incubator-sling-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From build...@apache.org
Subject svn commit: r813969 [2/11] - /websites/staging/sling/trunk/content/
Date Sun, 22 Apr 2012 17:09:58 GMT
Modified: websites/staging/sling/trunk/content/architecture.html
==============================================================================
--- websites/staging/sling/trunk/content/architecture.html (original)
+++ websites/staging/sling/trunk/content/architecture.html Sun Apr 22 17:09:56 2012
@@ -79,198 +79,10 @@
     
     <div class="main">
       <div class="breadcrump" style="font-size: 80%;">
-		(TODO: breadcrumb here)
-      </div>
-      <h1 class="title">Architecture</h1>
-      <div>
-	    <p><a name="Architecture-ArchitectureofSling"></a></p>
-<h1 id="architecture-of-sling">Architecture of Sling</h1>
-<p>The following is a short list of high-lights of Sling:</p>
-<ul>
-<li>*<a href="#osgi.html">OSGi</a></li>
-<li>--- The Sling application is built as a series of OSGi bundles and makes
-heavy use of a number of OSGi core and compendium services.</li>
-<li>*<a href="#sling-api.html">#Sling API</a></li>
-<li>--- To implement content based Web applications with Sling, an API has
-been defined, this extends the Servlet API and provides more functionality
-to work on the content.</li>
-<li>*<a href="#request-processing.html">#Request Processing</a></li>
-<li>--- Sling takes a unique approach to handling requests in that a request
-URL is first resolved to a resource, then based on the resource (and only
-the resource) it selects the actual servlet or script to handle the
-request.</li>
-<li>*<a href="#resources.html">#Resources</a></li>
-<li>--- The central mantra of Sling is the <em>Resource</em>, which represents the
-resource addressed by any request URL. It is the resource that is first
-resolved when handling a request. Based on the resource, a first servlet or
-script is then accessed to actually handle the request.</li>
-<li>*<a href="#servlets-and-scripts.html">#Servlets and Scripts</a></li>
-<li>--- Servlets and Scripts are handled uniformly in that they are
-represented as resources themselves and are accessible by a resource path.</li>
-<li>*<a href="#launchpad.html">#Launchpad</a></li>
-<li>--- Sling uses a very thin launcher to integrate with an existing servlet
-container, launching Sling as a Web application or providing a main class
-to represent a standalone Java application.</li>
-</ul>
-<p>The following sections elaborate on each of these highlights.</p>
-<p><a name="Architecture-OSGi"></a></p>
-<h2 id="osgi">OSGi</h2>
-<p><a href="http://www.osgi.org">OSGi</a>
- is a consortium that has developed a specification to build modular and
-extensible applications. This offers [various benefits|http://www.osgi.org/About/WhyOSGi]
-. We deal mainly with two parts of the specifications: The Core
-Specification, which defines the OSGi Framework and Core Services, and the
-Compendium Services Specification, which defines a host of services that
-extend the functionality of the OSGi Framework.</p>
-<p><a name="Architecture-OSGiFramework"></a></p>
-<h3 id="osgi-framework">OSGi Framework</h3>
-<p>The OSGi Framework is made up of three layers -- Module, Lifecycle, and
-Services -- that define how extensible applications are built and deployed.
-The responsibilities of the layers are:</p>
-<ul>
-<li><em>Module</em> --- Defines how a module, or a <em>Bundle</em> in OSGi-speak, is
-defined. Basically, a bundle is just a plain old JAR file, whose manifest
-file has some defined entries. These entries identify the bundle with a
-symbolic name, a version and more. In addition there are headers which
-define what a bundle provides -- <em>Export-Package</em> -- and what a bundle
-requires to be operative -- <em>Import-Package</em> and <em>Require-Bundle</em>.</li>
-<li><em>Lifecycle</em> --- The lifecycle layer defines the states a bundle may be in
-and describes the state changes. By providing a class, which implements the
-<em>BundleActivator</em> interface and which is named in the
-<em>Bundle-Activator</em> manifest header, a bundle may hook into the lifecycle
-process when the bundle is started and stopped.</li>
-<li><em>Services</em> --- For the application to be able to interact, the OSGi Core
-Specification defines the service layer. This describes a registry for
-services, which may be shared.</li>
-</ul>
-<p><a name="Architecture-CompendiumServices"></a></p>
-<h3 id="compendium-services">Compendium Services</h3>
-<p>Based on the OSGi Framework specification, the Compendium Services
-specification defines a (growing) number of extension services, which may
-be used by applications for various tasks. Of these Compendium Services,
-Sling is using just a small number:</p>
-<ul>
-<li><em>Log Service</em> --- Sling comes with its own implementation of the OSGi Log
-Service specification. The respective bundle not only provides this
-implementation, it also exports the SLF4J, Log4J and Commons Logging APIs
-needed for the Sling application to perform logging.</li>
-<li><em>Http Service</em> --- Sling leverages the OSGi Http Service to hook into a
-servlet container to provide the Web Application Framework mechanism.</li>
-<li><em>Configuration Admin Service</em> --- To simplify configuration of services
-in Sling, the OSGi Configuration Admin service is used. This provides a
-uniform API to configure services and to build configuration management
-agents.</li>
-<li><em>Metatype Service</em> --- The OSGi Metatype Service defines a way to
-describe the data types. Sling uses this service to describe the
-configurations that may be created using the Configuration Admin Service.
-These meta type descriptions are used by configuration management agents to
-present to user interface to manage the configurations.</li>
-<li><em>Event Admin Service</em> --- Sling uses the OSGi EventAdmin service to
-dispatch events when scheduling tasks.</li>
-<li><em>Declarative Services</em> --- One of the most important (beside the Log
-Service) services used by Sling is the Declarative Services Specification.
-This specification defines how to declaratively create components and
-services to have the Declarative Services runtime actually manage the
-lifecycle, configuration and references of components.</li>
-</ul>
-<p><a name="Architecture-SlingAPI"></a></p>
-<h2 id="sling-api">Sling API</h2>
-<p>The Sling API is an extension to the Servlet API which provides more
-functionality to interact with the Sling framework and also to extend Sling
-itself and to implement Sling applications.</p>
-<p>See the <a href="sling-api.html">Sling API</a>
- page for more information.</p>
-<p><a name="Architecture-RequestProcessing"></a></p>
-<h2 id="request-processing">Request Processing</h2>
-<p>Traditional Web Application framework emply more or less elaborate methods
-to select a Servlet or Controller based on the request URL, which in turn
-tries to load some data (usually from a database) to act upon and finally
-to render the result somehow.</p>
-<p>Sling turns this processing around in that it places the data to act upon
-at the center and consequently uses the request URL to first resolve the
-data to process. This data is internally represented as an instance of the
-<em>Resource</em> interface. Based on this resource as well as the request
-method and more properties of the request URL a script or servlet is then
-selected to handle the request.</p>
-<p>See the <a href="servlets.html">Servlets</a>
- page for more information.</p>
-<p><a name="Architecture-Resources"></a></p>
-<h2 id="resources">Resources</h2>
-<p>The Resource is one of the central parts of Sling. Extending from JCR's
-<em>Everything is Content</em>, Sling assumes <em>Everthing is a Resource</em>. Thus
-Sling is maintaining a virtual tree of resources, which is a merger of the
-actual contents in the JCR Repository and resources provided by so called
-resource providers.</p>
-<p>Each resource has a path by which it is addressed in the resource tree, a
-resource type and some resource metadata (such as file size, last
-modification time). It is important to understand, that a <em>Resource</em>
-instance actually is only a handle to the actual data. By virtue of the
-<em>adaptTo(Class<Type>)</em> method, a resource may be coerced into another
-data type, which may then be used while processing the request. Examples of
-data types are <em>javax.jcr.Node</em> and <em>java.io.InputStream</em>.</p>
-<p>See the <a href="resources.html">Resources</a>
- page for more information.</p>
-<p><a name="Architecture-ServletsandScripts"></a></p>
-<h2 id="servlets-and-scripts">Servlets and Scripts</h2>
-<p>Scripts are usually provided as content in a JCR repository. But since
-Sling is using a resource tree, a script actually is represented as a
-Resource and may be provided from within a Bundle (by virtue of the bundle
-resource provider) or even from the platform file system (by virtue of the
-file system resource provider).</p>
-<p>Accessing scripts in the resource tree, allows for a very easy to
-understand mapping from resource type to some script path.</p>
-<p>Having found the script resource, we still need access to the appropriate
-script language implementation to evaluate the script. To this avail, Sling
-is making use of the <em>Resource.adaptTo(Class<Type>)</em> method: If a script
-language implementation is available for the extension of the script name
-an adaptor for the script resource can be found, which handles the
-evaluation of the script.</p>
-<p>Besides scripting languages, such as ECMAScript, Groovy, JSP, Sling also
-supports regular servlets. To be able to use servlets for request
-processing, such servlets must be registered as OSGi services for the
-<em>javax.servlet.Servlet</em> interface and provide a number of service
-registration properties, which are used to use the servlets. In fact
-servlets thus registered as OSGi services are mapped into the resource tree
-by means of a servlet resource provider. This resource provider mapps the
-servlets into the resource tree using the service registration properties
-to build one or more resource paths for the servlet.</p>
-<p>As a result of mapping servlets into the resource tree and the possibility
-to adapt resource to an adaptor data type, scripts and servlets may be
-handled completely transparently: The servlet resolver just looks for a
-resource matching the resource type and adapts the resource found to
-<em>javax.jcr.Servlet</em>. If the resource happens to be provided by a servlet
-resource provider, the adapter is of course the servlet itself. If the
-resource happens to be a script, the adapter is a servlet facade which
-internally calls the script language implementation to evaluate the script.</p>
-<p>See the <a href="servlet-resolution.html">Servlet Resolution</a>
- page for more information.</p>
-<p><a name="Architecture-Launchpad"></a></p>
-<h2 id="launchpad">Launchpad</h2>
-<p>Sling may be launched as a standalone application using the Sling
-Application or as a Web Application running inside any Servlet API 2.4 or
-newer Servlet Container.</p>
-<p>The Sling Application is a standalone Java Application which is really
-small: Just the main class and some glue classes. The OSGi framework as
-well as the OSGi API libraries are packaged as a JAR file, which is loaded
-through a custom classloader. This enables to update the framework and/or
-OSGi API libraries from within Sling by updating the system bundle.</p>
-<p>The Sling Servlet is equally small as the Sling Application. It uses the
-Felix <em>HttpService</em> bridge as the glue between the servlet container and
-the OSGi framework.</p>
-<p>As we have seen, Sling may be launched as a standalone Java Application or
-as a Web Application inside any compliant Servlet Container. To hide the
-differences of the launching mechanism, Sling internally registers a
-Servlet with an OSGi <em>HttpService</em>. Regardless of how Sling is launched,
-the Felix implementation of the OSGi <em>HttpService</em> specification is used.
-When Sling is launched as a standalone Java Application, Felix HttpService
-uses an embedded version of the Jetty servlet container. When Sling is
-launched as a Web Application, the Felix HttpService Bridge is used.</p>
-<p>Optionally, PAX Web's implementation of HttpService can be used when Sling
-is launched as a standalone Java Application. See the <a href="maven-launchpad-plugin.html">Maven Launchpad Plugin</a>
- page for information on how to do this.</p>
-<p>See <a href="the-sling-launchpad.html">The Sling Launchpad</a>
- for more information.</p>
+<a href="/">Home</a>
       </div>
+   <!--   <h1 class="title">Architecture</h1> -->
+
     
         <div class="trademarkFooter"> 
 		Apache Sling, Sling, Apache, the Apache feather logo, and the Apache Sling project logo are trademarks of The Apache Software Foundation. All other marks mentioned may be trademarks or registered trademarks of their respective owners.

