="http://example.com/"
+"stocks.wsdl")\n"
+"public class StockQuoteService extends javax.xml.ws.Service \n"
+"{\n"
+"public StockQuoteService() \n"
+"{\n"
+"super(new URL("http://example.com/stocks.wsdl"), new QName(""
+"http://example.com/stocks", "StockQuoteService"));\n"
+"}\n"
+" \n"
+"public StockQuoteService(String wsdlLocation, QName serviceName) \n"
+"{\n"
+"super(wsdlLocation, serviceName);\n"
+"}\n"
+" \n"
+"...\n"
+"}]]>"
#. Tag: para
#: Web_Services.xml:209
@@ -793,6 +966,11 @@
"MyService");\n"
"Service service = Service.create(wsdlLocation, serviceName);]]>"
msgstr ""
+"<![CDATA[\n"
+"URL wsdlLocation = new URL("http://example.org/my.wsdl");\n"
+"QName serviceName = new QName("http://example.org/sample", ""
+"MyService");\n"
+"Service service = Service.create(wsdlLocation, serviceName);]]>"
#. Tag: para
#: Web_Services.xml:216
@@ -898,6 +1076,34 @@
" ...\n"
" }]]>"
msgstr ""
+"<![CDATA[\n"
+" /** \n"
+" * The getPort method returns a proxy. A service client\n"
+" * uses this proxy to invoke operations on the target\n"
+" * service endpoint. The <code>serviceEndpointInterface</code>\n"
+" * specifies the service endpoint interface that is supported by\n"
+" * the created dynamic proxy instance.\n"
+" **/\n"
+" public <T> T getPort(QName portName, Class<T> "
+"serviceEndpointInterface)\n"
+" {\n"
+" ...\n"
+" }\n"
+" \n"
+" /** \n"
+" * The getPort method returns a proxy. The parameter\n"
+" * <code>serviceEndpointInterface</code> specifies the service\n"
+" * endpoint interface that is supported by the returned proxy.\n"
+" * In the implementation of this method, the JAX-WS\n"
+" * runtime system takes the responsibility of selecting a protocol\n"
+" * binding (and a port) and configuring the proxy accordingly.\n"
+" * The returned proxy should not be reconfigured by the client.\n"
+" *\n"
+" **/\n"
+" public <T> T getPort(Class<T> serviceEndpointInterface)\n"
+" {\n"
+" ...\n"
+" }]]>"
#. Tag: para
#: Web_Services.xml:234
More information about the jboss-cvs-commits
mailing list