[jboss-cvs] JBossAS SVN: r71397 - in trunk/testsuite/src/resources/test-configs/tomcat-sso-cluster: deploy and 1 other directories.

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Fri Mar 28 15:58:54 EDT 2008 

Author: bstansberry at jboss.com
Date: 2008-03-28 15:58:54 -0400 (Fri, 28 Mar 2008)
New Revision: 71397

Added:
   trunk/testsuite/src/resources/test-configs/tomcat-sso-cluster/deploy/
   trunk/testsuite/src/resources/test-configs/tomcat-sso-cluster/deploy/jbossweb.sar/
   trunk/testsuite/src/resources/test-configs/tomcat-sso-cluster/deploy/jbossweb.sar/context.xml
   trunk/testsuite/src/resources/test-configs/tomcat-sso-cluster/deploy/jbossweb.sar/server.xml
Removed:
   trunk/testsuite/src/resources/test-configs/tomcat-sso-cluster/deployers/
Log:
Move server.xml to deploy

Copied: trunk/testsuite/src/resources/test-configs/tomcat-sso-cluster/deploy/jbossweb.sar/context.xml (from rev 71388, trunk/testsuite/src/resources/test-configs/tomcat-sso-cluster/deployers/jbossweb.deployer/context.xml)
===================================================================
--- trunk/testsuite/src/resources/test-configs/tomcat-sso-cluster/deploy/jbossweb.sar/context.xml	                        (rev 0)
+++ trunk/testsuite/src/resources/test-configs/tomcat-sso-cluster/deploy/jbossweb.sar/context.xml	2008-03-28 19:58:54 UTC (rev 71397)
@@ -0,0 +1,17 @@
+<!-- The contents of this file will be loaded for each web application -->
+<Context cookies="true" crossContext="true">
+   <!-- Session persistence is disable by default. To enable for all web
+   apps set the pathname to a non-empty value:
+   <Manager pathname="SESSIONS.ser" />
+
+   To enable session persistence for a single web app, add a
+   WEB-INF/context.xml 
+   -->
+   <Manager pathname="" processExpiresFrequency="1" />
+
+   <!-- Install an InstanceListener to handle the establishment of the run-as
+   role for servlet init/destroy events.
+   -->
+   <InstanceListener>org.jboss.web.tomcat.security.RunAsListener</InstanceListener>
+   
+</Context>

