geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dwo...@apache.org
Subject svn commit: r734466 [2/4] - in /geronimo/server/trunk/plugins: activemq/activemq-portlets/src/main/resources/ activemq/activemq-portlets/src/main/webapp/WEB-INF/view/jmswizard/ console/console-base-portlets/src/main/resources/ console/console-base-port...
Date Wed, 14 Jan 2009 18:19:36 GMT
Modified: geronimo/server/trunk/plugins/console/plugin-portlets/src/main/resources/pluginportlets.properties
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/console/plugin-portlets/src/main/resources/pluginportlets.properties?rev=734466&r1=734465&r2=734466&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/console/plugin-portlets/src/main/resources/pluginportlets.properties
(original)
+++ geronimo/server/trunk/plugins/console/plugin-portlets/src/main/resources/pluginportlets.properties
Wed Jan 14 10:19:35 2009
@@ -177,100 +177,140 @@
 consolebase.common.user            = User
 consolebase.common.userName        = Username
 
-realmwizard._sql.JDBCDriverClassExp              = The fully-qualified JDBC driver class
name.  This driver must be located in the JAR specified in the next field.
-realmwizard._sql.JDBCPasswordExp                 = The password used to connect to the database
-realmwizard._sql.JDBCUrlExp                      = The JDBC URL that specifies the details
of the database to connect to.  This has a different form for each JDBC driver.
-realmwizard._sql.JDBCUsernameExp                 = The username used to connect to the database
-realmwizard._sql.databasePoolExp                 = A database pool that the login module
will use to connect to the database.  If this is specified, none of the rest of the settings
after this are necessary.
-realmwizard._sql.digestAlgorithmExp              = Message Digest algorithm (e.g. MD5, SHA1,
etc.) used on the passwords.  Leave this field empty if no digest algorithm is used.
-realmwizard._sql.digestEncodingExp               = Encoding to use for digests (e.g. hex,
base64).  This is used only if a Message Digest algorithm is specified.If no encoding is specified,
hex will be used.
-realmwizard._sql.driverJARExp                    = The JAR holding the selected JDBC driver.
 Should be installed under GERONIMO/repository/ to appear in this list.
-realmwizard._sql.eitherPoolOrJDBC                = A SQL security realm must either have
a database pool or JDBC connectivity settings to  connect to the database.  Please select
EITHER the database pool, OR the rest of the JDBC settings.
-realmwizard._sql.groupSelectSQLExp               = A SQL statement to load group information
for a user.  It should return 2 columns, the first holding a username and the second holding
a group name.  The statement may use the PreparedStatement syntax of ? for a parameter,  in
which case the username will be set for every parameter.  A typical setting would be  <tt>SELECT
username, group_name FROM user_groups WHERE username=?</tt> or  for a more normalized
schema,   <tt>SELECT u.username, g.name FROM app_users u, groups g, user_groups ug WHERE
ug.user_id=users.id AND ug.group_id=g.id AND u.username=?</tt>
-realmwizard._sql.selectDatabasePool              = A SQL security realm must either have
a database pool or JDBC connectivity settings to  connect to the database.  Please select
EITHER the database pool, OR the rest of the JDBC settings.
-realmwizard._sql.userSelectSQLExp                = A SQL statement to load user/password
information.  It should return 2 columns, the first holding a username and the second holding
a password.   The statement may use the PreparedStatement syntax of ? for a parameter,   in
which case the username will be set for every parameter.    A typical setting would be <tt>SELECT
username, password FROM app_users WHERE username=?</tt> 
-realmwizard.advanced.AuditEnabledExp             = If enabled, every login attempt will be
recorded to the specified file.  The path should be relative to the Geronimo home directory
(a typical value would be <tt>var/log/login-attempts.log</tt>).
-realmwizard.advanced.credentialName              = Credential Name
-realmwizard.advanced.credentialNameExp           = If enabled, the realm will store each
username and password in a private credential in the Subject under a specified credential
name.
-realmwizard.advanced.failuresWithin              = failures within
-realmwizard.advanced.failuresWithinSeconds       = seconds
-realmwizard.advanced.keepAccountLockedFor        = and keep the account locked for
-realmwizard.advanced.keepAccountLockedForSeconds = seconds
-realmwizard.advanced.lockUserAfter               = Lock a user after
-realmwizard.advanced.lockoutEnabledExp           = If enabled, a certain number of failed
logins in a particular time frame will cause a user's account to be locked for a certain period
of time.  This is a defense against brute force account cracking attacks.