Modified: websites/staging/sling/trunk/content/assembly.html
==============================================================================
--- websites/staging/sling/trunk/content/assembly.html (original)
+++ websites/staging/sling/trunk/content/assembly.html Sun Apr 22 17:09:56 2012
@@ -79,254 +79,10 @@
     
     <div class="main">
       <div class="breadcrump" style="font-size: 80%;">
-		(TODO: breadcrumb here)
+<a href="/">Home</a>
       </div>
-      <h1 class="title">Assembly</h1>
-      <div>
-	    <p><a name="Assembly-Assembly:BundlingBundles"></a></p>
-<h1 id="assembly-bundling-bundles">Assembly: Bundling Bundles</h1>
-<p>{panel}
-The Assembly concept grew out of a need to bundle together a set of OSGi
-Bundles to deploy applications. The concept has been developped before the
-OSGi Deployment Package Service Specification has been published in the
-Release 4.1 Compendium Services Specification. It will have to be discussed
-whether the Assembly concept is dropped in favor of the Deplyoment Package
-Service.
-{panel}</p>
-<p><a name="Assembly-Introduction"></a></p>
-<h2 id="introduction">Introduction</h2>
-<p>This chapter discusses the units of deployment as well as the units of
-functionality. The following contents is based on the Module and Service
-specifications of the OSGi Service Platform Core Specification, Release 4
-but enhances functionality for ease of use and in terms of best practices.</p>
-<p>The term <em>Units of Deployment</em> describes the idea of packaging up
-functionality implemented by Java Classes into modules, so called
-<em>Bundles</em>. For bigger and more complicated applications the fine grained
-modularity of <em>Bundles</em> may be to complicated, so this chapter proposes an
-extension called <em>Assembly</em>. The goal of the <em>Assembly</em> specification
-presented below is to provide functionality to delivery a collection of
-bundles belonging together.</p>
-<p>The term <em>Units of Functionality</em> describes the idea of providing services
-implemented by Java Classes, so called <em>Services</em>. A <em>Service</em> is an
-abstraction and does not actually prescribe the implementation of specific
-interfaces. Instead the OSGi specification states how functionality may be
-provided to clients by registering objects implementing interfaces defining
-the functionality in terms of a Java API.</p>
-<p><a name="Assembly-Bundles"></a></p>
-<h2 id="bundles">Bundles</h2>
-<p>The core unit of deployment is the <em>Bundle</em>. The OSGi core specification
-defines a <em>Bundle</em> to be a Java Archive (JAR) file whose manifest - the
-<em>META-INF/MANIFEST.MF</em> file - contains specific headers identifying the
-bundle. Most manifest headers are optional with defined default values -
-only the <em>Bundle-SymbolicName</em> header is actually required and the
-<em>Bundle-ManifestVersion</em> header should be set to <em>2</em> to identify the
-bundle to be a R4 bundle. Other information defined in the manifest is the
-bundle version, the list of packages exported - provided to other bundles -
-and imported - used and required to be provided by other bundles. See
-chapter <em>3.2.1 Bundle Manifest Header</em> of the OSGi Service Platform Core
-Specification for a complete list of the defined bundle manifest headers.</p>
-<p>Bundles may be installed, updated , started, stopped and removed in an OSGi
-framework individually.</p>
-<p><a name="Assembly-Assemblies"></a></p>
-<h2 id="assemblies">Assemblies</h2>
-<p>For the deployment of bigger systems, the number of bundles may increase
-very quickly. To ease the management of products consisting of multiple
-bundles, this chapter introduces the <em>Assembly</em>. An Assembly is simply a
-collection of bundles deployed together. An Assembly - like a Bundle - is a
-JAR file whose manifest contains specific headers. In fact, an Assembly is
-just a standard bundle, with additional functionality.</p>
-<p>Assemblies are managed by the <em>Assembly Manager</em> which itself is a bundle
-installed into the framework.</p>
-<p><a name="Assembly-Assemblymanifestheaders"></a></p>
-<h3 id="assembly-manifest-headers">Assembly manifest headers</h3>
-<p>As an Assembly is a standard Bundle, all the defined Bundle manifest
-headers may be specified. In addition, for the <em>Assembly Manager</em> to
-recognize an assembly and for the OSGi Bundle Repository to support
-dependency resolution, the following manifest headers are defined. All
-headers are optional with documented default values except where noted.</p>
-<ul>
-<li><em>Assembly-Bundles</em> - The list of bundles contained in this assembly. See
-below for the definition of the syntax of this header. This header is
-required. The presence of this headers identifies an Assembly to the
-<em>Assembly Manager</em>.</li>
-<li><em>Assembly-BundleRepository</em> - A comma-separated list of URLs pointing to
-OSGi Bundle Repository descriptors. These bundle repositories will be used
-to install bundles listed in the <em>Assembly-Bundles</em> header. This header
-is optional with not default value.</li>
-</ul>
-<p><a name="Assembly-AssemblyLifecycle"></a></p>
-<h3 id="assembly-lifecycle">Assembly Lifecycle</h3>
-<p>An Assembly, like all bundles, may be in any of the defined bundle states:</p>
-<ul>
-<li><em>Installed</em> - The Assembly bundle has been installed into the system but
-not yet resolved. The <em>Assembly Manager</em> will try to install all bundles
-listed in the <em>Assembly-Bundles</em> header. The start levels of the bundles
-will be set according to the <em>startlevel</em> parameter. The bundles will not
-be started. If installation of one or more of the bundles fails, <em>Assembly
-Manager</em> logs an error message.</li>
-<li><em>Resolved</em> - The Assembly bundle is resolved, that is all imported
-packages are wired into the framework. The <em>Assembly Manager</em> does not
-handle this state change, rather the installed bundles will be resolved by
-the framework either automatically after installation or when started
-later.</li>
-<li><em>Started</em> - The Assembly bundle has been started by calling the
-<em>Bundle.start()</em> method. The <em>Assembly Manager</em> will start all newly
-installed and resolved bundles. Depending on the start level set on the
-bundle(s) and the current system start level, the bundles will only be
-permanently marked to start while actually starting the bundles may be
-delayed until the system enters the respective start level. If any bundle
-fails to start, an error message is logged.</li>
-<li><em>Stopped</em> - The Assembly bundle has been stopped by calling the
-<em>Bundle.stop()</em> method. All bundles belong to the Assembly and linked to
-the Assembly are also stopped.</li>
-<li><em>Unresolved</em> - The Assembly bundle has been unresolved by the system for
-any reason, possibly any missing dependencies. Assembly bundles entering
-this state are ignored by the <em>Assembly Manager</em>.</li>
-<li><em>Uninstalled</em> - The Assembly bundle is being uninstalled by calling the
-<em>Bundle.uninstall()</em> method. The <em>Assembly Manager</em> will (try to)
-uninstall all bundles listed in the <em>Assembly-Bundles</em> header.</li>
-<li><em>Updated</em> - The Assembly bundle will update all bundles installed
-previously according to the <em>Assembly-Bundles</em> header. If this header
-omits any bundle listed in the previous bundle version, the respective
-bundle is uninstalled from the system. If a bundle is already installed
-with the correct version, the installed bundle is not touched (It may
-though be uninstalled together with the Assembly Bundle if the Assembly
-Bundle is uninstalled).</li>
-</ul>
-<p><a name="Assembly-BundlesreferencedbymultipleAssemblyBundles"></a></p>
-<h3 id="bundles-referenced-by-multiple-assembly-bundles">Bundles referenced by multiple Assembly Bundles</h3>
-<p>It is conceivable, that bundles are listed in the <em>Assembly-Bundles</em>
-header of more than one Assembly Bundle. If this is the case, the following
-collision resolution takes place:</p>
-<ul>
-<li>If the version of the bundle installed by the first Assembly bundle
-handled matches the version specification of any later Assembly Bundle, the
-installed bundle is not touched. Otherwise, if the later Assembly Bundle
-lists a version specification, which is acceptable for the first Assembly
-Bundle, the installed bundle is updated to the required version. If the
-version specifications may not be matched one way or the other, the later
-Assembly Bundle fails to install.</li>
-<li>If the bundle is installed with a defined start level, the later
-Assembly Bundle will not overwrite the already set start level. If the
-start level has not been set yet it is set to the specified start level.</li>
-<li>Bundles installed through Assembly Bundles remain installed as long as
-there is at least one Assembly Bundle listing the bundle in the
-<em>Assembly-Bundles</em> header. As soon as there is no referring Assembly
-Bundle anymore, the bundle is uninstalled.</li>
-<li>Bundles not referred to by any Assembly Bundle are ignored by the
-<em>Assembly Manager</em>.</li>
-<li>Bundles installed through the <em>Assembly Manager</em> may be updated and/or
-uninstalled independently from their defining Assembly Bundle. If a bundle
-has been installed it will be reinstalled the next time the Assembly Bundle
-enters the <em>installed</em> state. If a bundle has been updated, it is not
-touched by the <em>Assembly Manager</em> as long as the updated version matches
-the version specification of the Assembly Bundle.</li>
-</ul>
-<p><a name="Assembly-BundleInstallation"></a></p>
-<h3 id="bundle-installation">Bundle Installation</h3>
-<p>When an Assembly is installed into the framework, the <em>Assembly Manager</em>
-checks to see whether the Assembly needs to be deployed. This is done by
-checking the bundles listed in the <em>Assembly-Bundles</em> header whether they
-are installed or not. All bundles not installed will be installed and
-started if requested so.</p>
-<p>The following BNF defines the syntax =Assembly-Bundles= header value:</p>
-<div class="codehilite"><pre><span class="n">Assembly</span><span class="o">-</span><span class="n">Bundles</span> <span class="o">=</span> <span class="n">Bundle</span> <span class="p">{</span> <span class="s">&quot;,&quot;</span> <span class="n">Bundle</span> <span class="p">}</span> <span class="o">.</span>
-<span class="n">Bundle</span> <span class="o">=</span> <span class="n">Symbolic</span><span class="o">-</span><span class="n">Name</span> <span class="p">{</span> <span class="s">&quot;;&quot;</span> <span class="n">Parameter</span> <span class="p">}</span> <span class="o">.</span>
-<span class="n">Symbolic</span><span class="o">-</span><span class="n">Name</span> <span class="o">=</span> <span class="sr">//</span> <span class="n">The</span> <span class="n">Bundle</span> <span class="n">symbolic</span> <span class="n">name</span> 
-<span class="n">Parameter</span> <span class="o">=</span> <span class="n">ParameterName</span> <span class="s">&quot;=&quot;</span> <span class="n">ParameterValue</span> <span class="o">.</span>
-</pre></div>
+   <!--   <h1 class="title">Assembly</h1> -->
 
