[jboss-cvs] JBossAS SVN: r80234 - in projects/docs/enterprise/4.3.3/Common_Criteria_Guide/en-US: images and 1 other directory.

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Wed Oct 29 23:59:09 EDT 2008


Author: irooskov at redhat.com
Date: 2008-10-29 23:59:09 -0400 (Wed, 29 Oct 2008)
New Revision: 80234

Modified:
   projects/docs/enterprise/4.3.3/Common_Criteria_Guide/en-US/Security_Configuration.xml
   projects/docs/enterprise/4.3.3/Common_Criteria_Guide/en-US/Security_Features.xml
   projects/docs/enterprise/4.3.3/Common_Criteria_Guide/en-US/System_Installation.xml
   projects/docs/enterprise/4.3.3/Common_Criteria_Guide/en-US/images/ssl_statusbar.png
Log:
updated with new additions in response to JIRAs


Modified: projects/docs/enterprise/4.3.3/Common_Criteria_Guide/en-US/Security_Configuration.xml
===================================================================
--- projects/docs/enterprise/4.3.3/Common_Criteria_Guide/en-US/Security_Configuration.xml	2008-10-30 02:41:32 UTC (rev 80233)
+++ projects/docs/enterprise/4.3.3/Common_Criteria_Guide/en-US/Security_Configuration.xml	2008-10-30 03:59:09 UTC (rev 80234)
@@ -62,11 +62,16 @@
         limited to read-only file-system access, adding queue print items & 
         connecting to sockets.</para>
 
-        <para>You must edit the file <filename>run.conf</filename> and uncomment the 
+<para>You must edit the file <filename>run.conf</filename> located in the Enterprise Platform home directory at <filename>/jboss-as/server/production/</filename> and uncomment the
         lines indicated below to enable the Java Security Manager. Once those items are 
         uncommented from <filename>run.conf</filename>, simply start the server using the 
         supplied startup script (<filename>run.sh</filename> or <filename>run.bat</filename>) 
         as normal.</para>
+<important>
+	<para>
+		run.conf is part of the production configuration of the EAP. Only the production configuration is allowed in the Common Criteria Configuration.
+	</para>
+</important>
         
         <example><title><filename>run.conf</filename> with Java Security Manager enabled</title>
         <screen># Uncomment the following to run with Common Criteria configuration 

Modified: projects/docs/enterprise/4.3.3/Common_Criteria_Guide/en-US/Security_Features.xml
===================================================================
--- projects/docs/enterprise/4.3.3/Common_Criteria_Guide/en-US/Security_Features.xml	2008-10-30 02:41:32 UTC (rev 80233)
+++ projects/docs/enterprise/4.3.3/Common_Criteria_Guide/en-US/Security_Features.xml	2008-10-30 03:59:09 UTC (rev 80234)
@@ -19,6 +19,9 @@
                 <listitem>
                     <para>URLs and paths provided with URLs can be protected from 
                     access by subjects.</para>
+	    	    	<para>
+				In order to disable the HTTP service, remove the <filename>httpha-invoker.sar</filename> folder from the production server deploy directory. 
+			</para>
                 </listitem>
             </varlistentry>
             <varlistentry>
@@ -177,9 +180,9 @@
                 <para>State of HTTP sessions and EJB 2.x session beans (distributed 
                 state replication service using HASessionState MBean)</para>
             </listitem>
-            <listitem>
+          <!--  <listitem>
                 <para>JNDI state (JBoss HA-JNDI)</para>
-            </listitem>
+            </listitem> -->
             <listitem>
                 <para>JMS queues</para>
             </listitem>

Modified: projects/docs/enterprise/4.3.3/Common_Criteria_Guide/en-US/System_Installation.xml
===================================================================
--- projects/docs/enterprise/4.3.3/Common_Criteria_Guide/en-US/System_Installation.xml	2008-10-30 02:41:32 UTC (rev 80233)
+++ projects/docs/enterprise/4.3.3/Common_Criteria_Guide/en-US/System_Installation.xml	2008-10-30 03:59:09 UTC (rev 80234)
@@ -5,8 +5,8 @@
 
 <chapter id="chap-Common_Criteria_Guide-System_Installation">
 	<title>Downloading and Verifying the Packages</title>
-    <para>JBoss EAP is exclusively delivered on line through the Red Hat JBoss Customer Support Portal at 
-    <ulink url="https://support.redhat.com/jbossnetwork/restricted/main.html">https://support.redhat.com/jbossnetwork/restricted/main.html</ulink>. 
+    <para>JBoss EAP is delivered on line through the Red Hat JBoss Customer Support Portal at 
+	    <ulink url="https://support.redhat.com/jbossnetwork/restricted/main.html">https://support.redhat.com/jbossnetwork/restricted/main.html</ulink> and through the Red Hat Network (RHN) at the following address:  <ulink url="https://rhn.redhat.com">https://rhn.redhat.com</ulink>
     </para>
     
