karaf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jbono...@apache.org
Subject [02/15] karaf git commit: KARAF-3679 - Switch user guide to asciidoc
Date Tue, 05 Jan 2016 14:02:27 GMT
http://git-wip-us.apache.org/repos/asf/karaf/blob/9f08eb9e/manual/src/main/webapp/users-guide/remote.conf
----------------------------------------------------------------------
diff --git a/manual/src/main/webapp/users-guide/remote.conf b/manual/src/main/webapp/users-guide/remote.conf
deleted file mode 100644
index a4dd329..0000000
--- a/manual/src/main/webapp/users-guide/remote.conf
+++ /dev/null
@@ -1,403 +0,0 @@
-h1. Remote
-
-Apache Karaf supports a complete remote mechanism allowing you to remotely connect to a running Apache Karaf instance.
-More over, you can also browse, download, and upload files remotely to a running Apache Karaf instance.
-
-Apache Karaf embeds a complete SSHd server.
-
-h2. SSHd server
-
-When you start Apache Karaf, it enables a remote console that can be accessed over SSH.
-
-This remote console provides all the features of the "local" console, and gives a remote user complete control over the
-container and services running inside of it. As the "local" console, the remote console is secured by a RBAC mechanism
-(see the [Security section|security] of the user guide for details).
-
-In addition of the remote console, Apache Karaf also provides a remote filesystem. This remote filesystem can be accessed
-using a SCP/SFTP client.
-
-h3. Configuration
-
-The configuration of the SSHd server is stored in the {{etc/org.apache.karaf.shell.cfg}} file:
-
-{code}
-################################################################################
-#
-#    Licensed to the Apache Software Foundation (ASF) under one or more
-#    contributor license agreements.  See the NOTICE file distributed with
-#    this work for additional information regarding copyright ownership.
-#    The ASF licenses this file to You under the Apache License, Version 2.0
-#    (the "License"); you may not use this file except in compliance with
-#    the License.  You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#    Unless required by applicable law or agreed to in writing, software
-#    distributed under the License is distributed on an "AS IS" BASIS,
-#    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#    See the License for the specific language governing permissions and
-#    limitations under the License.
-#
-################################################################################
-
-#
-# These properties are used to configure Karaf's ssh shell.
-#
-
-#
-# Via sshPort and sshHost you define the address you can login into Karaf.
-#
-sshPort = 8101
-sshHost = 0.0.0.0
-
-#
-# The sshIdleTimeout defines the inactivity timeout to logout the SSH session.
-# The sshIdleTimeout is in milliseconds, and the default is set to 30 minutes.
-#
-sshIdleTimeout = 1800000
-
-#
-# sshRealm defines which JAAS domain to use for password authentication.
-#
-sshRealm = karaf
-
-#
-# The location of the hostKey file defines where the private/public key of the server
-# is located. If no file is at the defined location it will be ignored.
-#
-hostKey = ${karaf.etc}/host.key
-
-
-#
-# Self defined key size in 1024, 2048, 3072, or 4096
-# If not set, this defaults to 4096.
-#
-# keySize = 4096
-
-#
-# Specify host key algorithm, defaults to RSA
-#
-# algorithm = RSA
-
-#
-# Defines the completion mode on the Karaf shell console. The possible values are:
-# - GLOBAL: it's the same behavior as in previous Karaf releases. The completion displays all commands and all aliases
-#           ignoring if you are in a subshell or not.
-# - FIRST: the completion displays all commands and all aliases only when you are not in a subshell. When you are
-#          in a subshell, the completion displays only the commands local to the subshell.
-# - SUBSHELL: the completion displays only the subshells on the root level. When you are in a subshell, the completion
-#             displays only the commands local to the subshell.
-# This property define the default value when you use the Karaf shell console.
-# You can change the completion mode directly in the shell console, using shell:completion command.
-#
-completionMode = GLOBAL
-{code}
-
-The {{etc/org.apache.karaf.shell.cfg}} configuration file contains different properties to configure the SSHd server:
-
-* {{sshPort}} is the port number where the SSHd server is bound (by default, it's 8101).
-* {{sshHost}} is the address of the network interface where the SSHd server is bound. The default value is 0.0.0.0,
- meaning that the SSHd server is bound on all network interfaces. You can bind on a target interface providing the IP
- address of the network interface.
-* {{hostKey}} is the location of the {{host.key}} file. By defaut, it uses {{etc/host.key}}. This file stores the public
- and private key pair of the SSHd server.
- defined in {{etc/system.properties}}. See the [Security section|security] of this user guide for details.
-* {{keySize}} is the key size used by the SSHd server. The possible values are 1024, 2048, 3072, or 4096. The default
- value is 1024.
-* {{algorithm}} is the host key algorithm used by the SSHd server. The possible values are DSA or RSA. The default
- value is DSA.
-
-The SSHd server configuration can be changed at runtime:
-
-* by editing the {{etc/org.apache.karaf.shell.cfg}} configuration file
-* by using the {{config:*}} commands
-
-At runtime, when you change the SSHd server configuration, you have to restart the SSHd server to load the changes.
-You can do it with:
-
-{code}
-karaf@root()> bundle:restart -f org.apache.karaf.shell.ssh
-{code}
-
-The Apache Karaf SSHd server supports key/agent authentication and password authentication.
-
-h3. Console clients
-
-h4. System native clients
-
-The Apache Karaf SSHd server is a pure SSHd server, similar to OpenSSH daemon.
-
-It means that you can use directly a SSH client from your system.
-
-For instance, on Unix, you can directly use OpenSSH:
-
-{code}
-~$ ssh -p 8101 karaf@localhost
-Authenticated with partial success.
-Authenticated with partial success.
-Authenticated with partial success.
-Password authentication
-Password:
-        __ __                  ____
-       / //_/____ __________ _/ __/
-      / ,<  / __ `/ ___/ __ `/ /_
-     / /| |/ /_/ / /  / /_/ / __/
-    /_/ |_|\__,_/_/   \__,_/_/
-
-  Apache Karaf (3.0.0)
-
-Hit '<tab>' for a list of available commands
-and '[cmd] --help' for help on a specific command.
-Hit 'system:shutdown' to shutdown Karaf.
-Hit '<ctrl-d>' or type 'logout' to disconnect shell from current session.
-
-karaf@root()>
-{code}
-
-On Windows, you can use Putty, Kitty, etc.
-
-If you don't have SSH client installed on your machine, you can use Apache Karaf client.
-
-h4. {{ssh:ssh}} command
-
-Apache Karaf itself provides a SSH client. When you are on the Apache Karaf console, you have the {{ssh:ssh}} command:
-
-{code}
-karaf@root()> ssh:ssh --help
-DESCRIPTION
-        ssh:ssh
-
-        Connects to a remote SSH server
-
-SYNTAX
-        ssh:ssh [options] hostname [command]
-
-ARGUMENTS
-        hostname
-                The host name to connect to via SSH
-        command
-                Optional command to execute
-
-OPTIONS
-        --help
-                Display this help message
-        -p, --port
-                The port to use for SSH connection
-                (defaults to 22)
-        -P, --password
-                The password for remote login
-        -q
-                Quiet Mode. Do not ask for confirmations
-        -l, --username
-                The user name for remote login
-
-{code}
-
-Thanks to the {{ssh:ssh}} command, you can connect to another running Apache Karaf instance:
-
-{code}
-karaf@root()> ssh:ssh -p 8101 karaf@192.168.134.2
-Connecting to host 192.168.134.2 on port 8101
-Connecting to unknown server. Add this server to known hosts ? (y/n)
-Storing the server key in known_hosts.