-
-<p>To control the selection and installation of bundles, the following
-parameters may be used:</p>
-<ul>
-<li><em>version</em> - The version of the bundle to install. This is a version range
-specification as per chapter 3.2.5 Version Ranges of the OSGi core
-specification. When this parameter is declared as a single version - eg.
-<em>1.2.3</em> - it is interpreted as the version range <em>~[1.2.3, &infin;~)</em>. The
-default value is <em>~[0.0.0,&infin;~)</em> to install the most recent version of
-the bundle available.</li>
-<li><em>startlevel</em> - The start level to set for the bundle. This may be any
-positive integer value. Default value is undefined to use the current
-initial bundle start level of the framework.</li>
-<li><em>entry</em> - The path of the Assembly Bundle entry providing the data to be
-installed.</li>
-<li><em>linked</em> - Defines whether the bundle should be started and stopped
-together with the Assembly to which the bundle belongs. Default value is
-<em>true</em>.</li>
-</ul>
-<p>If resolving the bundles results in more bundles to be downloaded from the
-bundle repository to resolve the dependency, these bundles are always
-automatically started and assigned a startlevel which is smaller than the
-smallest startlevel of any of the bundles listed.</p>
-<p><a name="Assembly-BundleLocation"></a></p>
-<h3 id="bundle-location">Bundle Location</h3>
-<p>Generally bundles to be installed with an Assembly Bundle are retrieved
-from an OSGi Bundle Repository. The <em>Assembly-BundleRepository</em> header
-may list additional URLs which will be temporarily used to resovle the
-bundles. Otherwise the system default bundle repositories will be used
-only.</p>
-<p>If a bundle is defined in the <em>Assembly-Bundles</em> header with an <em>entry</em>
-parameter, the respective entry is first looked for in the Assembly Bundle.
-If the entry exists, it is used as the bundle source to install. If no
-<em>entry</em> parameter is present for a declared bundle or the entry is
-missing, the OSGi Bundle Repository is used.</p>
-<p>Restrictions when packaging bundles with the Assembly:</p>
-<ul>
-<li><em>Dependency Resolution</em> - Any missing dependencies of the bundles to be
-installed will not be resolved. That is, if the bundles fail to resolve,
-the Assembly fails to install.</li>
-<li><em><em>version</em> Parameter</em> - The <em>version</em> parameter of the bundle
-installation declaration is ignored because any JAR file whose name matches
-the bundle symbolic name to be installed, is installed.</li>
-</ul>
-<p>If the <em>Assembly-BundleRepository</em> header contains a comma-separated list
-of URL to OSGi Bundle Repository descriptors and the OSGi Bundle Repository
-Service is available in the framework, the bundles declared in the
-<em>Assembly-Bundles</em> header are resolved through the OSGi Bundle Repository
-Service using the URL from the <em>Assembly-BundleRepository</em> header.</p>
-<p>If the bundles declare any dependencies, which may not be resolved by
-bundles already installed in the framework or by any of the bundles to be
-installed, the OSGi Bundle Repository is used to try to resolve these
-missing dependencies. If this resolution succeeds, installation of the
-Assembly succeeds. Any bundles not declared in the Assembly but installed
-due to this dependency resolution will not be assumed to belong to the
-Assembly. Hence, these bundles will not be uninstalled (or updated) if the
-Assembly is uninstalled (or updated).</p>
-<ul>
-<li><em>Example</em> - Assume the <em>Assembly-Bundles</em> header is set to
-<em>org.apache.sling.sample1;entry=path.jar,org.apache.sling.sample2</em>. The
-bundle <em>org.apache.sling.sample1</em> is then installed from the Assembly
-Bundle entry <em>path.jar</em>, while the bundle <em>org.apache.sling.sample2</em> is
-resolved in the OSGi Bundle Repository.</li>
-</ul>
-<p><a name="Assembly-BestPractices"></a></p>
-<h2 id="best-practices">Best Practices</h2>
-<p><a name="Assembly-SizeofBundles"></a></p>
-<h3 id="size-of-bundles">Size of Bundles</h3>
-<p>There is no fixed formula to calculate the best size for a bundle: It all
-depends on the contents and the intentions of the bundle and its
-programmer. The following list provides some hints:</p>
-<ul>
-<li>For ease of development follow the idea of <em>One Bundle - One Project</em></li>
-<li>Don't pack too much into a bundle but do not pack a single class into
-a bundle (unless you have a very good reason of course :-) )</li>
-<li>Do not mix and match everything into a bundle. Rather bundle things
-together which belong together, for example create separate bundles for a
-HTTP Client implementation and DB support classes</li>
-<li>Use similar heuristics to decide on the contents of a bundle as you
-would for the contents of a plain old JAR file.</li>
-</ul>
-<p><a name="Assembly-NomenestOmen"></a></p>
-<h3 id="nomen-est-omen">Nomen est Omen</h3>
-<p>The symbolic name of a bundle should reflect its contents. A bundle should
-generally only contain a single subtree in the virtual package tree. The
-symbolic name of the bundle should be the root package contained within.
-For example, consider a bundle containing the packages
-<em>org.apache.sling.sample</em>, <em>org.apache.sling.sample.impl</em>,
-<em>org.apache.sling.more</em>. The bundle would the be named
-<em>org.apache.sling.sample</em>.</p>
-      </div>
     
         <div class="trademarkFooter"> 
 		Apache Sling, Sling, Apache, the Apache feather logo, and the Apache Sling project logo are trademarks of The Apache Software Foundation. All other marks mentioned may be trademarks or registered trademarks of their respective owners.

Modified: websites/staging/sling/trunk/content/authentication---actors.html
==============================================================================
--- websites/staging/sling/trunk/content/authentication---actors.html (original)
+++ websites/staging/sling/trunk/content/authentication---actors.html Sun Apr 22 17:09:56 2012
@@ -79,112 +79,10 @@
     
     <div class="main">
       <div class="breadcrump" style="font-size: 80%;">
-		(TODO: breadcrumb here)
-      </div>
-      <h1 class="title">Authentication - Actors</h1>
-      <div>
-	    <p><a name="Authentication-Actors-Actors"></a></p>
-<h1 id="actors">Actors</h1>
-<p>{excerpt}The authentication process involves a number of actors
-contributing to the concepts, the API and the particular
-implementations.{excerpt}</p>
-<p><a name="Authentication-Actors-OSGiHttpServiceSpecification"></a></p>
-<h2 id="osgi-http-service-specification">OSGi Http Service Specification</h2>
-<p>The main support for authentication is defined by the OSGi Http Service
-specification. This specification defines how an OSGi application can
-register servlets and resources to build web applications. As part of the
-servlet and/or resource registration a <em>HttpContext</em> may be provided,
-which allows for additional support.</p>
-<p>The main method of interest to the authentication process is the
-<em>handleSecurity</em> method. This is called by the OSGi Http Service
-implementation before the registered servlet is called. Its intent is to
-authenticate the request and to provide authentication information for the
-request object: the authentication type and the remote user name.</p>
-<p>The Sling Commons Auth bundle provides the <em>AuthenticationSupport</em>
-service which may be used to the implement the
-<em>HttpContext.handleSecurity</em> method.</p>
-<p><a name="Authentication-Actors-SlingEngine"></a></p>
-<h2 id="sling-engine">Sling Engine</h2>
-<p>The Sling Engine implements the main entry point into the Sling system by
-means of the <em>SlingMainServlet</em>. This servlet is registered with the OSGi
-Http Service and provides a custom <em>HttpContext</em> whose <em>handleSecurity</em>
-method is implemented by the <em>AuthenticationSupport</em> service.</p>
-<p>When the request hits the <em>service</em> method of the Sling Main Servlet, the
-resource resolver provided by the <em>AuthenticationSupport</em> service is
-retrieved from the request attributes and used as the resource resolver for
-the request.</p>
-<p>That's all there is for the Sling Engine to do with respect to
-authentication.</p>
-<p><a name="Authentication-Actors-SlingCommonsAuth"></a></p>
-<h2 id="sling-commons-auth">Sling Commons Auth</h2>
-<p>The support for authenticating client requests is implemented in the Sling
-Commons Auth bundle. As such this bundle provides three areas of support</p>
-<ul>
-<li><em>AuthenticationHandler</em> service interface. This is implemented by
-services providing functionality to extract credentials from HTTP requests.</li>
-<li><em>Authenticator</em> service interface. This is implemented by the
-<em>SlingAuthenticator</em> class in the Commons Auth bundle and provides
-applications with entry points to login and logout.</li>
-<li><em>AuthenticationSupport</em> service interface. This is implemented by the
-<em>SlingAuthenticator</em> class in the Commons Auth bundle and allows
-applications registering with the OSGi HTTP Service to make use of the
-Sling authentication infrastructure.</li>
-</ul>
-<p><a name="Authentication-Actors-JCRRepository"></a></p>
-<h2 id="jcr-repository">JCR Repository</h2>
-<p>The actual process of logging into the repository and provided a
-<em>Session</em> is implementation dependent. In the case of Jackrabbit
-extensibility is provided by configuration of the Jackrabbit repository by
-means of an interface and two helper classes:</p>
-<ul>
-<li><em>LoginModule</em> -- The interface to be implemented to provide login
-processing plugins</li>
-<li><em>AbstractLoginModule</em> -- A an abstract base class implementation of
-the <em>LoginModule</em> interface.</li>
-<li><em>DefaultLoginModule</em> -- The default implementation of the
-<em>AbstractLoginModule</em> provided by Jackabbit. This login module takes
-<em>SimpleCredentials</em> and uses the repository to lookup the users, validate
-the credentials and providing the <em>Principal</em> representing the user
-towards the repository.</li>
-</ul>
-<p>The Sling Jackrabbit Embedded Repository bundle provides additional plugin
-interfaces to extend the login process dynamically using OSGi services. To
-this avail the bundle configures a <em>LoginModule</em> with the provided
-default Jackrabbit configuration supporting these plugins:</p>
-<ul>
-<li><em>LoginModulePlugin</em> -- The main service interface. Plugins must
-implement this interface to be able to extend the login process. See for
-example the <a href="http://svn.apache.org/repos/asf/sling/trunk/bundles/extensions/openidauth/">Sling OpenID authentication handler</a>
-, which implements this interface to support OpenID authentication.</li>
-<li><em>AuthenticationPlugin</em> -- Helper interface for the
-<em>LoginModulePlugin</em>.</li>
-</ul>
-<p><a name="Authentication-Actors-SlingApplications"></a></p>
-<h2 id="sling-applications">Sling Applications</h2>
-<p>Sling Applications requiring authenticed requests should not care about how
-authentication is implemented. To support such functionality the
-<em>Authenticator</em> service is provided with two methods:</p>
-<ul>
-<li>
-<p><em>login</em> -- allows the application to ensure requests are
-authenticated. This involves selecting an <em>AuthenticationHandler</em> to
-request credentials for authentication.</p>
-</li>
-<li>
-<p><em>logout</em> -- allows the application to forget about any
-authentication. This involves selecting an <em>AuthenticationHandler</em> to
-forget about credentials in the request.</p>
-</li>
-</ul>
-<p>Sling Applications should never directly use any knowledge of any
-authentication handler or directly call into an authentication handler.
-This will certainly break the application and cause unexpected behaviour.</p>
-<p>{info}
-If you want to know whether a request is authenticated or not, you can
-inspect the result of the <em>HttpServletRequest.getAuthType</em> method: If
-this method returns <em>null</em> the request is not authenticated.
-{info}</p>
+<a href="/">Home</a>
       </div>
+   <!--   <h1 class="title">Authentication - Actors</h1> -->
+
     