-realmwizard.advanced.namedCredential             = Named Credential
-realmwizard.advanced.storePasswordEnabledExp     = If enabled, the realm will store each
user's password in a private credential in the Subject. This will allow access to the password
later after the login process has completed.  This is not normally required.
-realmwizard.advanced.title                       = <b>Create Security Realm</b>
-- Step 3: Advanced Configuration
-realmwizard.common.JDBCDriverClass               = JDBC Driver Class
-realmwizard.common.JDBCPassword                  = JDBC Password
-realmwizard.common.JDBCUrl                       = JDBC URL
-realmwizard.common.JDBCUsername                  = JDBC Username
-realmwizard.common.addSecurityRealm              = Add new security realm
-realmwizard.common.addToEAR                      = Add to EAR
-realmwizard.common.comfirmPwd                    = Confirm password
-realmwizard.common.configurationOptions          = Configuration Options
-realmwizard.common.controlFlag                   = Control Flag
-realmwizard.common.databasePool                  = Database Pool
-realmwizard.common.deploy                        = Deploy
-realmwizard.common.deployCommand                 = Deploy Command
-realmwizard.common.deployRealm                   = Deploy Realm
-realmwizard.common.deploymentPlan                = Deployment Plan
-realmwizard.common.digestAlgorithm               = Digest Algorithm
-realmwizard.common.digestEncoding                = Digest Encoding
-realmwizard.common.driverJAR                     = Driver JAR
-realmwizard.common.editRealm                     = Edit Realm
-realmwizard.common.editSettings                  = Edit Settings
-realmwizard.common.enableAuditing                = Enable Auditing
-realmwizard.common.enableLockout                 = Enable Lockout
-realmwizard.common.groupSelectSQL                = Group SELECT SQL
-realmwizard.common.logFile                       = Log File
-realmwizard.common.loginDomainName               = Login Domain Name
-realmwizard.common.loginModule                   = Login Module
-realmwizard.common.loginModuleClass              = Login Module Class
-realmwizard.common.nameOfSecurityRealm           = Name of Security Realm
-realmwizard.common.principals                    = Principals
-realmwizard.common.realmName                     = Realm Name
-realmwizard.common.realmType                     = Realm Type
-realmwizard.common.serverSide                    = Server-Side
-realmwizard.common.serverWide                    = Server-wide
-realmwizard.common.showPlan                      = Show Plan
-realmwizard.common.skipTestAndDeploy             = Skip Test and Deploy
-realmwizard.common.skipTestAndShowPlan           = Skip Test and Show Plan
-realmwizard.common.storePassword                 = Store Password
-realmwizard.common.supportAdvancedMapping        = Support Advanced Mapping
-realmwizard.common.testAgain                     = Test Again
-realmwizard.common.testLogin                     = Test a Login
-realmwizard.common.userSelectSQL                 = User SELECT SQL
-realmwizard.configure.title                      = <b>Create Security Realm</b>
-- Step 2: Configure Login Module
-realmwizard.edit.configurationOptionsExp         = Any configuration options necessary for
the login module, in the standard Java properties format (one per line, <tt>name=value</tt>)
-realmwizard.edit.controlFlagExp                  = The control flag for the login module,
which controls what happens to the overall login processing if this login module succeeds
or fails.  For more information see 
-realmwizard.edit.ifLeaveBlank                    = If you don't need to use as many login
modules as there are entries below,just leave the extra ones blank.
-realmwizard.edit.loginDomainExp                  = The login domain for this login module,
which must be unique among all modules in the security realm. This can be used to distinguish
principals from two otherwise identical login modules (for example, from two LDAP login modules
pointing to two different LDAP servers)
-realmwizard.edit.loginModuleClassExp             = The fully-qualified class name for the
login module.
-realmwizard.edit.loginModuleJAR                  = Login Module JAR
-realmwizard.edit.loginModuleJARExp               = The jar containing Login Module and Principal
classes.
-realmwizard.edit.realmNameExp                    = A name that is different than the name
for any other security realms in the server (no spaces in the name please). Other components
will use this name to refer to the security realm.