-Connected
-        __ __                  ____
-       / //_/____ __________ _/ __/
-      / ,<  / __ `/ ___/ __ `/ /_
-     / /| |/ /_/ / /  / /_/ / __/
-    /_/ |_|\__,_/_/   \__,_/_/
-
-  Apache Karaf (3.0.0)
-
-Hit '<tab>' for a list of available commands
-and '[cmd] --help' for help on a specific command.
-Hit 'system:shutdown' to shutdown Karaf.
-Hit '<ctrl-d>' or type 'logout' to disconnect shell from current session.
-
-karaf@root()>
-{code}
-
-When you don't provide the {{command}} argument to the {{ssh:ssh}} command, you are in the interactive mode: you have
-a complete remote console available, where you can type commands, etc.
-
-You can also provide directly a command to execute using the {{command}} argument. For instance, to remotely shutdown
-a Apache Karaf instance:
-
-{code}
-karaf@root()> ssh:ssh -p 8101 karaf@localhost system:shutdown -f
-Connecting to host localhost on port 8101
-Connected
-{code}
-
-As the {{ssh:ssh}} command is a pure SSH client, so it means that you can connect to a Unix OpenSSH daemon:
-
-{code}
-karaf@root()> ssh:ssh user@localhost
-Connecting to host localhost on port 22
-Connecting to unknown server. Add this server to known hosts ? (y/n)
-Storing the server key in known_hosts.
-Agent authentication failed, falling back to password authentication.
-Password: Connected
-Last login: Sun Sep  8 19:21:12 2013
-user@server:~$
-{code}
-
-h4. Apache Karaf client
-
-The {{ssh:ssh}} command requires to be run into a running Apache Karaf console.
-
-For commodity, the {{ssh:ssh}} command is "wrapped" as a standalone client: the {{bin/client}} Unix script ({{bin\client.bat}} on Windows).
-
-{code}
-bin/client --help
-Apache Karaf client
-  -a [port]     specify the port to connect to
-  -h [host]     specify the host to connect to
-  -u [user]     specify the user name
-  --help        shows this help message
-  -v            raise verbosity
-  -r [attempts] retry connection establishment (up to attempts times)
-  -d [delay]    intra-retry delay (defaults to 2 seconds)
-  -b            batch mode, specify multiple commands via standard input
-  -f [file]     read commands from the specified file
-  [commands]    commands to run
-If no commands are specified, the client will be put in an interactive mode
-{code}
-
-For instance, to connect to local Apache Karaf instance (on the default SSHd server 8101 port), you can directly use
-{{bin/client}} Unix script ({{bin\client.bat}} on Windows) without any argument or option:
-
-{code}
-bin/client
-Logging in as karaf
-343 [pool-2-thread-4] WARN org.apache.sshd.client.keyverifier.AcceptAllServerKeyVerifier - Server at /0.0.0.0:8101 presented unverified key:
-        __ __                  ____
-       / //_/____ __________ _/ __/
-      / ,<  / __ `/ ___/ __ `/ /_
-     / /| |/ /_/ / /  / /_/ / __/
-    /_/ |_|\__,_/_/   \__,_/_/
-
-  Apache Karaf (3.0.0)
-
-Hit '<tab>' for a list of available commands
-and '[cmd] --help' for help on a specific command.
-Hit 'system:shutdown' to shutdown Karaf.
-Hit '<ctrl-d>' or type 'logout' to disconnect shell from current session.
-
-karaf@root()>
-{code}
-
-When you don't provide the {{command}} argument to the {{bin/client}} Unix script ({{bin\client.bat}} on Windows), you are
-in the interactive mode: you have a complete remote console available, where you can type commands, etc.
-
-You can also provide directly a command to execute using the {{command}} argument. For instance, to remotely shutdown
-a Apache Karaf instance:
-
-{code}
-bin/client "system:shutdown -f"
-Logging in as karaf
-330 [pool-2-thread-3] WARN org.apache.sshd.client.keyverifier.AcceptAllServerKeyVerifier - Server at /0.0.0.0:8101 presented unverified key:
-{code}
-
-As the Apache Karaf client is a pure SSH client, you can use to connect to any SSHd daemon (like Unix OpenSSH daemon):
-
-{code}
-bin/client -a 22 -h localhost -u user
-Logging in as user
-353 [pool-2-thread-2] WARN org.apache.sshd.client.keyverifier.AcceptAllServerKeyVerifier - Server at localhost/127.0.0.1:22 presented unverified key:
-Password:
-Welcome to Ubuntu 13.10 (GNU/Linux 3.11.0-13-generic x86_64)
-
- * Documentation:  https://help.ubuntu.com/
-
-Last login: Tue Dec  3 18:18:31 2013 from localhost
-{code}
-
-h4. Logout
-
-When you are connected to a remote Apache Karaf console, you can logout using:
-
-* using CTRL-D key binding. Note that CTRL-D just logout from the remote console in this case, it doesn't shutdown
- the Apache Karaf instance (as CTRL-D does when used on a local console).
-* using {{shell:logout}} command (or simply {{logout}})
-
-h3. Filsystem clients
-
-Apache Karaf SSHd server also provides complete fileystem access via SSH. For security reason, the available filesystem
-is limited to {{KARAF_BASE}} directory.
-
-You can use this remote filesystem with any SCP/SFTP compliant clients.
-
-h4. Native SCP/SFTP clients
-
-On Unix, you can directly use {{scp}} command to download/upload files to the Apache Karaf filesystem. For instance,
-to retrieve the {{karaf.log}} file remotely:
-
-{code}
-~$ scp -P 8101 karaf@localhost:/data/log/karaf.log .
-Authenticated with partial success.
-Authenticated with partial success.
-Authenticated with partial success.
-Password authentication
-Password:
-karaf.log
-{code}
-
-As you have access to the complete {{KARAF_BASE}} directory, you can remotely change the configuration file in the {{etc}}
-folder, retrieve log files, populate the {{system}} folder.
-
-On Windows, you can use WinSCP to access the Apache Karaf filesystem.
-
-It's probably easier to use a SFTP complient client.
-
-For instance, on Unix system, you can use {{lftp}} or {{ncftp}}:
-
-{code}
-$ lftp
-lftp :~> open -u karaf sftp://localhost:8101
-Password:
-lftp karaf@localhost:~> ls
--rw-r--r--   1 jbonofre jbonofre    27754 Oct 26 10:50 LICENSE
--rw-r--r--   1 jbonofre jbonofre     1919 Dec  3 05:34 NOTICE
--rw-r--r--   1 jbonofre jbonofre     3933 Aug 18  2012 README
--rw-r--r--   1 jbonofre jbonofre   101041 Dec  3 05:34 RELEASE-NOTES
-drwxr-xr-x   1 jbonofre jbonofre     4096 Dec  3 12:51 bin
-drwxr-xr-x   1 jbonofre jbonofre     4096 Dec  3 18:57 data
-drwxr-xr-x   1 jbonofre jbonofre     4096 Dec  3 12:51 demos
-drwxr-xr-x   1 jbonofre jbonofre     4096 Dec  3 13:02 deploy
-drwxr-xr-x   1 jbonofre jbonofre     4096 Dec  3 17:59 etc
-drwxr-xr-x   1 jbonofre jbonofre     4096 Dec  3 13:02 instances
-drwxr-xr-x   1 jbonofre jbonofre     4096 Dec  3 13:02 lib
--rw-r--r--   1 jbonofre jbonofre        0 Dec  3 13:02 lock
-drwxr-xr-x   1 jbonofre jbonofre     4096 Dec  3 12:51 system
-lftp karaf@localhost:/>
-{code}
-
-You can also use graphic client like {{filezilla}}, {{gftp}}, {{nautilus}}, etc.