         <div class="trademarkFooter"> 
 		Apache Sling, Sling, Apache, the Apache feather logo, and the Apache Sling project logo are trademarks of The Apache Software Foundation. All other marks mentioned may be trademarks or registered trademarks of their respective owners.

Modified: websites/staging/sling/trunk/content/authentication---authenticationhandler.html
==============================================================================
--- websites/staging/sling/trunk/content/authentication---authenticationhandler.html (original)
+++ websites/staging/sling/trunk/content/authentication---authenticationhandler.html Sun Apr 22 17:09:56 2012
@@ -79,99 +79,10 @@
     
     <div class="main">
       <div class="breadcrump" style="font-size: 80%;">
-		(TODO: breadcrumb here)
+<a href="/">Home</a>
       </div>
-      <h1 class="title">Authentication - AuthenticationHandler</h1>
-      <div>
-	    <p><a name="Authentication-AuthenticationHandler-AuthenticationHandler"></a></p>
-<h1 id="authenticationhandler">AuthenticationHandler</h1>
-<p>{excerpt}The <em>AuthenticationHandler</em> interface defines the service API
-which may be implemented by authentication handlers registered as OSGi
-services.{excerpt}</p>
-<p><em>AuthenticationHandler</em> services have a single required service
-registration property which is used to identify requests to which the
-<em>AuthenticationHandler</em> service is applicable:</p>
-<table>
-<tr><td> *path* </td><td> One or more (array or vector) string values indicating the
-request URLs to which the *AuthenticationHandler* is applicable. </td></tr>
-<tr><td> *authtype* </td><td> The authentication type implemented by this handler. This
-is a string value property and should be the same as will be used as the
-authentication type of the *AuthenticationInfo* object provided by the
-*extractCredentials* method. If this property is set, the
-*requestCredentials* method of the authentication handler is only called
-if the *sling:authRequestLogin* request parameter is either not set or is
-set to the same value as the *authtype* of the handler. This property is
-optional. If not set, the *requestCredentials* method is always called
-regardless of the value of the *sling:authRequestLogin* request
-parameter. </td></tr>
-</table>
+   <!--   <h1 class="title">Authentication - AuthenticationHandler</h1> -->
 
-<p>Each path may be an absolute URL, an URL with just the host/port and path
-or just a plain absolute path:</p>
-<table>
-<tr><td> URL part </td><td> Scheme </td><td> Host/Port </td><td> Path </td></tr>
-<tr><td> Absolute URL </td><td> must match </td><td> must match </td><td> request URL path is prefixed
-with the path </td></tr>
-<tr><td> Host/Port with Path </td><td> ignored </td><td> must match </td><td> request URL path is prefixed
-with the path </td></tr>
-<tr><td> Path </td><td> ignored </td><td> ignored </td><td> request URL path is prefixed with the path </td></tr>
-</table>
-
-<p>When looking for an <em>AuthenticationHandler</em> the authentication handler is
-selected whose path is the longest match on the request URL. If the service
-is registered with Scheme and Host/Port, these must exactly match for the
-service to be eligible. If multiple <em>AuthenticationHandler</em> services are
-registered with the same length matching path, the handler with the higher
-service ranking is selected{footnote}Service ranking is defined by the OSGi
-Core Specification as follows: <em>If multiple qualifying service interfaces
-exist, a service with the highest <em>service.ranking</em> number, or when equal
-to the lowest <em>service.id</em>, determines which service object is returned
-by the Framework</em>.{footnote}.</p>
-<p>The value of <em>path</em> service registration property value triggering the
-call to any of the <em>AuthenticationHandler</em> methods is available as the
-<em>path</em> request attribute (for the time of the method call only). If the
-service is registered with multiple path values, the value of the <em>path</em>
-request attribute may be used to implement specific handling.</p>
-<p><a name="Authentication-AuthenticationHandler-ImplementationsprovidedbySling"></a></p>
-<h3 id="implementations-provided-by-sling">Implementations provided by Sling</h3>
-<ul>
-<li><a href="form-based-authenticationhandler.html">Form Based AuthenticationHandler</a></li>
-<li><a href="openid-authenticationhandler.html">OpenID AuthenticationHandler</a></li>
-</ul>
-<p><a name="Authentication-AuthenticationHandler-Sampleimplementations"></a></p>
-<h3 id="sample-implementations">Sample implementations</h3>
-<p><a name="Authentication-AuthenticationHandler-HTTPBasicAuthenticationHandler"></a></p>
-<h4 id="http-basic-authentication-handler">HTTP Basic Authentication Handler</h4>
-<ul>
-<li><em>extractCredentials</em> -- Get user name and password from the
-<em>Authorization</em> HTTP header</li>
-<li><em>requestCredentials</em> -- Send a 401/UNAUTHORIZED status with
-<em>WWW-Authenticate</em> response header setting the Realm</li>
-<li><em>dropCredentials</em> -- Send a 401/UNAUTHORIZED status with
-<em>WWW-Authenticate</em> response header setting the Realm</li>
-</ul>
-<p>Interestingly the <em>dropCredentials</em> method is implemented in the same way
-as the <em>requestCredentials</em> method. The reason for this is, that HTTP
-Basic authentication does not have a notion of login and logout. Rather the
-request is accompanied with an <em>Authorization</em> header or not. The
-contents of this header is usually cached by the client browser. So logout
-is actually simulated by sending a 401/UNAUTHORIZED status thus causing the
-client browser to clear the cache and ask for user name and password.</p>
-<p><a name="Authentication-AuthenticationHandler-FormBasedAuthenticationHandler"></a></p>
-<h4 id="form-based-authentication-handler">Form Based Authentication Handler</h4>
-<ul>
-<li><em>extractCredentials</em> -- Get user name and password with the help of a
-special cookie (note, that of course the cookie should not contain this
-data, but refer to it in an internal store of the authentication handler).
-If the cookie is not set, check for specific login parameters to setup the
-cookie.</li>
-<li><em>requestCredentials</em> -- Send the login form for the user to provide the
-login parameters.</li>
-<li><em>dropCredentials</em> -- Clear the authentication cookie and internal
-store.</li>
-</ul>
-<p>{display-footnotes} </p>
-      </div>
     
         <div class="trademarkFooter"> 
 		Apache Sling, Sling, Apache, the Apache feather logo, and the Apache Sling project logo are trademarks of The Apache Software Foundation. All other marks mentioned may be trademarks or registered trademarks of their respective owners.

Modified: websites/staging/sling/trunk/content/authentication---framework.html
==============================================================================
--- websites/staging/sling/trunk/content/authentication---framework.html (original)
+++ websites/staging/sling/trunk/content/authentication---framework.html Sun Apr 22 17:09:56 2012
@@ -79,229 +79,10 @@
     