-realmwizard.edit.serverSideExp                   = Server-side login modules are executed
within the application server (this is normally correct).  Client-side login modules are executed
in the client's environment, for example, in order to use single sign-on features of the client
OS.
-realmwizard.edit.summary                         = <p>This page edits a new or existing
security realm.</p><p>A security realm may have one or more login modules.  Many
simple realms have only one login module.  Additional login modules may be used to access
more underlying security information stores, or to add functionality such as auditing to a
realm without affecting the authentication process for the realm.</p>
-realmwizard.edit.supportAdvancedMappingExp       = Normally Geronimo can't distinguish between
two different principals that have the same name and same principal class but were produced
by two different login modules.  If this option is enabled, Geronimo will "wrap" principals
to track which login module and realm each principal came from. This lets you use the "realm-principal"
and "login-domain-principal" elements in your security mapping in Geronimo deployment plans.
-realmwizard.list.noSecurityRealms                = There are no security realms defined
-realmwizard.list.seeExamples                     = For each realm listed, you can click the
<b>usage</b> link to see examples of how to use the realm from your application.\r\n
-realmwizard.list.title                           = This page lists all the available security
realms.  Server-wide security realms can be edited, while security realms deployed as part
of a single application cannot (change the deployment plan in the application instead).
-realmwizard.selectType.nameOfSecurityRealmExp    = A name that is different than the name
for any other security realms in the server (no spaces in the name please). Other components
will use this name to refer to the security realm.
-realmwizard.selectType.realmTypeExp              = The type of login module used as the master
for this security realm. Select "Other" for manual configuration options including custom
login modules and realms that use multiple login modules to populate user principals.
-realmwizard.selectType.title                     = <b>Create Security Realm</b>
-- Step 1: Select Name and Type
-realmwizard.showPlan.addToEARExp                 = Instead of deploying as a top-level security
realm, you can deploy this realm as part of an EAR. To add a security realm to an EAR using
this plan, create a <tt>META-INF/geronimo-application.xml</tt> file in your EAR
that has the <tt>dependency</tt> elements (if any) and  <tt>gbean</tt>
elements from the plan above.  It should look something like this:
-realmwizard.showPlan.deployCommandExp            = To deploy a security realm from the command
line using this plan, copy and paste it to a file (say, <tt>security-realm.xml</tt>)
and save it.  Then run a command like:
-realmwizard.showPlan.title                       = <b>Create Security Realm</b>
-- Show Deployment Plan
-realmwizard.testLogin.passwordExp                = The password to use to log in to the realm.
-realmwizard.testLogin.summary                    = From here you can enter a username and
password for the main login module in the realm, and see if the login is successful and which
Principals are generated for the user. This is meant to be an indication of whether the settings
for the main login module are correct.  It does not invoke advanced features such as auditing
or lockout.
-realmwizard.testLogin.title                      = <b>Create Security Realm</b>
-- Step 4: Test Login
-realmwizard.testLogin.usernameExp                = The username to use to log in to the realm.
-realmwizard.testResults.testResults              = Test Results
-realmwizard.testResults.title                    = <b>Create Security Realm</b>
-- Step 5: Login Results
-realmwizard.usage.applicationCode                = Application Code
-realmwizard.usage.applicationCodeExp             = <p>No special application code is
required to work with security roles.</p><p>If an application calls <tt>HttpServletRequest.getUserPrincipal()</tt>,
Geronimo will return a principal where the principal class implements <tt>GeronimoCallerPrincipal</tt>
-- normally a username (since <tt>GeronimoUserPrincipal</tt> implements <tt>GeronimoCallerPrincipal</tt>).