-
-On Windows, you can use {{filezilla}}, {{WinSCP}}, etc.
-
-h4. Apache Maven
-
-Apache Karaf {{system}} folder is the Karaf repository, that use a Maven directory structure. It's where Apache Karaf
-looks for the artifacts (bundles, features, kars, etc).
-
-Using Apache Maven, you can populate the {{system}} folder using the {{deploy:deploy-file}} goal.
-
-For instance, you want to add the Apache ServiceMix facebook4j OSGi bundle, you can do:
-
-{code}
-mvn deploy:deploy-file -Dfile=org.apache.servicemix.bundles.facebook4j-2.0.2_1.jar -DgroupId=org.apache.servicemix.bundles -DartifactId=org.apache.servicemix.bundles.facebook4j -Dversion=2.0.2_1 -Dpackaging=jar -Durl=scp://localhost:8101/system
-{code}
-
-{tip}
-If you want to turn Apache Karaf as a simple Maven repository, you can use [Apache Karaf Cave|http://karaf.apache.org/index/subprojects/cave.html].
-{tip}
-
-h2. JMX MBeanServer
-
-Apache Karaf provides a JMX MBeanServer.
-
-This MBeanServer is available remotely, using any JMX client like {{jconsole}}.
-
-You can find details on the [Monitoring section|monitoring] of the user guide.

http://git-wip-us.apache.org/repos/asf/karaf/blob/9f08eb9e/manual/src/main/webapp/users-guide/security.conf
----------------------------------------------------------------------
diff --git a/manual/src/main/webapp/users-guide/security.conf b/manual/src/main/webapp/users-guide/security.conf
deleted file mode 100644
index 640c4b7..0000000
--- a/manual/src/main/webapp/users-guide/security.conf
+++ /dev/null
@@ -1,569 +0,0 @@
-h1. Security
-
-Apache Karaf provides an advanced and flexible security system, powered by JAAS (Java Authentication and Authorization
-Service) in an OSGi compliant way.
-
-It provides a dynamic security system.
-
-The Apache Karaf security framework is used internally to control the access to:
-
-* the OSGi services (described in the developer guide)
-* the console commands
-* the JMX layer
-* the WebConsole
-
-Your applications can also use the security framework (see the developer guide for details).
-
-h2. Realms
-
-Apache Karaf is able to manage multiple realms. A realm contains the definition of the login modules to use for the
-authentication and/or authorization on this realm. The login modules define the authentication and authorization for
-the realm.
-
-The {{jaas:realm-list}} command list the current defined realms:
-
-{code}
-karaf@root()> jaas:realm-list
-Index | Realm Name | Login Module Class Name
------------------------------------------------------------------------------------
-1     | karaf      | org.apache.karaf.jaas.modules.properties.PropertiesLoginModule
-2     | karaf      | org.apache.karaf.jaas.modules.publickey.PublickeyLoginModule
-{code}
-
-You can see that the Apache Karaf provides a default realm named {{karaf}}.
-
-This realm has two login modules:
-
-* the {{PropertiesLoginModule}} uses the {{etc/users.properties}} file as backend for users, groups, roles and password.
- This login module authenticates the users and returns the users' roles.
-* the {{PublickeyLoginModule}} is especially used by the SSHd. It uses the {{etc/keys.properties}} file. This file contains
- the users and a public key associated to each user.
-
-Apache Karaf provides additional login modules (see the developer guide for details):
-
-* JDBCLoginModule uses a database as backend
-* LDAPLoginModule uses a LDAP server as backend
-* SyncopeLoginModule uses Apache Syncope as backend
-* OsgiConfigLoginModule uses a configuration as backend
-
-You can manage an existing realm, login module, or create your own realm using the {{jaas:realm-manage}} command.
-
-h2. Users, groups, roles, and passwords
-
-As we saw, by default, Apache Karaf uses a PropertiesLoginModule.
-
-This login module uses the {{etc/users.properties}} file as storage for the users, groups, roles and passwords.
-
-The initial {{etc/users.properties}} file contains:
-
-{code}
-################################################################################
-#
-#    Licensed to the Apache Software Foundation (ASF) under one or more
-#    contributor license agreements.  See the NOTICE file distributed with
-#    this work for additional information regarding copyright ownership.
-#    The ASF licenses this file to You under the Apache License, Version 2.0
-#    (the "License"); you may not use this file except in compliance with
-#    the License.  You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#    Unless required by applicable law or agreed to in writing, software
-#    distributed under the License is distributed on an "AS IS" BASIS,
-#    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#    See the License for the specific language governing permissions and
-#    limitations under the License.
-#
-################################################################################
-
-#
-# This file contains the users, groups, and roles.
-# Each line has to be of the format:
-#
-# USER=PASSWORD,ROLE1,ROLE2,...
-# USER=PASSWORD,_g_:GROUP,...
-# _g_\:GROUP=ROLE1,ROLE2,...
-#
-# All users, grousp, and roles entered in this file are available after Karaf startup
-# and modifiable via the JAAS command group. These users reside in a JAAS domain
-# with the name "karaf".
-#
-karaf = karaf,_g_:admingroup
-_g_\:admingroup = group,admin,manager,viewer
-{code}
-
-We can see in this file, that we have one user by default: {{karaf}}.
-The default password is {{karaf}}.
-
-The {{karaf}} user is member of one group: the {{admingroup}}.
-
-A group is always prefixed by {{_g_:}}. An entry without this prefix is an user.
-
-A group defines a set of roles. By default, the {{admingroup}} defines {{group}}, {{admin}}, {{manager}}, and {{viewer}}
-roles.
-
-It means that the {{karaf}} user will have the roles defined by the {{admingroup}}.
-
-h3. Commands
-
-The {{jaas:*}} commands manage the realms, users, groups, roles in the console.
-
-h4. {{jaas:realm-list}}
-
-We already used the {{jaas:realm-list}} previously in this section.
-
-The {{jaas:realm-list}} command list the realm and the login modules for each realm:
-
-{code}
-karaf@root()> jaas:realm-list
-Index | Realm Name | Login Module Class Name
------------------------------------------------------------------------------------
-1     | karaf      | org.apache.karaf.jaas.modules.properties.PropertiesLoginModule
-2     | karaf      | org.apache.karaf.jaas.modules.publickey.PublickeyLoginModule
-{code}
-
-We have here one realm ({{karaf}}) containing two login modules ({{PropertiesLoginModule}} and {{PublickeyLoginModule}}).
-
-The {{index}} is used by the {{jaas:realm-manage}} command to easily identify the realm/login module that we want to manage.
-
-h4. {{jaas:realm-manage}}
-
-The {{jaas:realm-manage}} command switch in realm/login module edit mode, where you can manage the users, groups, and roles in the login module.
-
-To identify the realm and login module that you want to manage, you can use the {{--index}} option.
-The indexes are displayed by the {{jaas:realm-list}} command:
-
-{code}
-karaf@root()> jaas:realm-manage --index 1
-{code}
-
-Another way is to use the {{--realm}} and {{--module}} options. The {{--realm}} option expects the realm name, and the {{--module}}
-option expects the login module class name:
-
-{code}
-karaf@root()> jaas:realm-manage --realm karaf --module org.apache.karaf.jaas.modules.properties.PropertiesLoginModule
-{code}
-
-h4. {{jaas:user-list}}
-
-When you are in edit mode, you can list the users in the login module using the {{jaas:user-list}}:
-
-{code}
-karaf@root()> jaas:user-list
-User Name | Group      | Role
---------------------------------
-karaf     | admingroup | admin
-karaf     | admingroup | manager
-karaf     | admingroup | viewer
-{code}
-
-You can see the user name and the group by role.
