yoavs 2004/10/28 13:44:35
Modified: webapps/docs Tag: TOMCAT_5_0 changelog.xml realm-howto.xml
webapps/docs/config Tag: TOMCAT_5_0 ajp.xml
Log:
Bugzilla 31739: minor doc patches.
Revision Changes Path
No revision
No revision
1.70.2.62 +3 -0 jakarta-tomcat-catalina/webapps/docs/changelog.xml
Index: changelog.xml
===================================================================
RCS file: /home/cvs/jakarta-tomcat-catalina/webapps/docs/changelog.xml,v
retrieving revision 1.70.2.61
retrieving revision 1.70.2.62
diff -u -r1.70.2.61 -r1.70.2.62
--- changelog.xml 28 Oct 2004 20:30:52 -0000 1.70.2.61
+++ changelog.xml 28 Oct 2004 20:44:35 -0000 1.70.2.62
@@ -40,6 +40,9 @@
<update>
Added and updated Connector documentation: <bug>31945</bug>. (yoavs)
</update>
+ <update>
+ <bug>31739</bug>: Minor documentation corrections for realm-howto and AJP
docs. (yoavs)
+ </update>
</changelog>
</subsection>
1.14.2.3 +21 -4 jakarta-tomcat-catalina/webapps/docs/realm-howto.xml
Index: realm-howto.xml
===================================================================
RCS file: /home/cvs/jakarta-tomcat-catalina/webapps/docs/realm-howto.xml,v
retrieving revision 1.14.2.2
retrieving revision 1.14.2.3
diff -u -r1.14.2.2 -r1.14.2.3
--- realm-howto.xml 3 Sep 2004 21:58:39 -0000 1.14.2.2
+++ realm-howto.xml 28 Oct 2004 20:44:35 -0000 1.14.2.3
@@ -8,6 +8,7 @@
<properties>
<author email="[EMAIL PROTECTED]">Craig R. McClanahan</author>
+ <author email="[EMAIL PROTECTED]">Andrew R. Jaquith</author>
<title>Realm Configuration HOW-TO</title>
</properties>
@@ -1221,12 +1222,15 @@
JAAS Authentication Tutorial</a> and
<a
href="http://java.sun.com/j2se/1.4.1/docs/guide/security/jaas/JAASLMDevGuide.html";>the
JAAS Login Module
Developer's Guide</a>) to be managed by the JAAS Login
-Context (<code>javax.security.auth.login.LoginContext</code>)
+Context (<code>javax.security.auth.login.LoginContext</code>).
+When developing your LoginModule, note that JAASRealm's built-in
<code>CallbackHandler</code>
+only recognizes the <code>NameCallback</code> and <code>PasswordCallback</code> at
present.
</li>
<li>Although not specified in JAAS, you should create
seperate classes to distinguish between users and roles, extending
<code>javax.security.Principal</code>,
so that Tomcat can tell which Principals returned from your login
module are users and which are roles (see
<code>org.apache.catalina.realm.JAASRealm</code>).
+Regardless, the first Principal returned is <em>always</em> treated as the user
Principal.
</li>
<li>Place the compiled classes on Tomcat's classpath
</li>
@@ -1234,7 +1238,8 @@
href="http://java.sun.com/j2se/1.4.1/docs/guide/security/jaas/tutorials/LoginConfigFile.html";>JAAS
LoginConfig file</a>) and tell Tomcat where to find it by specifying
its location to the JVM, for instance by setting the environment
-variable:
JAVA_OPTS=-D<code>JAVA_OPTS=-Djava.security.auth.login.config==$CATALINA_HOME/conf/jaas.config</code></li>
+variable:
<code>JAVA_OPTS=-DJAVA_OPTS=-Djava.security.auth.login.config==$CATALINA_HOME/conf/jaas.config</code></li>
+
<li>Configure your security-constraints in your web.xml for
the resources you want to protect</li>
<li>Configure the JAASRealm module in your server.xml </li>
@@ -1263,7 +1268,7 @@
</attribute>
<attribute name="appName" required="true">
- <p>The name of the realm as configured in your login configuration file
+ <p>The name of the application as configured in your login configuration file
(<a
href="http://java.sun.com/j2se/1.4.1/docs/guide/security/jaas/tutorials/LoginConfigFile.html";>JAAS
LoginConfig</a>).</p>
</attribute>
@@ -1277,6 +1282,14 @@
for your role <code>Principals</code>.</p>
</attribute>
+ <attribute name="useContextClassLoader" required="false">
+ <p>Instructs JAASRealm to use the context class loader for loading the
user-specified
+ <code>LoginModule</code> class and associated <code>Principal</code> classes.