 If you're using a custom login module and getting the wrong results for <tt>getUserPrincipal</tt>,
try making your user principal class implement <tt>GeronimoCallerPrincipal</tt>.</p>
<p>If an application calls <tt>HttpServletRequest.isUserInRole(role)</tt>,
Geronimo will return true or false depending on whether any of the principals assigned to
that user by the realm's login modules were listed in the role mapping above.</p>
-realmwizard.usage.geronimoWebXmlLater            = <p>This example indicated that {0}
will be used to handle all logins to the web application.  Then it maps the <tt>admin</tt>
role to a combination of one user (<tt>root</tt>) and one group (<tt>administrators</tt>),
using a combination of the principal classes and principal names.  (Note that if {0} uses
a custom login module, the principal classes may be different, but the ones listed above are
used for users and groups by all the standard Geronimo login modules.)</p> <p>It's
also possible to configure separate login modules to use separate login domain names,  and
then use the login domain names in the role mapping (so a user "root" from login domain "Foo"
is different from a user "root" from login domain "Bar"), but this is only important if you
have multiple login modules assigning principals to the users.</p> <p> Finally,
if the <tt>security</tt> section is declared in an EAR <tt>application.xml</tt>
deployment descrip
 tor, there's no need to repeat it in any of the modules inside the EAR -- they'll all share
the same role mapping information.</p>
-realmwizard.usage.geronimoWebXmlPreface          = <p>To configure the security realm
and the members of each role, the web application needs to have a <tt>geronimo-web.xml</tt>
deployment plan. That may be packaged in the WAR in the <tt>WEB-INF</tt> directory,
or it may be provided separately on the command line to the deploy tool.</p> <p>The
<tt>geronimo-web.xml</tt> plan should have a <tt>security-realm-name</tt>
element indicating which realm will be used to authenticate logins to the web application.
It also needs to have a <tt>security</tt> element listing the users or groups
who should be members of each <tt>security-role</tt> listed in <tt>web.xml</tt>.</p>
-realmwizard.usage.title                          = This page talks about how to use the security
realm {0} from a J2EE application. The example here is a web application, but other application
modules would work similarly.
-realmwizard.usage.webXmlShouldHave               = <p>The <tt>web.xml</tt>
should have</p><ul>  <li>One or more <tt>security-constraint</tt>
blocks designating the protected pages or URLs</li>  <li>A <tt>login-config</tt>
section configuring the login style for the application</li>  <li>One or more
<tt>security-role</tt> blocks listing the security roles used by the application</li></ul>
+realmwizard._sql.JDBCDriverClassExp                          = The fully-qualified JDBC driver
class name.  This driver must be located in the JAR specified in the next field.
+realmwizard._sql.JDBCPasswordExp                             = The password used to connect
to the database
+realmwizard._sql.JDBCUrlExp                                  = The JDBC URL that specifies
the details of the database to connect to.  This has a different form for each JDBC driver.
+realmwizard._sql.JDBCUsernameExp                             = The username used to connect
to the database
+realmwizard._sql.databasePoolExp                             = A database pool that the login
module will use to connect to the database.  If this is specified, none of the rest of the
settings after this are necessary.
+realmwizard._sql.digestAlgorithmExp                          = Message Digest algorithm (e.g.
MD5, SHA1, etc.) used on the passwords.  Leave this field empty if no digest algorithm is
used.
+realmwizard._sql.digestEncodingExp                           = Encoding to use for digests
(e.g. hex, base64).  This is used only if a Message Digest algorithm is specified.If no encoding
is specified, hex will be used.
+realmwizard._sql.driverJARExp                                = The JAR holding the selected
JDBC driver.  Should be installed under GERONIMO/repository/ to appear in this list.
+realmwizard._sql.eitherPoolOrJDBC                            = A SQL security realm must
either have a database pool or JDBC connectivity settings to  connect to the database.  Please
select EITHER the database pool, OR the rest of the JDBC settings.
+realmwizard._sql.groupSelectSQLExp                           = A SQL statement to load group
information for a user.  It should return 2 columns, the first holding a username and the
second holding a group name.  The statement may use the PreparedStatement syntax of ? for
a parameter,  in which case the username will be set for every parameter.  A typical setting
would be  <tt>SELECT username, group_name FROM user_groups WHERE username=?</tt>
or  for a more normalized schema,   <tt>SELECT u.username, g.name FROM app_users u,
groups g, user_groups ug WHERE ug.user_id=users.id AND ug.group_id=g.id AND u.username=?</tt>
+realmwizard._sql.selectDatabasePool                          = A SQL security realm must
either have a database pool or JDBC connectivity settings to  connect to the database.  Please
select EITHER the database pool, OR the rest of the JDBC settings.
+realmwizard._sql.userSelectSQLExp                            = A SQL statement to load user/password
information.  It should return 2 columns, the first holding a username and the second holding
a password.   The statement may use the PreparedStatement syntax of ? for a parameter,   in
which case the username will be set for every parameter.    A typical setting would be <tt>SELECT
username, password FROM app_users WHERE username=?</tt> 
+realmwizard.advanced.AuditEnabledExp                         = If enabled, every login attempt
will be recorded to the specified file.  The path should be relative to the Geronimo home
directory (a typical value would be <tt>var/log/login-attempts.log</tt>).