-
-h4. {{jaas:user-add}}
-
-The {{jaas:user-add}} command adds a new user (and the password) in the currently edited login module:
-
-{code}
-karaf@root()> jaas:user-add foo bar
-{code}
-
-To "commit" your change (here the user addition), you have to execute the {{jaas:update}} command:
-
-{code}
-karaf@root()> jaas:update
-karaf@root()> jaas:realm-manage --index 1
-karaf@root()> jaas:user-list
-User Name | Group      | Role
---------------------------------
-karaf     | admingroup | admin
-karaf     | admingroup | manager
-karaf     | admingroup | viewer
-foo       |            |
-{code}
-
-On the other hand, if you want to rollback the user addition, you can use the {{jaas:cancel}} command.
-
-h4. {{jaas:user-delete}}
-
-The {{jaas:user-delete}} command deletes an user from the currently edited login module:
-
-{code}
-karaf@root()> jaas:user-delete foo
-{code}
-
-Like for the {{jaas:user-add}} command, you have to use the {{jaas:update}} to commit your change (or {{jaas:cancel}} to rollback):
-
-{code}
-karaf@root()> jaas:update
-karaf@root()> jaas:realm-manage --index 1
-karaf@root()> jaas:user-list
-User Name | Group      | Role
---------------------------------
-karaf     | admingroup | admin
-karaf     | admingroup | manager
-karaf     | admingroup | viewer
-{code}
-
-h4. {{jaas:group-add}}
-
-The {{jaas:group-add}} command assigns a group (and eventually creates the group) to an user in the currently edited login module:
-
-{code}
-karaf@root()> jaas:group-add karaf mygroup
-{code}
-
-h4. {{jaas:group-delete}}
-
-The {{jaas:group-delete}} command removes an user from a group in the currently edited login module:
-
-{code}
-karaf@root()> jaas:group-delete karaf mygroup
-{code}
-
-h4. {{jaas:group-role-add}}
-
-The {{jaas:group-role-add}} command adds a role in a group in the currently edited login module:
-
-{code}
-karaf@root()> jaas:group-role-add mygroup myrole
-{code}
-
-h4. {{jaas:group-role-delete}}
-
-The {{jaas:group-role-delete}} command removes a role from a group in the currently edited login module:
-
-{code}
-karaf@root()> jaas:group-role-delete mygroup myrole
-{code}
-
-h4. {{jaas:update}}
-
-The {{jaas:update}} command commits your changes in the login module backend. For instance, in the case of the PropertiesLoginModule,
-the {{etc/users.properties}} will be updated only after the execution of the {{jaas:update}} command.
-
-h4. {{jaas:cancel}}
-
-The {{jaas:cancel}} command rollback your changes and doesn't update the login module backend.
-
-h2. Passwords encryption
-
-By default, the passwords are stored in clear form in the {{etc/users.properties}} file.
-
-It's possible to enable encryption in the {{etc/org.apache.karaf.jaas.cfg}} configuration file:
-
-{code}
-################################################################################
-#
-#    Licensed to the Apache Software Foundation (ASF) under one or more
-#    contributor license agreements.  See the NOTICE file distributed with
-#    this work for additional information regarding copyright ownership.
-#    The ASF licenses this file to You under the Apache License, Version 2.0
-#    (the "License"); you may not use this file except in compliance with
-#    the License.  You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#    Unless required by applicable law or agreed to in writing, software
-#    distributed under the License is distributed on an "AS IS" BASIS,
-#    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#    See the License for the specific language governing permissions and
-#    limitations under the License.
-#
-################################################################################
-
-#
-# Boolean enabling / disabling encrypted passwords
-#
-encryption.enabled = false
-
-#
-# Encryption Service name
-#   the default one is 'basic'
-#   a more powerful one named 'jasypt' is available
-#       when installing the encryption feature
-#
-encryption.name =
-
-#
-# Encryption prefix
-#
-encryption.prefix = {CRYPT}
-
-#
-# Encryption suffix
-#
-encryption.suffix = {CRYPT}
-
-#
-# Set the encryption algorithm to use in Karaf JAAS login module
-# Supported encryption algorithms follow:
-#   MD2
-#   MD5
-#   SHA-1
-#   SHA-256
-#   SHA-384
-#   SHA-512
-#
-encryption.algorithm = MD5
-
-#
-# Encoding of the encrypted password.
-# Can be:
-#   hexadecimal
-#   base64
-#
-encryption.encoding = hexadecimal
-{code}
-
-If the {{encryption.enabled}} property is set to true, the password encryption is enabled.
-
-With encryption enabled, the password are encrypted at the first time an user logs in. The encrypted passwords are
-prefixed and suffixed with {{\{CRYPT\}}}. To re-encrypt the password, you can reset the password in clear (in {{etc/users.properties}}
-file), without the {{\{CRYPT\}}} prefix and suffix. Apache Karaf will detect that this password is in clear (because it's not
-prefixed and suffixed with {{\{CRYPT\}}}) and encrypt it again.
-
-The {{etc/org.apache.karaf.jaas.cfg}} configuration file allows you to define advanced encryption behaviours:
-
-* the {{encryption.prefix}} property defines the prefix to "flag" a password as encrypted. The default is {{\{CRYPT\}}}.
-* the {{encryption.suffix}} property defines the suffix to "flag" a password as encrypted. The default is {{\{CRYPT\}}}.
-* the {{encryption.algorithm}} property defines the algorithm to use for encryption (digest). The possible values are {{MD2}}, {{MD5}},
-{{SHA-1}}, {{SHA-256}}, {{SHA-384}}, {{SHA-512}}. The default is {{MD5}}.
-* the {{encryption.encoding}} property defines the encoding of the encrypted password. The possible values are {{hexadecimal}}
- or {{base64}}. The default value is {{hexadecimal}}.
-
-h2. Managing authentication by key
-
-For the SSH layer, Karaf supports the authentication by key, allowing to login without providing the password.
-
-The SSH client (so bin/client provided by Karaf itself, or any ssh client like OpenSSH) uses a public/private keys pair that
-will identify himself on Karaf SSHD (server side).
-
-The keys allowed to connect are stored in {{etc/keys.properties}} file, following the format:
-
-{code}
-user=key,role
-{code}
-
-By default, Karaf allows a key for the karaf user:
-
-{code}
-# karaf=AAAAB3NzaC1kc3MAAACBAP1/U4EddRIpUt9KnC7s5Of2EbdSPO9EAMMeP4C2USZpRV1AIlH7WT2NWPq/xfW6MPbLm1Vs14E7gB00b/JmYLdrmVClpJ+f6AR7ECLCT7up1/63xhv4O1fnxqimFQ8E+4P208UewwI1VBNaFpEy9nXzrith1yrv8iIDGZ3RSAHHAAAAFQCXYFCPFSMLzLKSuYKi64QL8Fgc9QAAAIEA9+GghdabPd7LvKtcNrhXuXmUr7v6OuqC+VdMCz0HgmdRWVeOutRZT+ZxBxCBgLRJFnEj6EwoFhO3zwkyjMim4TwWeotUfI0o4KOuHiuzpnWRbqN/C/ohNWLx+2J6ASQ7zKTxvqhRkImog9/hWuWfBpKLZl6Ae1UlZAFMO/7PSSoAAACBAKKSU2PFl/qOLxIwmBZPPIcJshVe7bVUpFvyl3BbJDow8rXfskl8wO63OzP/qLmcJM0+JbcRU/53JjTuyk31drV2qxhIOsLDC9dGCWj47Y7TyhPdXh/0dthTRBy6bqGtRPxGa7gJov1xm/UuYYXPIUR/3x9MAZvZ5xvE0kYXO+rx,admin
-{code}
-
-{warning}
-For security reason, this key is disabled. We encourage to create the keys pair per client and update the {{etc/keys.properties}} file.