The
+ default value is <code>true</code>, which is backwards-compatible with the way
+ Tomcat 4 works. To load classes using the container's classloader, specify
+ <code>true</code>.</p>
+ </attribute>
+
</attributes>
<h3>Example</h3>
@@ -1325,8 +1338,12 @@
<li>Debugging and exception messages logged by this <code>Realm</code>
will be recorded by the <code>Logger</code> that is associated with our
surrounding <code>Context</code>, <code>Host</code>, or <code>Engine</code>.
-By default, the corresponding Logger will create a log file in the
<code>$CATALINA_HOME/logs</code>
+By default, the corresponding Logger will create a log file in the
<code>$CATALINA_HOME/logs</code>
directory.</li>
+ <li>As with other <code>Realm</code> implementations, digested passwords
+ are supported if the <code><Realm></code> element in
<code>server.xml</code>
+ contains a <code>digest</code> attribute; JAASRealm's
<code>CallbackHandler</code>
+ will digest the password prior to passing it back to the
<code>LoginModule</code></li>
</ul>
</subsection>
No revision
No revision
1.4.2.2 +21 -1 jakarta-tomcat-catalina/webapps/docs/config/ajp.xml
Index: ajp.xml
===================================================================
RCS file: /home/cvs/jakarta-tomcat-catalina/webapps/docs/config/ajp.xml,v
retrieving revision 1.4.2.1
retrieving revision 1.4.2.2
diff -u -r1.4.2.1 -r1.4.2.2
--- ajp.xml 21 Aug 2004 15:50:12 -0000 1.4.2.1
+++ ajp.xml 28 Oct 2004 20:44:35 -0000 1.4.2.2
@@ -9,6 +9,7 @@
<properties>
<author email="[EMAIL PROTECTED]">Remy Maucherat</author>
<author email="[EMAIL PROTECTED]">Yoav Shapira</author>
+ <author email="[EMAIL PROTECTED]">Andrew R. Jaquith</author>
<title>The AJP Connector</title>
</properties>
@@ -45,7 +46,9 @@
<p>For servers with more than one IP address, this attribute
specifies which address will be used for listening on the specified
port. By default, this port will be used on all IP addresses
- associated with the server.</p>
+ associated with the server. A value of <code>127.0.0.1</code>
+ indicates that the Connector will only listen on the loopback
+ interface.</p>
</attribute>
<attribute name="allowTrace" required="false">
@@ -67,6 +70,23 @@
the container FORM URL parameter parsing. The feature can be disbled by
setting this attribute to a value inferior or equal to 0.
If not specified, this attribute is set to 2097152 (2 megabytes).</p>
+ </attribute>
+
+ <attribute name="minProcessors" required="false">
+ <p>The minimum number of processors to start at initialization time.
+ If not specified, this attribute is set to 5.</p>
+ </attribute>
+
+ <attribute name="maxProcessors" required="false">
+ <p>The maximum number of processors allowed. This should be
+ set to a value that is greater than or equal to the maximum number
+ of concurrent connections the remote web server can open to Tomcat
+ simultaneously. For example, if the web server is Apache 1.x or 2.x
+ Tomcat's <code>maxProcessors</code> should be set to the
+ value of Apache's <code>maxClients</code> directive.</p>
+ <p>A <code>maxProcessors</code> value of zero (0) signifies that
+ the number of processors is unlimited. If not specified, this
+ atttribute defaults to 20.</p>
</attribute>
<attribute name="redirectPort" required="false">
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