+realmwizard.advanced.credentialName                          = Credential Name
+realmwizard.advanced.credentialNameExp                       = If enabled, the realm will
store each username and password in a private credential in the Subject under a specified
credential name.
+realmwizard.advanced.failuresWithin                          = failures within
+realmwizard.advanced.failuresWithinSeconds                   = seconds
+realmwizard.advanced.keepAccountLockedFor                    = and keep the account locked
for
+realmwizard.advanced.keepAccountLockedForSeconds             = seconds
+realmwizard.advanced.lockUserAfter                           = Lock a user after
+realmwizard.advanced.lockoutEnabledExp                       = If enabled, a certain number
of failed logins in a particular time frame will cause a user's account to be locked for a
certain period of time.  This is a defense against brute force account cracking attacks.
+realmwizard.advanced.namedCredential                         = Named Credential
+realmwizard.advanced.storePasswordEnabledExp                 = If enabled, the realm will
store each user's password in a private credential in the Subject. This will allow access
to the password later after the login process has completed.  This is not normally required.
+realmwizard.advanced.title                                   = <b>Create Security Realm</b>
-- Step 3: Advanced Configuration
+realmwizard.common.JDBCDriverClass                           = JDBC Driver Class
+realmwizard.common.JDBCPassword                              = JDBC Password
+realmwizard.common.JDBCUrl                                   = JDBC URL
+realmwizard.common.JDBCUsername                              = JDBC Username
+realmwizard.common.addSecurityRealm                          = Add new security realm
+realmwizard.common.addToEAR                                  = Add to EAR
+realmwizard.common.comfirmPwd                                = Confirm password
+realmwizard.common.configurationOptions                      = Configuration Options
+realmwizard.common.controlFlag                               = Control Flag
+realmwizard.common.databasePool                              = Database Pool
+realmwizard.common.deploy                                    = Deploy
+realmwizard.common.deployCommand                             = Deploy Command
+realmwizard.common.deployRealm                               = Deploy Realm
+realmwizard.common.deploymentPlan                            = Deployment Plan
+realmwizard.common.digestAlgorithm                           = Digest Algorithm
+realmwizard.common.digestEncoding                            = Digest Encoding
+realmwizard.common.driverJAR                                 = Driver JAR
+realmwizard.common.editRealm                                 = Edit Realm
+realmwizard.common.editSettings                              = Edit Settings
+realmwizard.common.enableAuditing                            = Enable Auditing
+realmwizard.common.enableLockout                             = Enable Lockout
+realmwizard.common.groupSelectSQL                            = Group SELECT SQL
+realmwizard.common.logFile                                   = Log File
+realmwizard.common.loginDomainName                           = Login Domain Name
+realmwizard.common.loginModule                               = Login Module
+realmwizard.common.loginModuleClass                          = Login Module Class
+realmwizard.common.nameOfSecurityRealm                       = Name of Security Realm
+realmwizard.common.principals                                = Principals
+realmwizard.common.realmName                                 = Realm Name
+realmwizard.common.realmType                                 = Realm Type
+realmwizard.common.serverSide                                = Server-Side
+realmwizard.common.serverWide                                = Server-wide
+realmwizard.common.showPlan                                  = Show Plan
+realmwizard.common.skipTestAndDeploy                         = Skip Test and Deploy
+realmwizard.common.skipTestAndShowPlan                       = Skip Test and Show Plan
+realmwizard.common.storePassword                             = Store Password
+realmwizard.common.supportAdvancedMapping                    = Support Advanced Mapping
+realmwizard.common.testAgain                                 = Test Again
+realmwizard.common.testLogin                                 = Test a Login
+realmwizard.common.userSelectSQL                             = User SELECT SQL
+realmwizard.configure.certprops.groupsURI.description        = The location of a properties
file (relative to the Geronimo home dir) holding group information.  The format of each line
should be <tt>group=user,user,...</tt>.
+realmwizard.configure.certprops.groupsURI.name               = Groups File URI
+realmwizard.configure.certprops.usersURI.description         = The location of a properties
file (relative to the Geronimo home dir) holding certificate to user mapping information.