     <para>To ensure the authenticity of the downloaded software you need to verify 
@@ -15,32 +15,48 @@
    <section id="verify_authenticity_of_site">
         <title>Verify the Authenticity of the Download Site.</title>
 
-        <para>The  Red Hat JBoss Customer Support Portal is a secure site.  This is 
-        indicated by the 'lock' icon in the browser address bar or status bar.</para>  
+        <para>Red Hat JBoss Customer Support Portal and Red Hat Network are secure sites.  This is 
+        indicated by the 'lock' icon in the browser status bar. The lock may also present itself in the address bar depending on what browser you are using.</para>  
 
         <important>
-            <para>The following images are taken from the Firefox2 web browser. While most 
+            <para>The following images have been taken with the Firefox3 and Firefox2 web browsers. While most 
             popular web-browsers display this information in a very similar manner it may 
             differ slightly to these images.</para>
         </important>
 
-        <figure><title>Secure site 'lock' icon displayed in the Firefox address bar.</title>
+	<figure><title>Secure site 'lock' icon displayed in the Firefox3 status bar.</title>
+		<mediaobject>
+			<imageobject><imagedata fileref="images/ssl_statusbar.png" /></imageobject>
+		</mediaobject>
+        </figure>
+	
+        <figure><title>Secure site 'lock' icon displayed in the Firefox2 address bar.</title>
             <mediaobject>
                 <imageobject><imagedata fileref="images/ssl_addressbar.png" /></imageobject>
             </mediaobject>
         </figure>
         
-        <figure><title>Secure site 'lock' icon displayed in the Firefox status bar.</title>
-            <mediaobject>
-                <imageobject><imagedata fileref="images/ssl_statusbar.png" /></imageobject>
-            </mediaobject>
+        <para>
+		If these items are not visible you may wish to check the authenticity of the site by viewing the identiy certificate. To give an example of how this can be done, we will use the Firefox web browser.
+	</para>
+	<para>
+		Within the Firefox browser, go to Tools in the top menu bar and then click on Page Info. From here click the Security icon and then the <guibutton>View Certificate</guibutton> button. 
+	</para>
+	<para>
+		The certificate will display details such as who the owner of the page is, who issued the certificate, when it was issued and when it expires as well as SHA1 and MD5 fingerprint verification strings. An example of the certificate for <ulink url="https://rhn.redhat.com">https://rhn.redhat.com</ulink> follows. 
+	</para>
+	
+	<figure><title>The RHN certification certificate</title>
+		<mediaobject>
+			<imageobject><imagedata fileref="images/rhn_certificate.png" /></imageobject>
+		</mediaobject>
         </figure>
-        
-        <para>If these items are not visible this means that you are not at the correct site.  
-        If you are unable to reach the secure Red Hat JBoss Customer Support Portal site you 
-        should contact Red Hat Support &amp;report this problem.</para>
+	
+	<para>
+		If neither of the lock icons are present in your browser and a verified certificate cannot be found, this may mean that you are not at the correct site. If you are unable to reach the secure Red Hat JBoss Customer Support Portal or Red Hat Network sites you should contact Red Hat Support and report this problem.
+	</para>
 
-        <para>When the 'lock' icon is clicked a dialog window will be displayed with the details 
+<!--        <para>When the 'lock' icon is clicked a dialog window will be displayed with the details 
         of the site certificate.  If this dialog does not specify that the web sites identity is 
         verified then you are not at the correct site.</para>
 
@@ -49,11 +65,11 @@
                 <imageobject><imagedata fileref="images/certificate.png" /></imageobject>
             </mediaobject>
         </figure>
-
+-->
     </section>
     
-    <section id="verify_downloaded_files">
-        <title>Verifying the Downloaded Files</title>
+    <section id="verify_downloaded_files_Customer_Support_Site">
+        <title>Verifying the Downloaded Files from the Red Hat JBoss Customer Support Portal</title>
         <para>The JBoss EAP evaluated configuration is found for download on the 
         Customer support site by browsing to <guimenuitem>JBoss Enterprise Middleware</guimenuitem>, 
         <guimenuitem>Application Platform</guimenuitem>, <guimenuitem>Certified downloads</guimenuitem>.</para>
@@ -130,7 +146,103 @@
         