-{warning}
-
-The easiest way to create key pair is to use OpenSSH.
-
-You can create a key pair using:
-
-{code}
-ssh-keygen -t dsa -f karaf.id_dsa -N karaf
-{code}
-
-You have now the public and private keys:
-
-{code}
--rw-------  1 jbonofre jbonofre    771 Jul 25 22:05 karaf.id_dsa
--rw-r--r--  1 jbonofre jbonofre    607 Jul 25 22:05 karaf.id_dsa.pub
-{code}
-
-You can copy in the content of the {{karaf.id_dsa.pub}} file in the {{etc/keys.properties}}:
-
-{code}
-karaf=AAAAB3NzaC1kc3MAAACBAJLj9vnEhu3/Q9Cvym2jRDaNWkATgQiHZxmErCmiLRuD5Klfv+HT/+8WoYdnvj0YaXFP80phYhzZ7fbIO2LRFhYhPmGLa9nSeOsQlFuX5A9kY1120yB2kxSIZI0fU2hy1UCgmTxdTQPSYtdWBJyvO/vczoX/8I3FziEfss07Hj1NAAAAFQD1dKEzkt4e7rBPDokPOMZigBh4kwAAAIEAiLnpbGNbKm8SNLUEc/fJFswg4G4VjjngjbPZAjhkYe4+H2uYmynry6V+GOTS2kaFQGZRf9XhSpSwfdxKtx7vCCaoH9bZ6S5Pe0voWmeBhJXi/Sww8f2stpitW2Oq7V7lDdDG81+N/D7/rKDD5PjUyMsVqc1n9wCTmfqmi6XPEw8AAACAHAGwPn/Mv7P9Q9+JZRWtGq+i4pL1zs1OluiStCN9e/Ok96t3gRVKPheQ6IwLacNjC9KkSKrLtsVyepGA+V5j/N+Cmsl6csZilnLvMUTvL/cmHDEEhTIQnPNrDDv+tED2BFqkajQqYLgMWeGVqXsBU6IT66itZlYtrq4v6uDQG/o=,admin
-{code}
-
-and specify to the client to use the {{karaf.id_dsa}} private key:
-
-{code}
-bin/client -k ~/karaf.id_dsa
-{code}
-
-or to ssh
-
-{code}
-ssh -p 8101 -i ~/karaf.id_dsa karaf@localhost
-{code}
-
-h2. RBAC
-
-Apache Karaf uses the roles to control the access to the resources: it's a RBAC (Role Based Access Control) system.
-
-The roles are used to control:
-
-* access to OSGi services
-* access to the console (control the execution of the commands)
-* access to JMX (MBeans and/or operations)
-* access to the WebConsole
-
-h3. OSGi services
-
-The details about OSGi services RBAC support is explained in the developer guide.
-
-h3. Console
-
-Console RBAC supports is a specialization of the OSGi service RBAC. Actually, in Apache Karaf, all console commands are
-defined as OSGi services.
-
-The console command name follows the {{scope:name}} format.
-
-The ACL (Access Lists) are defined in {{etc/org.apache.karaf.command.acl.<scope>.cfg}} configuration files, where {{<scope>}}
-is the commands scope.
-
-For instance, we can define the ACL to the {{feature:*}} commands by creating a {{etc/org.apache.karaf.command.acl.feature.cfg}}
-configuration file. In this {{etc/org.apache.karaf.command.acl.feature.cfg}} configuration file, we can set:
-
-{code}
-list = viewer
-info = viewer
-install = admin
-uninstall = admin
-{code}
-
-Here, we define that {{feature:list}} and {{feature:info}} commands can be executed by users with {{viewer}} role, whereas
-the {{feature:install}} and {{feature:uninstall}} commands can only be executed by users with {{admin}} role.
-Note that users in the admin group will also have viewer role, so will be able to do everything.
-
-Apache Karaf command ACLs can control access using (inside a given command scope):
-
-* the command name regex (e.g. {{name = role}})
-* the command name and options or arguments values regex (e.g. {{name[/.*[0-9][0-9][0-9]+.*/] = role}} to execute name only with argument value above 100)
-
-Both command name and options/arguments support exact matching or regex matching.
-
-By default, Apache Karaf defines the following commands ACLs:
-
-* {{etc/org.apache.karaf.command.acl.bundle.cfg}} configuration file defines the ACL for {{bundle:*}} commands.
- This ACL limits the execution of {{bundle:*}} commands for system bundles only to the users with {{admin}} role, whereas
- {{bundle:*}} commands for non-system bundles can be executed by the users with {{manager}} role.
-* {{etc/org.apache.karaf.command.acl.config.cfg}} configuration file defines the ACL for {{config:*}} commands.
- This ACL limits the execution of {{config:*}} commands with {{jmx.acl.*}}, {{org.apache.karaf.command.acl.*}}, and
- {{org.apache.karaf.service.acl.*}} configuration PID to the users with {{admin}} role. For the other configuration PID,
- the users with the {{manager}} role can execute {{config:*}} commands.
-* {{etc/org.apache.karaf.command.acl.feature.cfg}} configuration file defines the ACL for {{feature:*}} commands.
- Only the users with {{admin}} role can execute {{feature:install}} and {{feature:uninstall}} commands. The other {{feature:*}}
- commands can be executed by any user.
-* {{etc/org.apache.karaf.command.acl.jaas.cfg}} configuration file defines the ACL for {{jaas:*}} commands.
- Only the users with {{admin}} role can execute {{jaas:update}} command. The other {{jaas:*}} commands can be executed by any
- user.
-* {{etc/org.apache.karaf.command.acl.kar.cfg}} configuration file defines the ACL for {{kar:*}} commands.
- Only the users with {{admin}} role can execute {{kar:install}} and {{kar:uninstall}} commands. The other {{kar:*}} commands
- can be executed by any user.
-* {{etc/org.apache.karaf.command.acl.shell.cfg}} configuration file defines the ACL for {{shell:*}} and "direct" commands.
- Only the users with {{admin}} role can execute {{shell:edit}}, {{shell:exec}}, {{shell:new}}, and {{shell:java}} commands.
- The other {{shell:*}} commands can be executed by any user.
-
-You can change these default ACLs, and add your own ACLs for additional command scopes (for instance {{etc/org.apache.karaf.command.acl.cluster.cfg}} for
-Apache Karaf Cellar, {{etc/org.apache.karaf.command.acl.camel.cfg}} from Apache Camel, ...).
-
-You can fine tuned the command RBAC support by editing the {{karaf.secured.services}} property in {{etc/system.properties}}:
-
-{code}
-#
-# By default, only Karaf shell commands are secured, but additional services can be
-# secured by expanding this filter
-#
-karaf.secured.services = (&(osgi.command.scope=*)(osgi.command.function=*))
-{code}
-
-h3. JMX
-
-Like for the console commands, you can define ACL (AccessLists) to the JMX layer.