 The format of each line should be <tt>username=certificatename</tt> where certificate
name is <tt>X509Certificate.getSubjectX500Principal().getName()</tt>
+realmwizard.configure.certprops.usersURI.name                = Users File URI
+realmwizard.configure.ldap.authentication.description        = The security level to use,
which can be <tt>none</tt>, <tt>simple</tt>, or <tt>strong</tt>
(the usual value is <tt>simple</tt>.  If this property is unspecified, the behavior
is determined by the service provider.
+realmwizard.configure.ldap.authentication.name               = Authentication
+realmwizard.configure.ldap.connectionPassword.description    = The password used to connect
to the LDAP server.
+realmwizard.configure.ldap.connectionPassword.name           = Connect Password
+realmwizard.configure.ldap.connectionProtocol.description    = The connection protocol used
to communicate with the LDAP server.  Normally left blank, though it can be set to <tt>ssl</tt>
if the server supports it.
+realmwizard.configure.ldap.connectionProtocol.name           = Connect Protocol
+realmwizard.configure.ldap.connectionURL.description         = A URL that describes how to
connect to the LDAP server.  Normally this would be <tt>ldap://ldap-server-hostname:389</tt>
(or for the Apache directory server included with Geronimo, <tt>ldap://localhost:1389</tt>).
+realmwizard.configure.ldap.connectionURL.name                = Connection URL
+realmwizard.configure.ldap.connectionUsername.description    = The user name used to connect
to the LDAP server.  Should be an administrator or Directory manager that has access to examine
other users' passwords.
+realmwizard.configure.ldap.connectionUsername.name           = Connect Username
+realmwizard.configure.ldap.initialContextFactory.description = The fully-qualified class
name of the initial context factory.  If you don't know what to use here, you should use <tt>com.sun.jndi.ldap.LdapCtxFactory</tt>.
+realmwizard.configure.ldap.initialContextFactory.name        = Initial Context Factory
+realmwizard.configure.ldap.roleBase.description              = The base LDAP context (location)
to search for roles.  The search may look in this location only, or there and all subcontexts,
depending on the settings for "Role Search Subtree" below.
+realmwizard.configure.ldap.roleBase.name                     = Role Base
+realmwizard.configure.ldap.roleName.description              = The LDAP attribute type that
corresponds to the the role name.  Often set to <tt>cn</tt>.
+realmwizard.configure.ldap.roleName.name                     = Role Name
+realmwizard.configure.ldap.roleSearchMatching.description    = The LDAP attribute search
string used on a role to find the users who are members of the role.  This is used when the
role has many attributes with the same name, but with different values (one per user).  Normally
the parameter <tt>{0}</tt> is used to identify the username.  A typical value
would be <tt>(member={0})</tt> or <tt>(memberUID={0})</tt>.
+realmwizard.configure.ldap.roleSearchMatching.name           = Role User Search String
+realmwizard.configure.ldap.roleSearchSubtree.description     = If set to <tt>true</tt>,
then subtrees under the "Role Base" will be searched for roles too.  If set to <tt>false</tt>,
then only the "Role Base" location itself will be searched.
+realmwizard.configure.ldap.roleSearchSubtree.name            = Role Search Subtree
+realmwizard.configure.ldap.userBase.description              = The base LDAP context (location)
to search for users.  The search may look in this location only, or there and all subcontexts,
depending on the settings for "User Search Subtree" below.
+realmwizard.configure.ldap.userBase.name                     = User Base
+realmwizard.configure.ldap.userRoleName.description          = If the role entry does not
have an attribute for users, but instead the user entry has an attribute for roles, this should
be used instead of the "Role User Search String".  It names the attribute on a user that lists
a role that user is in.  A typical value would be <tt>(memberOf={0})</tt>.
+realmwizard.configure.ldap.userRoleName.name                 = User Role Search String
+realmwizard.configure.ldap.userSearchMatching.description    = The LDAP attribute search
string used to find the user.  RFC 2254 filters are allowed, and normally the parameter <tt>{0}</tt>
is used to identify the username.  A typical value would be <tt>(uid={0})</tt>
or <tt>(cn={0})</tt>.
+realmwizard.configure.ldap.userSearchMatching.name           = User Search Matching
+realmwizard.configure.ldap.userSearchSubtree.description     = If set to <tt>true</tt>,
then subtrees under the "User Base" will be searched for users too.  If set to <tt>false</tt>,
then only the "User Base" location itself will be searched.