     <div class="main">
       <div class="breadcrump" style="font-size: 80%;">
-		(TODO: breadcrumb here)
+<a href="/">Home</a>
       </div>
-      <h1 class="title">Authentication - Framework</h1>
-      <div>
-	    <p><a name="Authentication-Framework-Framework"></a></p>
-<h1 id="framework">Framework</h1>
-<p>{excerpt}The core piece of functionality with respect to authentication in
-Sling is contained in the Sling Commons Auth bundle. This bundle provides
-the API for Sling and Sling applications to make use of
-authentication.{excerpt}</p>
-<p>This support encompasses three parts:</p>
-<ul>
-<li>The <em>AuthenticationSupport</em> service provided by the
-<em>SlingAuthenticator</em> class. This service can be used by implementations
-of the OSGi <em>HttpContext</em> interface to delegate authentication.</li>
-<li>The <em>Authenticator</em> service also provided by the
-<em>SlingAuthenticator</em> class. This service may be used by Sling
-Applications to help clients login and logout.</li>
-<li>The <em>AuthenticationHandler</em> service interface. These services may be
-implemented by extensions to support various ways for transporting
-credentials from clients to the Sling server.</li>
-</ul>
-<p>This page describes how the <em>SlingAuthenticator</em> class provides the
-<em>AuthenticationSupport</em> and  <em>Authenticator</em> services. For a
-description of the <em>AuthenticationHandler</em> service interface and the
-interaction between the <em>SlingAuthenticator</em> and the
-<em>AuthenticationHandler</em> services refer to the <a href="authentication---authenticationhandler.html">AuthenticationHandler</a>
- page.</p>
-<p>The <em>SlingAuthenticator</em> class is an internal class of the
-<em>org.apache.sling.commons.auth</em> bundle and implements the
-<em>Authenticator</em> and <em>AuthenticationSupport</em> services.</p>
-<p><a name="Authentication-Framework-AuthenticationSupport"></a></p>
-<h2 id="authenticationsupport">AuthenticationSupport</h2>
-<p>The <em>AuthenticationSupport</em> service interface defines a single method:
-<em>handleSecurity</em>. This method is intended to be called by the
-<em>handleSecurity</em> method of any <em>HttpContext</em> implementation wishing to
-make use of the Sling Authentication Framework.</p>
-<p>The Sling Authenticator implementation selects an <em>AuthenticationHandler</em>
-service appropriate for the request and calls the
-<em>AuthenticationHandler.extractCredentials</em> method to extract the
-credentials from the request. If no credentials could be extracted, the
-Sling Authenticator either admits the request as an anonymous request or
-requests authentication from the client by calling its own <em>login</em>
-method.</p>
-<p>The implementation follows this algorithm:</p>
-<ol>
-<li>Select one or more <em>AuthenticationHandler</em> for the request according
-to the request URL's scheme and authorization part.</li>
-<li>Call the <em>extractCredentials</em> method of each authentication handler,
-where the order of handler call is defined by the length of the registered
-path: handlers registered with longer paths are called before handlers with
-shorter paths. The goal is to call the handlers in order from longest
-request path match to shortest match. Handlers not matching the request
-path at all are not called.</li>
-<li>The first handler returning a non-<em>null</em> <em>AuthenticationInfo</em>
-result "wins" and the result is used for authentication.</li>
-<li>If any <em>AuthenticationInfoPostProcessor</em> services are registered, the
-<em>AuthenticationInfo</em> object is passed to their <em>postProcess()</em> method.</li>
-<li>If no handler returns a non-<em>null</em> result, the request may be handled
-anonymously. In these cases, an empty <em>AuthenticationInfo</em> object is
-passed to any <em>AuthenticationInfoPostProcessor</em> services.</li>
-<li>(Try to) log into the repository either with the provided credentials
-or anonymously.</li>
-<li>If there were credentials provided and the login was successful, a
-login event is posted <em>if</em> the <em>AuthenticationInfo</em> object contains a
-non-null object with the key <em>$$auth.info.login$$</em>
-(<em>AuthConstants.AUTH_INFO_LOGIN</em>). This event is posted with the topic
-<em>org/apache/sling/auth/core/Authenticator/LOGIN</em>. (added in Sling Auth
-Core 1.1.0)</li>
-<li>Set request attributes listed below.</li>
-</ol>
-<p>Extracting the credentials and trying to login to the repository may yield
-the following results:</p>
-<table>
-<tr><td> Credentials </td><td> Login </td><td> Consequence </td></tr>
-<tr><td> present </td><td> successfull </td><td> Continue with an authenticated request </td></tr>
-<tr><td> present </td><td> failed </td><td> Select *AuthenticationHandler* and call
-*requestCredentials* method </td></tr>
-<tr><td> missing </td><td> anonymous allowed </td><td> Continue with a non authenticated request
-using anonymous access to the repository </td></tr>
-<tr><td> missing </td><td> anonymous forbidden </td><td> Select *AuthenticationHandler* and call
-*requestCredentials* method </td></tr>
-</table>
+   <!--   <h1 class="title">Authentication - Framework</h1> -->
 
-<p>{note}
-Only one <em>AuthenticationHandler</em> is able to provide credentials for a
-given request. If the credentials provided by the handler cannot be used to
-login to the repository, authentication fails and no further
-<em>AuthenticationHandler</em> is consulted.
-{note}</p>
-<p><a name="Authentication-Framework-RequestAttributesonSuccessfulLogin"></a></p>
-<h4 id="request-attributes-on-successful-login">Request Attributes on Successful Login</h4>
-<p>The <em>handleSecurity</em> method gets credentials from the
-<em>AuthenticationHandler</em> and logs into the JCR repository using those
-credentials. If the login is successful, the <em>SlingAuthenticator</em> sets
-the following request attributes:</p>
-<table>
-<tr><th> Attribute </th><th> Description </th></tr>
-<tr><td> *org.osgi.service.http.authentication.remote.user* </td><td> The user ID of the
-JCR Session. This attribute is used by the HTTP Service implementation to
-implement the *HttpServletRequest.getRemoteUser* method. </td></tr>
-<tr><td> *org.osgi.service.http.authentication.type* </td><td> The authentication type
-defined by the *AuthenticationHandler*. This attribute is used by the
-HTTP Service implementation to implement the
-*HttpServletRequest.getAuthType* method. </td></tr>
-<tr><td> *org.apache.sling.commons.auth.ResourceResolver* </td><td> The
-*ResourceResolver* created from the credentials and the logged in JCR
-Session. This attribute may be used by servlets to access the repository.
-Namely the *SlingMainServlet* uses this request attribute to provide the
-*ResourceResolver* to handle the request. </td></tr>
-<tr><td> *javax.jcr.Session* </td><td> The JCR Session. This attribute is for backwards
-compatibility only. *Its use is deprecated and the attribute will be
-removed in future versions*. </td></tr>
-<tr><td> *org.apache.sling.commons.auth.spi.AuthenticationInfo* </td><td> The
-*AuthenticationInfo* object produced from the *AuthenticationHandler*.
-</td></tr>
-</table>
-
-<p><em>NOTE</em>: Do <em>NOT</em> use the <em>javax.jcr.Session</em> request attribute in your
-Sling applications. This attribute must be considered implementation
-specific to convey the JCR Session to the <em>SlingMainServlet</em>. In future
-versions of the Sling Commons Auth bundle, this request attribute will not
-be present anymore. To get the JCR Session for the current request adapt
-the request's resource resolver to a JCR Session:</p>
-<div class="codehilite"><pre><span class="n">Session</span> <span class="n">session</span> <span class="o">=</span> <span class="n">request</span><span class="o">.</span><span class="n">getResourceResolver</span><span class="p">()</span><span class="o">.</span><span class="n">adaptTo</span><span class="p">(</span><span class="n">Session</span><span class="o">.</span><span class="n">class</span><span class="p">);</span>
-</pre></div>
-
-
-<p><a name="Authentication-Framework-AnonymousLogin"></a></p>
-<h4 id="anonymous-login">Anonymous Login</h4>
-<p>The <em>SlingAuthenticator</em> provides high level of control with respect to
-allowing anonymous requests or requiring authentication up front:</p>
-<ul>
-<li>Global setting of whether anonymous requests are allowed or not. This is
-the value of the <em>Allow Anonymous Access</em> (<em>auth.annonymous</em>) property of
-the <em>SlingAuthenticator</em> configuration. This property is supported for
-backwards compatibility and defaults to <em>true</em> (allowing anonymous
-access).</li>
-<li>Specific configuration per URL. The <em>Authentication Requirements</em>
-(<em>sling.auth.requirements</em>) property of the <em>SlingAuthenticator</em>
-configuration may provide a list of URLs for which authentication may be
-required or not: Any entry prefixed with a dash <em>-</em> defines a subtree for
-which authentication is not required. Any entry not prefixed with a dash or
-prefixed with a plus <em>+</em> defines a subtree for which authentication is
-required up front and thus anonymous access is not allowed. This list is
-empty by default.</li>
-<li>Any OSGi service may provide a <em>sling.auth.requirements</em> registration
-property which is used to dynamically extend the authentication
-requirements from the <em>Authentication Requirements</em> configuration. This may
-for example be set by <em>AuthenticationHandler</em> implementations providing a
-login form to ensure access to the login form does not require
-authentication. The value of this property is a single string, an array of
-strings or a Collection of strings and is formatted in the same way as the
-<em>Authentication Requirements</em> configuration property.</li>
-</ul>
-<p>The URLs set on the <em>Authentication Requirements</em> configuration property or
-the <em>sling.auth.requirements</em> service registration property can be
-absolute paths or URLs like the <em>path</em> service registration property of
-<em>AuthenticationHandler</em> services. This allows the limitation of this
-setup to certain requests by scheme and/or virtual host address.</p>
-<p><em>Examples</em></p>
-<ul>
-<li>
-<p>The <em>LoginServlet</em> contained in the Commons Auth bundle registers
-itself with the service registration property {{sling.auth.requirements =
-"-/system/sling/login"}} to ensure the servlet can be accessed without
-requiring authentication.</p>
-</li>
-<li>
-<p>An authentication handler may register itself with the service
-registration property {{sling.auth.requirements =
-"-/apps/sample/loginform"}} to ensure the login form can be rendered
-without requiring authentication.</p>
-</li>
-</ul>
-<p><a name="Authentication-Framework-Authenticatorimplementation"></a></p>
-<h2 id="authenticator-implementation">Authenticator implementation</h2>
-<p>The implementation of the <em>Authenticator</em> interface is similar for both
-methods:</p>
-<p><strong>login</strong></p>
-<ol>
-<li>Select one or more <em>AuthenticationHandler</em> for the request according
-to the request URL's scheme and authorization part.</li>
-<li>Call the <em>requestCredentials</em> method of each authentication handler,
-where the order of handler call is defined by the length of the registered
-path: handlers registered with longer paths are called before handlers with
-shorter paths. The goal is to call the handlers in order from longest
-request path match to shortest match. Handlers not matching the request
-path at all are not called.</li>
-<li>As soon as the first handlers returns <em>true</em>, the process ends and it
-is assumed credentials have been requested from the client.</li>
-</ol>
-<p>The <em>login</em> method has three possible exit states:</p>
-<table>
-<tr><th> Exit State </th><th> Description </th></tr>
-<tr><td> Normal </td><td> An *AuthenticationHandler* could be selected to which the
-login request could be forwarded. </td></tr>
-<tr><td> *NoAuthenticationHandlerException* </td><td> No *AuthenticationHandler* could
-be selected to forward the login request to. In this case, the caller can
-proceed as appropriate. For example a servlet, which should just login a
-user may send back a 403/FORBIDDEN status because login is not possible. Or
-a 404/NOT FOUND handler, which tried to login as a fallback, may continue
-and send back the regular 404/NOT FOUND response. </td></tr>
-<tr><td> *IllegalStateException* </td><td> The response has already been committed and
-the login request cannot be processed. Normally to request login, the
-current response must be reset and a new response has to be prepared. This
-is only possible if the request has not yet been committed. </td></tr>
-</table>
-
-<p><strong>logout</strong>
-1. Select one or more <em>AuthenticationHandler</em> for the request according
-to the request URL's scheme and authorization part.
-1. Call the <em>dropCredentials</em> method of each authentication handler,
-where the order of handler call is defined by the length of the registered
-path: handlers registered with longer paths are called before handlers with
-shorter paths. The goal is to call the handlers in order from longest
-request path match to shortest match. Handlers not matching the request
-path at all are not called.</p>
-<p>Unlike for the <em>login</em> method in the <em>logout</em> method case all
-<em>AuthenticationHandler</em> services selected in the first step are called.
-If none can be selected or none can actually handle the <em>dropCredentials</em>
-request, the <em>logout</em> silently returns.</p>
-      </div>
     
         <div class="trademarkFooter"> 
 		Apache Sling, Sling, Apache, the Apache feather logo, and the Apache Sling project logo are trademarks of The Apache Software Foundation. All other marks mentioned may be trademarks or registered trademarks of their respective owners.