-
-The JMX ACL are defined in {{etc/jmx.acl<ObjectName>.cfg}} configuration file, where {{<ObjectName>}} is a MBean object name
-(for instance {{org.apache.karaf.bundle}} represents {{org.apache.karaf;type=Bundle}} MBean).
-
-The {{etc/jmx.acl.cfg}} is the most generic configuration file and is used when no specific ones are found.
-It contains the "global" ACL definition.
-
-JMX ACLs can control access using (inside a JMX MBean):
-
-* the operation name regex (e.g. {{operation* = role}})
-* the operation arguments value regex (e.g. {{operation(java.lang.String, int)[/([1-4])?[0-9]/,/.*/] = role}})
-
-By default, Apache Karaf defines the following JMX ACLs:
-
-* {{etc/jmx.acl.org.apache.karaf.bundle.cfg}} configuration file defines the ACL for the {{org.apache.karaf:type=bundle}}
- MBean. This ACL limits the {{setStartLevel()}}, {{start()}}, {{stop()}}, and {{update()}} operations for system bundles for
- only users with {{admin}} role. The other operations can be performed by users with the {{manager}} role.
-* {{etc/jmx.acl.org.apache.karaf.config.cfg}} configuration file defines the ACL for the {{org.apache.karaf:type=config}}
- MBean. This ACL limits the change on {{jmx.acl*}}, {{org.apache.karaf.command.acl*}}, and {{org.apache.karaf.service.acl*}}
- configuration PIDs for only users with {{admin}} role. The other operations can be performed by users with the {{manager}} role.
-* {{etc/jmx.acl.org.apache.karaf.security.jmx.cfg}} configuration file defines the ACL for the {{org.apache.karaf:type=security,area=jmx}}
- MBean. This ACL limits the invocation of the {{canInvoke()}} operation for the users with {{viewer}} role.
-* {{etc/jmx.acl.osgi.compendium.cm.cfg}} configuration file defines the ACL for the {{osgi.compendium:type=cm}} MBean.
- This ACL limits the changes on {{jmx.acl*}}, {{org.apache.karaf.command.acl*}}, and {{org.apache.karaf.service.acl*}}
- configuration PIDs for only users with {{admin}} role. The other operations can be performed by users with the {{manager}} role.
-* {{etc/jmx.acl.java.lang.Memory.cfg}} configuration file defines the ACL for the core JVM Memory MBean.
- This ACL limits the invocation of the {{gc}} operation for only users with the {{manager}} role.
-* {{etc/jmx.acl.cfg}} configuration file is the most generic file. The ACLs defined here are used when no other specific
- ACLs match (by specific ACL, it's an ACL defined in another MBean specific {{etc/jmx.acl.*.cfg}} configuration file).
- The {{list*()}}, {{get*()}}, {{is*()}} operations can be performed by users with the {{viewer}} role.
- The {{set*()}} and all other {{*()}} operations can be performed by users with the {{admin}} role.
-
-h3. WebConsole
-
-The Apache Karaf WebConsole is not available by default. To enable it, you have to install the {{webconsole}} feature:
-
-{code}
-karaf@root()> feature:install webconsole
-{code}
-
-The WebConsole doesn't support fine grained RBAC like console or JMX for now.
-
-All users with the {{admin}} role can logon the WebConsole and perform any operations.
-
-h2. SecurityMBean
-
-Apache Karaf provides a JMX MBean to check if the current user can invoke a given MBean and/or operation.
-
-The {{canInvoke()}} operation gets the roles of the current user, and check if one the roles can invoke the MBean and/or the
-operation, eventually with a given argument value.
-
-h3. Operations
-
-* {{canInvoke(objectName)}} returns {{true}} if the current user can invoke the MBean with the {{objectName}}, {{false}} else.
-* {{canInvoke(objectName, methodName)}} returns {{true}} if the current user can invoke the operation {{methodName}} on the MBean
- with the {{objectName}}, {{false}} else.
-* {{canInvoke(objectName, methodName, argumentTypes)}} returns {{true}} if the current user can invoke the operation {{methodName}}
-with the array of arguments types {{argumentTypes}} on the MBean with {{objectName}}, {{false}} else.
-* {{canInvoke(bulkQuery)}} returns a tabular data containing for each operation in the {{bulkQuery}} tabular data if {{canInvoke}}
-is {{true}} or {{false}}.
-
-h2. Security providers
-
-Some applications require specific security providers to be available, such as [BouncyCastle|http://www.bouncycastle.org].
-
-The JVM imposes some restrictions about the use of such jars: they have to be signed and be available on the boot classpath.
-
-One way to deploy those providers is to put them in the JRE folder at {{$JAVA_HOME/jre/lib/ext}} and modify the security
-policy configuration ({{$JAVA_HOME/jre/lib/security/java.security}}) in order to register such providers.
-
-While this approach works fine, it has a global effect and requires you to configure all your servers accordingly.
-
-Apache Karaf offers a simple way to configure additional security providers:
-* put your provider jar in {{lib/ext}}
-* modify the {{etc/config.properties}} configuration file to add the following property
-
-{code}
-org.apache.karaf.security.providers = xxx,yyy
-{code}
-
-The value of this property is a comma separated list of the provider class names to register.
-
-For instance, to add the bouncycastle security provider, you define:
-
-{code}
-org.apache.karaf.security.providers = org.bouncycastle.jce.provider.BouncyCastleProvider
-{code}
-
-In addition, you may want to provide access to the classes from those providers from the system bundle so that all bundles
-can access those.
-
-It can be done by modifying the {{org.osgi.framework.bootdelegation}} property in the same configuration file:
-
-{code}
-org.osgi.framework.bootdelegation = ...,org.bouncycastle*
-{code}

http://git-wip-us.apache.org/repos/asf/karaf/blob/9f08eb9e/manual/src/main/webapp/users-guide/start-stop.conf
----------------------------------------------------------------------
diff --git a/manual/src/main/webapp/users-guide/start-stop.conf b/manual/src/main/webapp/users-guide/start-stop.conf
deleted file mode 100644
index f40b0da..0000000
--- a/manual/src/main/webapp/users-guide/start-stop.conf
+++ /dev/null
@@ -1,419 +0,0 @@
-h1. Start, stop, restart, connect
-
-h2. Start
-
-Apache Karaf supports different start mode:
-
-* the "regular" mode starts Apache Karaf in foreground, including the shell console.
-* the "server" mode starts Apache Karaf in foreground, without the shell console.
-* the "background" mode starts Apache Karaf in background.
-
-You can also manage Apache Karaf as a system service (see [System Service|wrapper] section of this manual).
-
-h3. Regular mode
-
-The regular mode uses the {{bin/karaf}} Unix script ({{bin\karaf.bat}} on Windows). It's the default start process.
-
-It starts Apache Karaf as a foreground process, and displays the shell console.
-
-On Unix:
-
-{code}
-bin/karaf
-        __ __                  ____
-       / //_/____ __________ _/ __/
-      / ,<  / __ `/ ___/ __ `/ /_
-     / /| |/ /_/ / /  / /_/ / __/
-    /_/ |_|\__,_/_/   \__,_/_/
-
-  Apache Karaf (3.0.0)
-
-Hit '<tab>' for a list of available commands
-and '[cmd] --help' for help on a specific command.
-Hit '<ctrl-d>' or type 'system:shutdown' or 'logout' to shutdown Karaf.