+realmwizard.configure.ldap.userSearchSubtree.name            = User Search Subtree
+realmwizard.configure.props.digest.description               = Message Digest algorithm (e.g.
MD5, SHA1, etc.) used on the passwords.  Leave this field empty if no digest algorithm is
used.
+realmwizard.configure.props.digest.name                      = Digest Algorithm
+realmwizard.configure.props.encoding.description             = Encoding to use for digests
(e.g. hex, base64).  This is used only if a Message Digest algorithm is specified.  If no
encoding is specified, hex will be used.
+realmwizard.configure.props.encoding.name                    = Digest Encoding
+realmwizard.configure.props.groupsURI.description            = The location of a properties
file (relative to the Geronimo home dir) holding group information.  The format of each line
should be <tt>group=user,user,...</tt>.
+realmwizard.configure.props.groupsURI.name                   = Groups File URI
+realmwizard.configure.props.usersURI.description             = The location of a properties
file (relative to the Geronimo home dir) holding user/password information.  The format of
each line should be <tt>username=password</tt>.
+realmwizard.configure.props.usersURI.name                    = Users File URI
+realmwizard.configure.title                                  = <b>Create Security Realm</b>
-- Step 2: Configure Login Module
+realmwizard.edit.configurationOptionsExp                     = Any configuration options
necessary for the login module, in the standard Java properties format (one per line, <tt>name=value</tt>)
+realmwizard.edit.controlFlagExp                              = The control flag for the login
module, which controls what happens to the overall login processing if this login module succeeds
or fails.  For more information see 
+realmwizard.edit.ifLeaveBlank                                = If you don't need to use as
many login modules as there are entries below,just leave the extra ones blank.
+realmwizard.edit.loginDomainExp                              = The login domain for this
login module, which must be unique among all modules in the security realm. This can be used
to distinguish principals from two otherwise identical login modules (for example, from two
LDAP login modules pointing to two different LDAP servers)
+realmwizard.edit.loginModuleClassExp                         = The fully-qualified class
name for the login module.
+realmwizard.edit.loginModuleJAR                              = Login Module JAR
+realmwizard.edit.loginModuleJARExp                           = The jar containing Login Module
and Principal classes.
+realmwizard.edit.realmNameExp                                = A name that is different than
the name for any other security realms in the server (no spaces in the name please). Other
components will use this name to refer to the security realm.
+realmwizard.edit.serverSideExp                               = Server-side login modules
are executed within the application server (this is normally correct).  Client-side login
modules are executed in the client's environment, for example, in order to use single sign-on
features of the client OS.
+realmwizard.edit.summary                                     = <p>This page edits a
new or existing security realm.</p><p>A security realm may have one or more login
modules.  Many simple realms have only one login module.  Additional login modules may be
used to access more underlying security information stores, or to add functionality such as
auditing to a realm without affecting the authentication process for the realm.</p>
+realmwizard.edit.supportAdvancedMappingExp                   = Normally Geronimo can't distinguish
between two different principals that have the same name and same principal class but were
produced by two different login modules.  If this option is enabled, Geronimo will "wrap"
principals to track which login module and realm each principal came from. This lets you use
the "realm-principal" and "login-domain-principal" elements in your security mapping in Geronimo
deployment plans.
+realmwizard.list.noSecurityRealms                            = There are no security realms
defined
+realmwizard.list.seeExamples                                 = For each realm listed, you
can click the <b>usage</b> link to see examples of how to use the realm from your
application.\r\n
+realmwizard.list.title                                       = This page lists all the available
security realms.  Server-wide security realms can be edited, while security realms deployed
as part of a single application cannot (change the deployment plan in the application instead).
+realmwizard.selectType.nameOfSecurityRealmExp                = A name that is different than
the name for any other security realms in the server (no spaces in the name please). Other
components will use this name to refer to the security realm.
+realmwizard.selectType.realmTypeExp                          = The type of login module used
as the master for this security realm. Select "Other" for manual configuration options including
custom login modules and realms that use multiple login modules to populate user principals.