Copied: trunk/testsuite/src/resources/test-configs/tomcat-sso-cluster/deploy/jbossweb.sar/server.xml (from rev 71388, trunk/testsuite/src/resources/test-configs/tomcat-sso-cluster/deployers/jbossweb.deployer/server.xml)
===================================================================
--- trunk/testsuite/src/resources/test-configs/tomcat-sso-cluster/deploy/jbossweb.sar/server.xml	                        (rev 0)
+++ trunk/testsuite/src/resources/test-configs/tomcat-sso-cluster/deploy/jbossweb.sar/server.xml	2008-03-28 19:58:54 UTC (rev 71397)
@@ -0,0 +1,145 @@
+<Server>
+
+   <!-- Optional listener which ensures correct init and shutdown of APR,
+        and provides information if it is not installed -->
+   <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
+   <!--Initialize Jasper prior to webapps are loaded. Documentation at /docs/jasper-howto.html -->
+   <Listener className="org.apache.catalina.core.JasperListener" />
+
+   <Service name="jboss.web">
+
+      <!-- A HTTP/1.1 Connector on port 8080 -->
+      <Connector protocol="HTTP/1.1" port="8080" address="${jboss.bind.address}" 
+               connectionTimeout="20000" redirectPort="8443" />
+
+      <!-- Add this option to the connector to avoid problems with 
+          .NET clients that don't implement HTTP/1.1 correctly 
+         restrictedUserAgents="^.*MS Web Services Client Protocol 1.1.4322.*$"
+      -->
+
+      <!-- A AJP 1.3 Connector on port 8009 -->
+      <Connector protocol="AJP/1.3" port="8009" address="${jboss.bind.address}"
+         emptySessionPath="true" redirectPort="8443" />
+
+      <!-- SSL/TLS Connector configuration using the admin devl guide keystore
+      <Connector protocol="HTTP/1.1" SSLEnabled="true" 
+           port="8443" address="${jboss.bind.address}"
+           emptySessionPath="true"
+           scheme="https" secure="true" clientAuth="false" 
+           keystoreFile="${jboss.server.home.dir}/conf/chap8.keystore"
+           keystorePass="rmi+ssl" sslProtocol = "TLS" />
+      -->
+
+      <Engine name="jboss.web" defaultHost="localhost">
+
+         <!-- The JAAS based authentication and authorization realm implementation
+         that is compatible with the jboss 3.2.x realm implementation.
+         - certificatePrincipal : the class name of the
+         org.jboss.security.auth.certs.CertificatePrincipal impl
+         used for mapping X509[] cert chains to a Princpal.
+         - allRolesMode : how to handle an auth-constraint with a role-name=*,
+         one of strict, authOnly, strictAuthOnly
+           + strict = Use the strict servlet spec interpretation which requires
+           that the user have one of the web-app/security-role/role-name
+           + authOnly = Allow any authenticated user
+           + strictAuthOnly = Allow any authenticated user only if there are no
+           web-app/security-roles
+         -->
+         <Realm className="org.jboss.web.tomcat.security.JBossWebRealm"
+            certificatePrincipal="org.jboss.security.auth.certs.SubjectDNMapping"
+            allRolesMode="authOnly"
+            />
+         <!-- A subclass of JBossSecurityMgrRealm that uses the authentication
+         behavior of JBossSecurityMgrRealm, but overrides the authorization
+         checks to use JACC permissions with the current java.security.Policy
+         to determine authorized access.
+         - allRolesMode : how to handle an auth-constraint with a role-name=*,
+         one of strict, authOnly, strictAuthOnly
+           + strict = Use the strict servlet spec interpretation which requires
+           that the user have one of the web-app/security-role/role-name
+           + authOnly = Allow any authenticated user
+           + strictAuthOnly = Allow any authenticated user only if there are no
+           web-app/security-roles
+         <Realm className="org.jboss.web.tomcat.security.JaccAuthorizationRealm"
+            certificatePrincipal="org.jboss.security.auth.certs.SubjectDNMapping"
+            allRolesMode="authOnly"
+            />
+         -->
+
+       <Host name="localhost"
+          autoDeploy="false" deployOnStartup="false" deployXML="false"
+          configClass="org.jboss.web.tomcat.security.config.JBossContextConfig"> 
+            <!-- Uncomment to enable request dumper. This Valve "logs interesting 
+                 contents from the specified Request (before processing) and the 
+                 corresponding Response (after processing). It is especially useful 
+                 in debugging problems related to headers and cookies."
+            -->
+            <!--
+            <Valve className="org.apache.catalina.valves.RequestDumperValve" />
+            -->
+ 
+            <!-- Access logger -->
+            <!--
+            <Valve className="org.apache.catalina.valves.AccessLogValve"
+                prefix="localhost_access_log." suffix=".log"
+                pattern="common" directory="${jboss.server.home.dir}/log" 
+                resolveHosts="false" />
+            -->
+
+            <!-- Uncomment to enable single sign-on across web apps
+                deployed to this host. Does not provide SSO across a cluster.     
+            
+                If this valve is used, do not use the JBoss ClusteredSingleSignOn 
+                valve shown below.
+                
+                A new configuration attribute is available beginning with
+                release 4.0.4:
+                
+                cookieDomain  configures the domain to which the SSO cookie
+                              will be scoped (i.e. the set of hosts to
+                              which the cookie will be presented).  By default
+                              the cookie is scoped to "/", meaning the host
+                              that presented it.  Set cookieDomain to a
+                              wider domain (e.g. "xyz.com") to allow an SSO
+                              to span more than one hostname.
+             -->
+            <!--
+            <Valve className="org.apache.catalina.authenticator.SingleSignOn" />
+            -->
+
+            <!-- Uncomment to enable single sign-on across web apps
+               deployed to this host AND to all other hosts in the cluster.
+            
+               If this valve is used, do not use the standard Tomcat SingleSignOn
+               valve shown above.
+            
+               Valve uses a JBossCache instance to support SSO credential 
+               caching and replication across the cluster.  The JBossCache 
+               instance must be configured separately.  By default, the valve 
+               shares a JBossCache with the service that supports HttpSession 
+               replication.  See the "tc6-cluster-service.xml" file in the
+               server/all/deploy directory for cache configuration details.
+            
+               Besides the attributes supported by the standard Tomcat
+               SingleSignOn valve (see the Tomcat docs), this version also 
+               supports the following attributes:
+            
+               cookieDomain   see above
+               
+               treeCacheName  JMX ObjectName of the JBossCache MBean used to 
+                              support credential caching and replication across
+                              the cluster. If not set, the default value is 
+                              "jboss.cache:service=TomcatClusteringCache", the 
+                              standard ObjectName of the JBossCache MBean used 
+                              to support session replication.
+            -->
+          <Valve className="org.jboss.web.tomcat.service.sso.ClusteredSingleSignOn"
+                   maxEmptyLife="11" processExpiresInterval="5" />
+ 
+         </Host>
+
+      </Engine>
+
+   </Service>
+
+</Server>

More information about the jboss-cvs-commits mailing list