-
-karaf@root()>
-{code}
-
-On Windows:
-
-{code}
-bin\karaf.bat
-        __ __                  ____
-       / //_/____ __________ _/ __/
-      / ,<  / __ `/ ___/ __ `/ /_
-     / /| |/ /_/ / /  / /_/ / __/
-    /_/ |_|\__,_/_/   \__,_/_/
-
-  Apache Karaf (3.0.0)
-
-Hit '<tab>' for a list of available commands
-and '[cmd] --help' for help on a specific command.
-Hit '<ctrl-d>' or type 'system:shutdown' or 'logout' to shutdown Karaf.
-
-karaf@root()>
-{code}
-
-{warning:title=Warning}
-Closing the console or shell window will cause Apache Karaf to terminate.
-{warning}
-
-h3. Server mode
-
-The server mode starts Apache Karaf as a foreground process, but it doesn't start the shell console.
-
-To use this mode, you use the {{server}} argument to the {{bin/karaf}} Unix script ({{bin\karaf.bat}} on Windows).
-
-On Unix:
-
-{code}
-bin/karaf server
-
-{code}
-
-On Windows:
-
-{code}
-bin\karaf.bat server
-
-{code}
-
-{warning:title=Warning}
-Closing the console or shell window will cause Apache Karaf to terminate.
-{warning}
-
-You can connect to the shell console using SSH or client (see the Connect section in this page).
-
-h3. Background mode
-
-The background mode starts Apache Karaf as a background process.
-
-To start in background mode, you have to use {{bin/start}} Unix script ({{bin\start.bat}} on Windows).
-
-On Unix:
-
-{code}
-bin/start
-{code}
-
-On Windows:
-
-{code}
-bin\start.bat
-{code}
-
-You can connect to the shell console using SSH or client (see the Connect section in this page).
-
-h3. Clean start
-
-Apache Karaf stores all previously applications installed and changes that you did in the data folder.
-
-If you want to start from a clean state, you can remove the data folder.
-
-For convenience, you can use the {{clean}} argument to the {{bin/karaf}} Unix script ({{bin\karaf.bat}} on Windows).
-
-On Unix:
-
-{code}
-bin/karaf clean
-{code}
-
-{code}
-bin/start clean
-{code}
-
-On Windows:
-
-{code}
-bin\karaf.bat clean
-{code}
-
-{code}
-bin\start.bat clean
-{code}
-
-h3. Customize variables
-
-Apache Karaf accepts environment variables:
-
-* {{JAVA_MIN_MEM}}: minimum memory for the JVM (default is 128M).
-* {{JAVA_MAX_MEM}}: maximum memory for the JVM (default is 512M).
-* {{JAVA_PERM_MEM}}: minimum perm memory for the JVM (default is JVM default value).
-* {{JAVA_MAX_PERM_MEM}}: maximum perm memory for the JVM (default is JVM default value).
-* {{KARAF_HOME}}: the location of your Apache Karaf installation (default is found depending where you launch the startup script).
-* {{KARAF_BASE}}: the location of your Apache Karaf base (default is {{KARAF_HOME}}).
-* {{KARAF_DATA}}: the location of your Apache Karaf data folder (default is {{KARAF_BASE/data}}).
-* {{KARAF_ETC}}: the location of your Apache Karaf etc folder (default is {{KARAF_BASE/etc}}).
-* {{KARAF_OPTS}}: extra arguments passed to the Java command line (default is null).
-* {{KARAF_DEBUG}}: if 'true', enable the debug mode (default is null). If debug mode is enabled, Karaf starts a JDWP socket on port 5005. You can plug your IDE to define breakpoints, and run step by step.
-
-You can define these environment variables in {{bin/setenv}} Unix script ({{bin\setenv.bat}} on Windows).
-
-For instance, to set the minimum and maximum memory size for the JVM, you can define the following values:
-
-On Unix:
-
-{code}
-# Content of bin/setenv
-export JAVA_MIN_MEM=256M
-exoprt JAVA_MAX_MEM=1024M
-{code}
-
-On Windows:
-
-{code}
-rem Content of bin\setenv.bat
-set JAVA_MIN_MEM=256M
-set JAVA_MAX_MEM=1024M
-{code}
-
-h3. Connect
-
-Even if you start Apache Karaf without the console (using server or background modes), you can connect to the console.
-This connection can be local or remote. It means that you can access to Karaf console remotely.
-
-To connect to the console, you can use the {{bin/client}} Unix script ({{bin\client.bat}} on Windows).
-
-On Unix:
-
-{code}
-bin/client
-Logging in as karaf
-360 [pool-2-thread-3] WARN org.apache.sshd.client.keyverifier.AcceptAllServerKeyVerifier - Server at /0.0.0.0:8101 presented unverified key:
-        __ __                  ____
-       / //_/____ __________ _/ __/
-      / ,<  / __ `/ ___/ __ `/ /_
-     / /| |/ /_/ / /  / /_/ / __/
-    /_/ |_|\__,_/_/   \__,_/_/
-
-  Apache Karaf (3.0.0)
-
-Hit '<tab>' for a list of available commands
-and '[cmd] --help' for help on a specific command.
-Hit 'system:shutdown' to shutdown Karaf.
-Hit '<ctrl-d>' or type 'logout' to disconnect shell from current session.
-
-karaf@root()>
-{code}
-
-On Windows:
-
-{code}
-bin\client.bat
-Logging in as karaf
-360 [pool-2-thread-3] WARN org.apache.sshd.client.keyverifier.AcceptAllServerKeyVerifier - Server at /0.0.0.0:8101 presented unverified key:
-        __ __                  ____
-       / //_/____ __________ _/ __/
-      / ,<  / __ `/ ___/ __ `/ /_
-     / /| |/ /_/ / /  / /_/ / __/
-    /_/ |_|\__,_/_/   \__,_/_/
-
-  Apache Karaf (3.0.0-SNAPSHOT)
-
-Hit '<tab>' for a list of available commands
-and '[cmd] --help' for help on a specific command.
-Hit 'system:shutdown' to shutdown Karaf.
-Hit '<ctrl-d>' or type 'logout' to disconnect shell from current session.
-
-karaf@root()>
-{code}
-
-By default, {{client}} tries to connect on localhost, on port 8101 (the default Apache Karaf SSH port).
-
-{{client}} accepts different options to let you connect on a remote Apache Karaf instance. You can use {{--help}} to get details about the options:
-
-On Unix:
-
-{code}
-bin/client --help
-Apache Karaf client
-  -a [port]     specify the port to connect to
-  -h [host]     specify the host to connect to
-  -u [user]     specify the user name
-  --help        shows this help message
-  -v            raise verbosity
-  -r [attempts] retry connection establishment (up to attempts times)
-  -d [delay]    intra-retry delay (defaults to 2 seconds)
-  -b            batch mode, specify multiple commands via standard input
-  -f [file]     read commands from the specified file
-  [commands]    commands to run
-If no commands are specified, the client will be put in an interactive mode
-{code}
-
-On Windows:
-
-{code}
-bin\client.bat --help
-Apache Karaf client
-  -a [port]     specify the port to connect to
-  -h [host]     specify the host to connect to
-  -u [user]     specify the user name
-  --help        shows this help message
-  -v            raise verbosity
-  -r [attempts] retry connection establishment (up to attempts times)
-  -d [delay]    intra-retry delay (defaults to 2 seconds)
-  -b            batch mode, specify multiple commands via standard input
-  -f [file]     read commands from the specified file
-  [commands]    commands to run
-If no commands are specified, the client will be put in an interactive mode
-{code}
-
-Actually, {{client}} is a SSH client. You can use any SSH client to connect, like OpenSSH (ssh command) on Unix, or Putty on Windows.