Modified: websites/staging/sling/trunk/content/authentication---tasks.html
==============================================================================
--- websites/staging/sling/trunk/content/authentication---tasks.html (original)
+++ websites/staging/sling/trunk/content/authentication---tasks.html Sun Apr 22 17:09:56 2012
@@ -79,43 +79,10 @@
     
     <div class="main">
       <div class="breadcrump" style="font-size: 80%;">
-		(TODO: breadcrumb here)
-      </div>
-      <h1 class="title">Authentication - Tasks</h1>
-      <div>
-	    <p><a name="Authentication-Tasks-Tasks"></a></p>
-<h1 id="tasks">Tasks</h1>
-<p>{excerpt}Authentication of HTTP Requests is generally a two-step process:
-First the credentials must be extracted from the request and second the
-credentials must be validated. In the case of Sling this means acquiring a
-JCR Session.{excerpt}</p>
-<p><a name="Authentication-Tasks-ExtractCredentialsfromtheRequest"></a></p>
-<h2 id="extract-credentials-from-the-request">Extract Credentials from the Request</h2>
-<ul>
-<li>Implemented and controlled by the Sling Commons Auth bundle</li>
-<li>Takes <em>HttpServletRequest</em></li>
-<li>Provides credentials for futher processing (basically JCR
-<em>Credentials</em> and Workspace name)</li>
-<li>Extensible with the help of <em>AuthenticationHandler</em> services</li>
-</ul>
-<p><a name="Authentication-Tasks-LogintotheJCRRepository"></a></p>
-<h2 id="login-to-the-jcr-repository">Login to the JCR Repository</h2>
-<ul>
-<li>Implemented and controlled by the JCR Repository</li>
-<li>Takes JCR <em>Credentials</em> and Workspace name</li>
-<li>Provides a JCR <em>Session</em></li>
-<li>Implementation dependent process. Jackrabbit provides extensibility
-based on <em>LoginModules</em>; Sling's Embedded Jackrabbit Repository bundle
-provides extensibility with <em>LoginModulePlugin</em> services.</li>
-</ul>
-<p>Currently the credentials are always verified by trying to login to the JCR
-repository. Once an <a href="http://cwiki.apache.org/SLING/add-resourceresolverfactory-service-interface.html">ResourceResolverFactory</a>
- API has been added, the process of validating the credentials and logging
-in is actualy replaced by a process of requesting a <em>ResourceResolver</em>
-from the <em>ResourceResolverFactory</em>. Of course, the JCR Repository will
-still be the main underlying repository and as such be used to validate the
-credentials and get a JCR Session.</p>
+<a href="/">Home</a>
       </div>
+   <!--   <h1 class="title">Authentication - Tasks</h1> -->
+
     
         <div class="trademarkFooter"> 
 		Apache Sling, Sling, Apache, the Apache feather logo, and the Apache Sling project logo are trademarks of The Apache Software Foundation. All other marks mentioned may be trademarks or registered trademarks of their respective owners.

Modified: websites/staging/sling/trunk/content/authentication.html
==============================================================================
--- websites/staging/sling/trunk/content/authentication.html (original)
+++ websites/staging/sling/trunk/content/authentication.html Sun Apr 22 17:09:56 2012
@@ -79,83 +79,10 @@
     
     <div class="main">
       <div class="breadcrump" style="font-size: 80%;">
-		(TODO: breadcrumb here)
-      </div>
-      <h1 class="title">Authentication</h1>
-      <div>
-	    <p><a name="Authentication-Authentication"></a></p>
-<h1 id="authentication">Authentication</h1>
-<p>{excerpt:hidden=true}
-How requests are authenticated.
-{excerpt}</p>
-<p>This section describes the framework provided by Sling to authenticate HTTP
-requests.</p>
-<p>Let's look at generic request processing of Sling: Sling is linked into the
-outside world by registering the Sling Main Servlet -- implemented by the
-<em>SlingMainServlet</em> class in the Sling Engine bundle -- with an OSGi
-<em>HttpService</em>. This registration is accompanyied with an implementation
-instance of the OSGi <em>HttpContext</em> interface, which defines a method to
-authenticate requests: <em>handleSecurity</em>.</p>
-<p>This method is called by the OSGi HTTP Service implementation after the
-servlet has been selected to handle the request but before actually calling
-the servlet's <em>service</em> method.</p>
-<p>{section}
-{column}
-!authentication.png|thumbnail!
-{column}
-{column}
-1. First the OSGi HTTP Service implementation is analyzing the request URL
-to find a match for a servlet or resource registered with the HTTP Service.
-1. Now the HTTP Service implementation has to call the <em>handleSecurity</em>
-method of the <em>HttpContext</em> object with which the servlet or resource has
-been registered. This method returns <em>true</em> if the request should be
-serviced. If this method returns <em>false</em> the HTTP Service implementation
-terminates the request sending back any response which has been prepared by
-the <em>handleSecurity</em> method. Note, that the <em>handleSecurity</em> method
-must prepare the failure response sent to the client, the HTTP Service adds
-nothing here. If the <em>handleSecurity</em> method is successful, it must add
-two (or three) request attributes described below.
-1. When the <em>handleSecurity</em> method returns <em>true</em> the HTTP Service
-either calls the <em>Servlet.service</em> method or sends back the requested
-resource depending on whether a servlet or a resource has been selected in
-the first step.
-{column}
-{section}</p>
-<p>The important thing to note here is, that at the time the
-<em>handleSecurity</em> method is called, the <em>SlingMainServlet</em> is not yet in
-control of the request. So any functionality added by the
-<em>SlingMainServlet</em>, notably the <em>SlingHttpServletRequest</em> and
-<em>SlingHttpServletResponse</em> objects are not available to the
-implementation of the <em>handleSecurity</em> method.</p>
-<p>The following pages describe the full details of request authentication in
-Sling in full detail:</p>
-<ul>
-<li>
-<dl>
-<dt><a href="authentication---tasks.html">Tasks</a></dt>
-<dd>{excerpt-include:Authentication - Tasks|nopanel=true} </dd>
-</dl>
-</li>
-<li>
-<dl>
-<dt><a href="authentication---actors.html">Actors</a></dt>
-<dd>{excerpt-include:Authentication - Actors|nopanel=true} </dd>
-</dl>
-</li>
-<li>
-<dl>
-<dt><a href="authentication---framework.html">Framework</a></dt>
-<dd>{excerpt-include:Authentication - Framework|nopanel=true} </dd>
-</dl>
-</li>
-<li>
-<dl>
-<dt><a href="authentication---authenticationhandler.html">AuthenticationHandler</a></dt>
-<dd>{excerpt-include:Authentication - AuthenticationHandler|nopanel=true} </dd>
-</dl>
-</li>
-</ul>
+<a href="/">Home</a>
       </div>
+   <!--   <h1 class="title">Authentication</h1> -->
+
     
         <div class="trademarkFooter"> 
 		Apache Sling, Sling, Apache, the Apache feather logo, and the Apache Sling project logo are trademarks of The Apache Software Foundation. All other marks mentioned may be trademarks or registered trademarks of their respective owners.

Modified: websites/staging/sling/trunk/content/bundles.html
==============================================================================
--- websites/staging/sling/trunk/content/bundles.html (original)
+++ websites/staging/sling/trunk/content/bundles.html Sun Apr 22 17:09:56 2012
@@ -79,52 +79,10 @@
     
     <div class="main">
       <div class="breadcrump" style="font-size: 80%;">
-		(TODO: breadcrumb here)
+<a href="/">Home</a>
       </div>
-      <h1 class="title">Bundles</h1>
-      <div>
-	    <p><a name="Bundles-Bundles"></a></p>
-<h1 id="bundles">Bundles</h1>
-<p><a name="Bundles-Content"></a></p>
-<h2 id="content">Content</h2>
-<div class="codehilite"><pre><span class="o">*</span> <span class="p">[</span><span class="n">Content</span> <span class="n">Loading</span> <span class="p">(</span><span class="n">jcr</span><span class="o">.</span><span class="n">contentloader</span><span class="p">)](</span><span class="n">content</span><span class="o">-</span><span class="n">loading</span><span class="o">-</span><span class="p">(</span><span class="n">jcr</span><span class="o">.</span><span class="n">contentloader</span><span class="p">)</span><span class="o">.</span><span class="n">html</span><span class="p">)</span>
-<span class="o">*</span> <span class="p">[</span><span class="n">Internationalization</span> <span class="n">Support</span> <span class="p">(</span><span class="n">i18n</span><span class="p">)](</span><span class="n">internationalization</span><span class="o">-</span><span class="n">support</span><span class="o">-</span><span class="p">(</span><span class="n">i18n</span><span class="p">)</span><span class="o">.</span><span class="n">html</span><span class="p">)</span>
-<span class="o">*</span> <span class="p">[</span><span class="n">Manipulating</span> <span class="n">Content</span> <span class="o">-</span> <span class="n">The</span> <span class="n">SlingPostServlet</span> <span class="p">(</span><span class="n">servlets</span><span class="o">.</span><span class="n">post</span><span class="p">)](</span><span class="n">manipulating</span><span class="o">-</span><span class="n">content</span><span class="o">---</span><span class="n">the</span><span class="o">-</span><span class="n">slingpostservlet</span><span class="o">-</span><span class="p">(</span><span class="n">servlets</span><span class="o">.</span><span class="n">post</span><span class="p">)</span><span class="o">.</span><span class="n">html</span><span class="p">)</span>
-</pre></div>
+   <!--   <h1 class="title">Bundles</h1> -->
 