+realmwizard.selectType.title                                 = <b>Create Security Realm</b>
-- Step 1: Select Name and Type
+realmwizard.showPlan.addToEARExp                             = Instead of deploying as a
top-level security realm, you can deploy this realm as part of an EAR. To add a security realm
to an EAR using this plan, create a <tt>META-INF/geronimo-application.xml</tt>
file in your EAR that has the <tt>dependency</tt> elements (if any) and  <tt>gbean</tt>
elements from the plan above.  It should look something like this:
+realmwizard.showPlan.deployCommandExp                        = To deploy a security realm
from the command line using this plan, copy and paste it to a file (say, <tt>security-realm.xml</tt>)
and save it.  Then run a command like:
+realmwizard.showPlan.title                                   = <b>Create Security Realm</b>
-- Show Deployment Plan
+realmwizard.testLogin.passwordExp                            = The password to use to log
in to the realm.
+realmwizard.testLogin.summary                                = From here you can enter a
username and password for the main login module in the realm, and see if the login is successful
and which Principals are generated for the user. This is meant to be an indication of whether
the settings for the main login module are correct.  It does not invoke advanced features
such as auditing or lockout.
+realmwizard.testLogin.title                                  = <b>Create Security Realm</b>
-- Step 4: Test Login
+realmwizard.testLogin.usernameExp                            = The username to use to log
in to the realm.
+realmwizard.testResults.testResults                          = Test Results
+realmwizard.testResults.title                                = <b>Create Security Realm</b>
-- Step 5: Login Results
+realmwizard.usage.applicationCode                            = Application Code
+realmwizard.usage.applicationCodeExp                         = <p>No special application
code is required to work with security roles.</p><p>If an application calls <tt>HttpServletRequest.getUserPrincipal()</tt>,
Geronimo will return a principal where the principal class implements <tt>GeronimoCallerPrincipal</tt>
-- normally a username (since <tt>GeronimoUserPrincipal</tt> implements <tt>GeronimoCallerPrincipal</tt>).
 If you're using a custom login module and getting the wrong results for <tt>getUserPrincipal</tt>,
try making your user principal class implement <tt>GeronimoCallerPrincipal</tt>.</p>
<p>If an application calls <tt>HttpServletRequest.isUserInRole(role)</tt>,
Geronimo will return true or false depending on whether any of the principals assigned to
that user by the realm's login modules were listed in the role mapping above.</p>
+realmwizard.usage.geronimoWebXmlLater                        = <p>This example indicated
that {0} will be used to handle all logins to the web application.  Then it maps the <tt>admin</tt>
role to a combination of one user (<tt>root</tt>) and one group (<tt>administrators</tt>),
using a combination of the principal classes and principal names.  (Note that if {0} uses
a custom login module, the principal classes may be different, but the ones listed above are
used for users and groups by all the standard Geronimo login modules.)</p> <p>It's
also possible to configure separate login modules to use separate login domain names,  and
then use the login domain names in the role mapping (so a user "root" from login domain "Foo"
is different from a user "root" from login domain "Bar"), but this is only important if you
have multiple login modules assigning principals to the users.</p> <p> Finally,
if the <tt>security</tt> section is declared in an EAR <tt>application.xml</tt>
deploy
 ment descriptor, there's no need to repeat it in any of the modules inside the EAR -- they'll
all share the same role mapping information.</p>
+realmwizard.usage.geronimoWebXmlPreface                      = <p>To configure the
security realm and the members of each role, the web application needs to have a <tt>geronimo-web.xml</tt>
deployment plan. That may be packaged in the WAR in the <tt>WEB-INF</tt> directory,
or it may be provided separately on the command line to the deploy tool.</p> <p>The
<tt>geronimo-web.xml</tt> plan should have a <tt>security-realm-name</tt>
element indicating which realm will be used to authenticate logins to the web application.
It also needs to have a <tt>security</tt> element listing the users or groups
who should be members of each <tt>security-role</tt> listed in <tt>web.xml</tt>.</p>
+realmwizard.usage.title                                      = This page talks about how
to use the security realm {0} from a J2EE application. The example here is a web application,
but other application modules would work similarly.
+realmwizard.usage.webXmlShouldHave                           = <p>The <tt>web.xml</tt>
should have</p><ul>  <li>One or more <tt>security-constraint</tt>
blocks designating the protected pages or URLs</li>  <li>A <tt>login-config</tt>
section configuring the login style for the application</li>  <li>One or more
<tt>security-role</tt> blocks listing the security roles used by the application</li></ul>



Mime
View raw message