     
     </section>
-        
-        
+    
+    <section id="verify_downloaded_files_RHN">
+        <title>Verifying the Downloaded Files from the Red Hat Network</title>
+	<para>The JBoss EAP evaluated configuration is found for download on the Red Hat Network by first logging into RHN and then locating and selecting the download. This section will detail the steps necesssary to download the EAP from RHN and then the verification of the download.</para>
+	
+	<para>
+		Firstly you will have to login to the Red Hat Network with your Red Hat login and password. If you have lost these details, click on the <guilabel>Lost login/Password?</guilabel> link and follow the prompts.
+	</para>
+	
+	<figure><title>RHN login page</title>
+		<mediaobject>
+			<imageobject><imagedata fileref="images/RHN_Login.png" /></imageobject>
+		</mediaobject>
+	</figure>
+	
+	<para>
+		To find the JBoss EAP download, begin by clicking on the <guimenuitem>Channels</guimenuitem> menu item at the top of the page. 
+	</para>
+	
+	<figure><title>RHN Channels Tab</title>
+		<mediaobject>
+			<imageobject><imagedata fileref="images/RHN_Channels.png" /></imageobject>
+		</mediaobject>
+	</figure>
+	
+	<para>
+		From the dropdown menu system, select the JBoss Application Platform, version 4.3.0 (as it is the certified version) followed by the architecture of your system and then click on the <guibutton>Filter</guibutton> button. 
+	</para>
+	<para>
+		The following image is an example filter search and displays all versions of the EAP that are avaliable. For the certified version select <productname>JBoss Enterprise Application Platform 4.3.0</productname>. 
+	</para>
+	
+	<figure><title>Searching for the JBoss Enterprise Application Platform</title>
+		<mediaobject>
+			<imageobject><imagedata fileref="images/RHN_select_version.png" /></imageobject>
+		</mediaobject>
+	</figure>
+	
+	<para>
+		From the filtered list the is returned and after selecting the appropriate version of the JBoss EAP for your system, another page will be displayed which outlines the details of the download. 
+	</para>
+	
+	<figure><title>JBoss EAP download details</title>
+		<mediaobject>
+			<imageobject><imagedata fileref="images/RHN_EAP_details.png" /></imageobject>
+		</mediaobject>
+	</figure>
+	
+	<para>
+		Under the JBoss Application Platform title is a list of tabs. Curently the <guimenuitem>Details</guimenuitem> tab is selected. By clicking on the last tab called <guimenuitem>Downloads</guimenuitem>, a list of all the downloads which form the JBoss EAP will be displayed. 
+	</para>
+	
+	<figure><title>JBoss EAP download file list</title>
+		<mediaobject>
+			<imageobject><imagedata fileref="images/RHN_download.png" /></imageobject>
+		</mediaobject>
+	</figure>
+	
+	<para>The software details page also contains the MD5 checksum values for each package. These values are used to verify the integrity of your downloaded files.</para>
+	
+	<para>You can use the <command>md5sum</command> utility as detailed below to calculate 
+		the checksum values of the files to compare to the supplied values on the website.</para>  
+	
+	<note>
+		<para>The command line examples given are accurate for most Linux and 
+			Unix operating systems.  Mac OS X includes the equivalent command 
+			<command>md5</command>.</para>  
+		
+		<para>If you are using Microsoft Windows you will have to download a 
+			third party utility to perform these steps as it does not include a 
+			MD5SUM tool.</para>
+	</note>
+	
+	<para>The values that are generated by the MD5SUM tool should be the same as the value 
+		on the Downloads page. If it is not then your download is either incomplete 
+		or corrupted. You will need to download it again. </para>
+	
+	<warning>
+		<para>If after several attempts you are unable to download a copy of the file that 
+			produces a valid checksum values you should open a support case to report the 
+			problem. </para>
+	</warning>
+	
+	
+	<section id="verify_RHN_downloaded_files_MD5">
+		<title>Verifying the Downloaded Files</title>
+		<para>After you have downloaded the file, run the <command>md5sum</command> command-line utility and specify 
+			the file you downloaded as the first argument. </para>
+		
+		<example><title>Using the md5sum tool on Linux or Unix</title>
+<screen>
+$ md5sum jboss-eap-4.3.0.GA_CP03.zip 
+b6fd40c285f0243133dd29789f6a08a0 jboss-eap-4.3.0.GA_CP03.zip 
+</screen>
+		</example>
+		
+	</section>
+</section>
 
 </chapter>

Modified: projects/docs/enterprise/4.3.3/Common_Criteria_Guide/en-US/images/ssl_statusbar.png
===================================================================
(Binary files differ)




More information about the jboss-cvs-commits mailing list