-
-<p><a name="Bundles-ResourceProviders"></a></p>
-<h2 id="resource-providers">Resource Providers</h2>
-<div class="codehilite"><pre><span class="o">*</span> <span class="p">[</span><span class="n">Accessing</span> <span class="n">Filesystem</span> <span class="n">Resources</span> <span class="p">(</span><span class="n">extensions</span><span class="o">.</span><span class="n">fsresource</span><span class="p">)](</span><span class="n">accessing</span><span class="o">-</span><span class="n">filesystem</span><span class="o">-</span><span class="n">resources</span><span class="o">-</span><span class="p">(</span><span class="n">extensions</span><span class="o">.</span><span class="n">fsresource</span><span class="p">)</span><span class="o">.</span><span class="n">html</span><span class="p">)</span>
-<span class="o">*</span> <span class="p">[</span><span class="n">Bundle</span> <span class="n">Resources</span> <span class="p">(</span><span class="n">extensions</span><span class="o">.</span><span class="n">bundleresource</span><span class="p">)](</span><span class="n">bundle</span><span class="o">-</span><span class="n">resources</span><span class="o">-</span><span class="p">(</span><span class="n">extensions</span><span class="o">.</span><span class="n">bundleresource</span><span class="p">)</span><span class="o">.</span><span class="n">html</span><span class="p">)</span>
-</pre></div>
-
-
-<p><a name="Bundles-Users,Groups,Access,Permissions"></a></p>
-<h2 id="users-groups-access-permissions">Users, Groups, Access, Permissions</h2>
-<div class="codehilite"><pre><span class="o">*</span> <span class="p">[</span><span class="n">Managing</span> <span class="n">users</span> <span class="ow">and</span> <span class="n">groups</span> <span class="p">(</span><span class="n">jackrabbit</span><span class="o">.</span><span class="n">usermanager</span><span class="p">)](</span><span class="n">managing</span><span class="o">-</span><span class="n">users</span><span class="o">-</span><span class="ow">and</span><span class="o">-</span><span class="n">groups</span><span class="o">-</span><span class="p">(</span><span class="n">jackrabbit</span><span class="o">.</span><span class="n">usermanager</span><span class="p">)</span><span class="o">.</span><span class="n">html</span><span class="p">)</span>
-<span class="o">*</span> <span class="p">[</span><span class="n">Managing</span> <span class="n">permissions</span> <span class="p">(</span><span class="n">jackrabbit</span><span class="o">.</span><span class="n">accessmanager</span><span class="p">)](</span><span class="n">managing</span><span class="o">-</span><span class="n">permissions</span><span class="o">-</span><span class="p">(</span><span class="n">jackrabbit</span><span class="o">.</span><span class="n">accessmanager</span><span class="p">)</span><span class="o">.</span><span class="n">html</span><span class="p">)</span>
-</pre></div>
-
-
-<p><a name="Bundles-Installer"></a></p>
-<h2 id="installer">Installer</h2>
-<div class="codehilite"><pre><span class="o">*</span> <span class="p">[</span><span class="n">OSGi</span> <span class="n">Installer</span><span class="p">](</span><span class="n">osgi</span><span class="o">-</span><span class="n">installer</span><span class="o">.</span><span class="n">html</span><span class="p">)</span>
-<span class="o">*</span> <span class="p">[</span><span class="n">JCR</span> <span class="n">Installer</span> <span class="n">Provider</span><span class="p">](</span><span class="n">jcr</span><span class="o">-</span><span class="n">installer</span><span class="o">-</span><span class="n">provider</span><span class="o">.</span><span class="n">html</span><span class="p">)</span>
-</pre></div>
-
-
-<p><a name="Bundles-Misc"></a></p>
-<h2 id="misc">Misc</h2>
-<div class="codehilite"><pre><span class="o">*</span> <span class="p">[</span><span class="n">Commons</span> <span class="n">Thread</span> <span class="n">Pools</span><span class="p">](</span><span class="n">slingxsite:apache</span><span class="o">-</span><span class="n">sling</span><span class="o">-</span><span class="n">commons</span><span class="o">-</span><span class="n">thread</span><span class="o">-</span><span class="n">pool</span><span class="o">.</span><span class="n">html</span><span class="p">)</span>
-<span class="o">*</span> <span class="p">[</span><span class="n">Commons</span> <span class="n">HTML</span> <span class="n">Utilities</span><span class="p">](</span><span class="n">commons</span><span class="o">-</span><span class="n">html</span><span class="o">-</span><span class="n">utilities</span><span class="o">.</span><span class="n">html</span><span class="p">)</span>
-<span class="o">*</span> <span class="p">[</span><span class="n">MIME</span> <span class="n">Type</span> <span class="n">Support</span> <span class="p">(</span><span class="n">commons</span><span class="o">.</span><span class="n">mime</span><span class="p">)](</span><span class="n">mime</span><span class="o">-</span><span class="n">type</span><span class="o">-</span><span class="n">support</span><span class="o">-</span><span class="p">(</span><span class="n">commons</span><span class="o">.</span><span class="n">mime</span><span class="p">)</span><span class="o">.</span><span class="n">html</span><span class="p">)</span>
-<span class="o">*</span> <span class="p">[</span><span class="n">Output</span> <span class="n">Rewriting</span> <span class="n">Pipelines</span> <span class="p">(</span><span class="n">org</span><span class="o">.</span><span class="n">apache</span><span class="o">.</span><span class="n">sling</span><span class="o">.</span><span class="n">rewriter</span><span class="p">)](</span><span class="n">output</span><span class="o">-</span><span class="n">rewriting</span><span class="o">-</span><span class="n">pipelines</span><span class="o">-</span><span class="p">(</span><span class="n">org</span><span class="o">.</span><span class="n">apache</span><span class="o">.</span><span class="n">sling</span><span class="o">.</span><span class="n">rewriter</span><span class="p">)</span><span class="o">.</span><span class="n">html</span><span class="p">)</span>
-<span class="o">*</span> <span class="p">[</span><span class="n">Sling</span> <span class="n">Settings</span> <span class="p">(</span><span class="n">org</span><span class="o">.</span><span class="n">apache</span><span class="o">.</span><span class="n">sling</span><span class="o">.</span><span class="n">settings</span><span class="p">)](</span><span class="n">sling</span><span class="o">-</span><span class="n">settings</span><span class="o">-</span><span class="p">(</span><span class="n">org</span><span class="o">.</span><span class="n">apache</span><span class="o">.</span><span class="n">sling</span><span class="o">.</span><span class="n">settings</span><span class="p">)</span><span class="o">.</span><span class="n">html</span><span class="p">)</span>
-<span class="o">*</span> <span class="p">[</span><span class="n">Scheduler</span> <span class="n">Service</span> <span class="p">(</span><span class="n">commons</span> <span class="n">scheduler</span><span class="p">)](</span><span class="n">scheduler</span><span class="o">-</span><span class="n">service</span><span class="o">-</span><span class="p">(</span><span class="n">commons</span><span class="o">-</span><span class="n">scheduler</span><span class="p">)</span><span class="o">.</span><span class="n">html</span><span class="p">)</span>
-<span class="o">*</span> <span class="p">[</span><span class="n">Web</span> <span class="n">Console</span> <span class="n">Extensions</span> <span class="p">(</span><span class="n">org</span><span class="o">.</span><span class="n">apache</span><span class="o">.</span><span class="n">sling</span><span class="o">.</span><span class="n">extensions</span><span class="o">.</span><span class="n">webconsolebranding</span><span class="p">,</span> <span class="n">org</span><span class="o">.</span><span class="n">apache</span><span class="o">.</span><span class="n">sling</span><span class="o">.</span><span class="n">extensions</span><span class="o">.</span><span class="n">webconsolesecurityprovider</span><span class="p">)](</span><span class="n">web</span><span class="o">-</span><span class="n">console</span><span class="o">-</span><span class="n">extensions</span><span class="o">.</span><span class="n">html</span><span class="p">)</span>
-</pre></div>
-      </div>
     
         <div class="trademarkFooter"> 
 		Apache Sling, Sling, Apache, the Apache feather logo, and the Apache Sling project logo are trademarks of The Apache Software Foundation. All other marks mentioned may be trademarks or registered trademarks of their respective owners.

Modified: websites/staging/sling/trunk/content/client-request-logging.html
==============================================================================
--- websites/staging/sling/trunk/content/client-request-logging.html (original)
+++ websites/staging/sling/trunk/content/client-request-logging.html Sun Apr 22 17:09:56 2012
@@ -79,200 +79,10 @@
     
     <div class="main">
       <div class="breadcrump" style="font-size: 80%;">
-		(TODO: breadcrumb here)
+<a href="/">Home</a>
       </div>
-      <h1 class="title">Client Request Logging</h1>
-      <div>
-	    <p><a name="ClientRequestLogging-ClientRequestLogging"></a></p>
-<h1 id="client-request-logging">Client Request Logging</h1>
-<p>Sling provides extensive support to log various information at the before
-and after processing client requests. Out of the box, there are two loggers
-configured to write traditional <em>access.log</em> and <em>request.log</em> files.
-In addition more logging can be configured by providing OSGi Configuration
-Admin configuration.</p>
-<p><a name="ClientRequestLogging-Traditionalaccess.logandrequest.logFiles"></a></p>
-<h2 id="traditional-accesslog-and-requestlog-files">Traditional access.log and request.log Files</h2>
-<p>In the Web Console configure the <em>Apache Sling Request Logger</em>
-(PID=<em>org.apache.sling.engine.impl.log.RequestLogger</em>) configuration.</p>
-<p>In the Sling Web Console locate the Configuration page
-(<em>/system/console/configMgr</em>) and click on the <em>+</em> (plus) symbol on the
-<em>Apache Sling Customizable Request Data Logger</em> line. This opens a dialog
-to enter the configuration whose properties can be configured as follows:</p>
-<table>
-<tr><th> Parameter </th><th> Name </th><th> Default </th><th> Description </th></tr>
-<tr><td> Request Log Name </td><td> *request.log.output* </td><td> Name of the destination for the request log. The request log logs the entry and exit of each request into and out of the system together with the entry time, exit time, time to process the request, a request counter as well as the final status code and response content type. In terms of Request Logger Service formats, request entry is logged with the format {{%t \[%R](%r.html)
- \-> %m %U%q %H}} and request exit is logged with the format {{%\{end}t
-\[%R] <\- %s %\{Content-Type}o %Dms}} (See [#Log Format Specification]
- below for the specification of the format). </td></tr>
-<tr><td> Request Log Type </td><td> *request.log.outputtype* </td><td> Type of Logger named with
-the Logger Name parameter. See [#Log Output](#log-output.html)
- below </td></tr>
-<tr><td> Enable Request Log </td><td> *request.log.enabled* </td><td> Whether to enable Request
-logging or not. </td></tr>
-<tr><td> Access Log Name </td><td> *access.log.output* </td><td> Name of the destination for the
-access log. The access log writes an entry for each request as the request
-terminates using the NCSA extended/combined log format. In terms of Request
-Logger Service formats the access log is written with the format {{%h %l %u
-%t "%r" %>s %b "%\{Referer}i" "%\{User-Agent}i"}} (See [#Log Format Specification](#log-format-specification.html)
- below for the specification of the format). </td></tr>
-<tr><td> Access Log Type </td><td> *access.log.outputtype* </td><td> Type of Logger named with
-the Logger Name parameter. See [#Log Output](#log-output.html)
- below </td></tr>
-<tr><td> Enable Access Log </td><td> *access.log.enabled* </td><td> Whether to enable Access
-logging or not. </td></tr>
-</table>
+   <!--   <h1 class="title">Client Request Logging</h1> -->
 
-<p><a name="ClientRequestLogging-LogOutput"></a></p>
-<h4 id="log-output">Log Output</h4>
-<p>Output of client request logging is defined by the Logger Type and and
-Logger Name where the use of the Logger Name property value depends on the
-Logger Type:</p>
-<table>
-<tr><th> Type Code </th><th> Type Name </th><th> Description and Logger Name interpretation </th></tr>
-<tr><td> 0 </td><td> Logger Name </td><td> Writes the logging information to a named SLF4J Logger.
-The name of the Logger is defined in the Logger Name property. The actual
-destination of the log messages is defined the SLF4J configuration for the
-named logger </td></tr>
-<tr><td> 1 </td><td> File Name </td><td> Writes the logging information to a file, on message per
-line. The file name is an absolute or relative path name. If the name is
-relative, it is resolved against the *sling.home* framework property. </td></tr>
-<tr><td> 2 </td><td> RequestLog Service </td><td> Sends the logging information to a
-*org.apache.sling.engine.RequestLog* service whose *requestlog.name*
-service registration property must the same as the value of the Logger Name
-property. If more than one such service is registered, all services are
-called. If no such service is registered, the logging information is
-discarded. Using RequestLog Services is deprecated. </td></tr>
-</table>
-
-<p><em>Note:</em> If logging to a file, this file is not rotated and/or limited by
-size. To get log file rotation use the <em>Logger Name</em> logging type. See <a href="#rotating-logger-files.html">#Rotating Logger Files</a>
- below for information on how logging information can be written to rotated
-and/or size limited files.</p>
-<p><a name="ClientRequestLogging-Additionalper-requestLoggers"></a></p>
-<h3 id="additional-per-request-loggers">Additional per-request Loggers</h3>
-<p>In the Web Console create <em>Apache Sling Customizable Request Data Logger</em>
-(Factory PID=<em>org.apache.sling.engine.impl.log.RequestLoggerService</em>)
-configuration.</p>
-<p>In the Sling Web Console locate the Configuration page
-(<em>/system/console/configMgr</em>) and click on the <em>+</em> (plus) symbol on the
-<em>Apache Sling Customizable Request Data Logger</em> line. This opens a dialog
-to enter the configuration whose properties can be configured as follows:</p>
-<table>
-<tr><th> Parameter </th><th> Name </th><th> Default </th><th> Description </th></tr>
-<tr><td> Log Format </td><td> *request.log.service.format* </td><td> Specify a [#Log Format Specification](#log-format-specification.html)
- as described below </td></tr>
-<tr><td> Logger Type </td><td> *request.log.service.outputtype* </td><td> Logger Name/*0* </td><td>
-Type of Logger named with the Logger Name parameter. See [#Log Output](#log-output.html)
- above </td></tr>
-<tr><td> Logger Name </td><td> *request.log.service.output* </td><td> *request.log* </td><td> Name of
-the Logger to be used. See [#Log Output](#log-output.html)
- above </td></tr>
-<tr><td> Request Entry </td><td> *request.log.service.onentry* </td><td> unchecked/*false* </td><td>
-Whether logger is called at the start of request processing or after
-processing the request </td></tr>
-</table>
-
-<p><a name="ClientRequestLogging-LogFormatSpecification"></a></p>
-<h4 id="log-format-specification">Log Format Specification</h4>
-<p>The log format specification follows the <a href="http://httpd.apache.org/docs/current/mod/mod_log_config.html">definition of the <em>format</em> argument for the <em>LogFormat</em> and <em>CustomLog</em> directives of Apache httpd</a>
-:</p>
-<p>The characteristics of the request itself are logged by placing "%"
-directives in the format string, which are replaced in the log file by the
-values as follows:</p>
-<table>
-<tr><th> Format String </th><th> Description </th></tr>
-<tr><td> *%%*  </td><td> The percent sign </td></tr>
-<tr><td> *%a*  </td><td> Remote IP-address </td></tr>
-<tr><td> *%A*  </td><td> Local IP-address </td></tr>
-<tr><td> *%B*  </td><td> Size of response in bytes, excluding HTTP headers. </td></tr>
-<tr><td> *%b*  </td><td> Size of response in bytes, excluding HTTP headers. In CLF
-format, i.e. a '-' rather than a 0 when no bytes are sent. </td></tr>
-<tr><td> *%\{Foobar}C*  </td><td> The contents of cookie Foobar in the request sent to
-the server. </td></tr>
-<tr><td> *%D*  </td><td> The time taken to serve the request, in microseconds. </td></tr>
-<tr><td> *%\{FOOBAR}e*  </td><td>Not supported in Sling; prints nothing. </td></tr>
-<tr><td> *%f*  </td><td> The absolute path of the resolved resource </td></tr>
-<tr><td> *%h*  </td><td> Remote host </td></tr>
-<tr><td> *%H*  </td><td> The request protocol </td></tr>
-<tr><td> *%\{Foobar}i*  </td><td> The contents of Foobar: header line(s) in the request
-sent to the server. </td></tr>
-<tr><td> *%k*  </td><td> Not supported in Sling; prints nothing. </td></tr>
-<tr><td> *%l*  </td><td> Not supported in Sling; prints nothing. </td></tr>
-<tr><td> *%m*  </td><td> The request method </td></tr>
-<tr><td> *%\{Foobar}n*  </td><td> Not supported in Sling; prints nothing. </td></tr>
-<tr><td> *%\{Foobar}o*  </td><td> The contents of Foobar: header line(s) in the reply. </td></tr>
-<tr><td> *%p*  </td><td> The canonical port of the server serving the request </td></tr>
-<tr><td> *%\{format}p*  </td><td> The canonical port of the server serving the request
-or the server's actual port or the client's actual port. Valid formats are
-canonical, local, or remote. </td></tr>
-<tr><td> *%P*  </td><td> The _name of the thread_ -process ID of the child- that
-serviced the request. </td></tr>
-<tr><td> *%\{format}P*  </td><td> Same as *%P*; the *format* parameter is ignored. </td></tr>
-<tr><td> *%q*  </td><td> The query string (prepended with a ? if a query string exists,
-otherwise an empty string) </td></tr>
-<tr><td> *%r*  </td><td> First line of request </td></tr>
-<tr><td> *%R*  </td><td> The number of requests processed by Sling since the last start.
-</td></tr>
-<tr><td> *%s*  </td><td> Status. </td></tr>
-<tr><td> *%t*  </td><td> Time the request was received (standard english format) </td></tr>
-<tr><td> *%\{format}t*  </td><td> Same as *%t*; the *format* parameter is ignored
-unless it is the literal value _end_ indicating to use the time of request
-terminating (instead of the time of request receipt). </td></tr>
-<tr><td> *%T*  </td><td> The time taken to serve the request, in seconds. </td></tr>
-<tr><td> *%u*  </td><td> Remote user (from auth; may be bogus if return status (%s) is
-401) </td></tr>
-<tr><td> *%U*  </td><td> The URL path requested, not including any query string. </td></tr>
-<tr><td> *%v*  </td><td> The canonical ServerName of the server serving the request. </td></tr>
-<tr><td> *%V*  </td><td> Same as *%v*. </td></tr>
-<tr><td> *%X*  </td><td> Not supported in Sling; prints nothing. </td></tr>
-<tr><td> *%I*  </td><td> Not supported in Sling; prints nothing. </td></tr>
-<tr><td> *%O*  </td><td> Not supported in Sling; prints nothing. </td></tr>
-</table>
-
-<p><em>Modifiers</em></p>
-<p>Particular items can be restricted to print only for responses with
-specific HTTP status codes by placing a comma-separated list of status
-codes immediately following the "%". For example, "%400,501{User-agent}i"
-logs User-agent on 400 errors and 501 errors only. For other status codes,
-the literal string "-" will be logged. The status code list may be preceded
-by a "!" to indicate negation: "%!200,304,302{Referer}i" logs Referer on
-all requests that do not return one of the three specified codes.</p>
-<p>The Apache httpd modifiers "&lt;" and "&gt;"  are not supported by Sling and
-currently ignored.</p>
-<p><em>Some Notes</em></p>
-<p>For security reasons non-printable and other special characters in %C, %i
-and %o are escaped using \uhhhh sequences, where hhhh stands for the
-hexadecimal representation of the character's unicode value. Exceptions
-from this rule are " and \, which are escaped by prepending a backslash,
-and all whitespace characters, which are written in their Java-style
-notation (\n, \t, etc).</p>
-<p><a name="ClientRequestLogging-RotatingLoggerFiles"></a></p>
-<h4 id="rotating-logger-files">Rotating Logger Files</h4>
-<p>If you want to write the request (and access) logging information into a
-rotated file, you should configure as follows:</p>
-<ol>
-<li>Configure the Log Type to be a <em>Logger Name</em> and some usefull Logger
-name. For example <em>clientlog.request</em>.</li>
-<li>Create an <em>Apache Sling Logging Logger Configuration</em> for this Logger
-name according to <a href="logging#logger-configuration.html">Logging Configuration</a>
- with the following setup:
-  <strong> Allow message at INFO (Information) level to be logged which is the
-level used by the request loggers
-  </strong> Define the appropriate log file name, for example
-<em>logs/client.request.log</em>
-  <strong> Use only <em>{5</em>} as the message format because request logger
-messages are generally already fully formated with required timestamp etc.
-<br />
-</strong> Add any Logger names used for the client request log configuration,
-<em>clientlog.request</em> in the example above, to the Logger field. By
-clicking on the <em>+</em> (plus) button you may add more than a single logger
-name whose messages are written to this file.</li>
-<li>Optionally, you may create an <em>Apache Sling Logging Writer
-Configuration</em> for the log file defined in the previous step to better
-control rotation setup. See <a href="logging#log-writer-configuration.html">Log Writer Configuration</a>
- for full details.</li>
-</ol>
-      </div>
     
         <div class="trademarkFooter"> 
 		Apache Sling, Sling, Apache, the Apache feather logo, and the Apache Sling project logo are trademarks of The Apache Software Foundation. All other marks mentioned may be trademarks or registered trademarks of their respective owners.



Mime
View raw message