-
-For instance, on Unix, you can do:
-
-{code}
-ssh karaf@localhost -p 8101
-Authenticated with partial success.
-Authenticated with partial success.
-Authenticated with partial success.
-Password authentication
-Password:
-        __ __                  ____
-       / //_/____ __________ _/ __/
-      / ,<  / __ `/ ___/ __ `/ /_
-     / /| |/ /_/ / /  / /_/ / __/
-    /_/ |_|\__,_/_/   \__,_/_/
-
-  Apache Karaf (3.0.0-SNAPSHOT)
-
-Hit '<tab>' for a list of available commands
-and '[cmd] --help' for help on a specific command.
-Hit 'system:shutdown' to shutdown Karaf.
-Hit '<ctrl-d>' or type 'logout' to disconnect shell from current session.
-
-karaf@root()>
-{code}
-
-h2. Stop
-
-When you start Apache Karaf in regular mode, the {{logout}} command or CTRL-D key binding logout from the console and shutdown Apache Karaf.
-
-When you start Apache Karaf in background mode (with the {{bin/start}} Unix script ({{bin\start.bat}} on Windows)), you can use the {{bin/stop}} Unix script ({{bin\stop.bat}} on Windows).
-
-More generally, you can use the {{shutdown}} command (on the Apache Karaf console) that work in any case.
-
-The {{shutdown}} command is very similar to the the {{shutdown}} Unix command.
-
-To shutdown Apache Karaf now, you can simple using {{shutdown}}:
-
-{code}
-karaf@root()> shutdown -h
-Confirm: halt instance root (yes/no):
-{code}
-
-The {{shutdown}} command asks for a confirmation. If you want to bypass the confirmation step, you can use the {{-f}} ({{--force}}) option:
-
-{code}
-karaf@root()> shutdown -f
-{code}
-
-You can also use directly {{halt}} which is an alias to {{shutdown -f -h}}.
-
-The {{shutdown}} command accepts a time argument. With this argument, you can define when you want to shutdown the Apache Karaf container.
-
-The time argument can have different formats. First, it can be an absolute time in the format hh:mm, in which hh is the hour (1 or 2 digits) and mm is the minute of the hour
-(in two digits). Second, it can be in the format m (or +m), in which m is the number of minutes to wait. The word {{now}} is an alias for 0.
-
-For instance, the following command will shutdown Apache Karaf at 10:35am:
-
-{code}
-karaf@root()> system:shutdown 10:35
-{code}
-
-Another example to shutdown Apache Karaf in 10 minutes:
-
-{code}
-karaf@root()> system:shutdown 10
-{code}
-
-Like for other commands, you can find details on the {{shutdown}} command man page:
-
-{code}
-karaf@root()> shutdown --help
-DESCRIPTION
-        system:shutdown
-
-        Shutdown Karaf.
-
-SYNTAX
-        system:shutdown [options] [time]
-
-ARGUMENTS
-        time
-                Shutdown after a specified delay. The time argument can have different formats. First, it can be an abolute time in the format hh:mm, in which hh is the hour (1 or 2 digits) and mm is the minute of the hour (in two digits). Second, it can be in the format +m, in which m is the number of minutes to
-                wait. The word now is an alias for +0.
-
-OPTIONS
-        -c, --clean, --clean-all, -ca
-                Force a clean restart by deleting the data directory
-        -f, --force
-                Force the shutdown without confirmation message.
-        -h, --halt
-                Halt the Karaf container.
-        --help
-                Display this help message
-        -cc, --clean-cache, -cc
-                Force a clean restart by deleting the cache directory
-        -r, --reboot
-                Reboot the Karaf container.
-{code}
-
-h2. Status
-
-When you start Apache Karaf in background mode, you may want to check the current status.
-
-To do so, you can use the {{bin/status}} Unix script ({{bin\status.bat}} on Windows).
-
-NB: the script returns 0 exit code if Apache Karaf is running, 1 exit code else.
-
-On Unix:
-
-{code}
-bin/status
-Not Running ...
-{code}
-
-{code}
-bin/status
-Running ...
-{code}
-
-On Windows:
-
-{code}
-bin\status.bat
-Not Running ...
-{code}
-
-{code}
-bin\status.bat
-Running ...
-{code}
-
-h2. Restart
-
-The {{shutdown}} command accepts the {{-r}} ({{--restart}}) option to restart Apache Karaf:
-
-{code}
-karaf@root()> system:shutdown -r
-{code}
-
-{warning:title=Warning}
-This command does not start a new JVM. It simply restarts the OSGi framework.
-{warning}
-
-h2. SystemMBean
-
-Apache Karaf provides the JMX SystemMBean dedicated to control of the container itself.
-
-The SystemMBean object name is {{org.apache.karaf:type=system}}.
-
-The SystemMBean provides different attributes and operations, especially operations to halt or reboot the container:
-
-* {{reboot()}} reboots Apache Karaf now (without cleaning the cache)
-* {{reboot(time)}} reboots Apache Karaf at a given time (without cleaning the cache). The time format is the same as the time argument of the {{shutdown}} command.
-* {{rebootCleanCache(time)}} reboots Apache Karaf at a given time, including the cleanup of the cache.
-* {{rebootCleanAll(time)}} reboots Apache Karaf at a given time, including the cleanup of the whole data folder.
-* {{halt()}} shutdown Apache Karaf now.
-* {{halt(time)}} shutdown Apache Karaf at a given time. The time format is the same as the time argument of the {{shutdown}} command.
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/karaf/blob/9f08eb9e/manual/src/main/webapp/users-guide/tuning.conf
----------------------------------------------------------------------
diff --git a/manual/src/main/webapp/users-guide/tuning.conf b/manual/src/main/webapp/users-guide/tuning.conf
deleted file mode 100644
index 62095cb..0000000
--- a/manual/src/main/webapp/users-guide/tuning.conf
+++ /dev/null
@@ -1,145 +0,0 @@
-h1. Tuning
-
-h2. Garbage Collection
-
-Like any Java applications, Apache Karaf uses a JVM. An important feature of the JVM is the Garbage Collector.
-
-Apache Karaf default configuration is sized for small to medium needs and to work on most machine.
-
-That's why this default configuration may appear like "small".
-
-By default, Apache Karaf uses:
-
-* {{-Xms128M}}
-* {{-Xmx512M}}
-* {{-XX:+UnlockDiagnosticVMOptions}}
-* {{-XX:+UnsyncloadClass}}
-
-On Sun/Oracle JVM:
-* the Perm size is the JVM default
-
-On IBM JVM and AIX system:
-* {{-Xverify:none}}
-* {{-Xdump:heap}}
-* {{-Xlp}}
-
-For any container, it's always difficult to predict the usage of the resources and the behaviour of the artifacts deployed.
-
-Generally speaking, a good approach for tuning is to enable {{-verbose:gc}} and use tools like VisualVM to identify the potentials
-memory leaks, and see the possible optimisation of the spaces and GC.
-
-You can find introduction about GC here: [http://www.oracle.com/webfolder/technetwork/tutorials/obe/java/gc01/index.html].
-
-h3. Java 6
-
-If you have enough resources available on the machine, a good configuration may be:
-
-* {{-server}}
-* {{-Xmx1024M}}
-* {{-XX:MaxPermSize=640M}}
-* {{-XX:+UseConcMarkSweepGC}}
-* {{-XX:+UseParNewGC}}
-* {{-XX:+CMSClassUnloadingEnabled}}
-
-It will give more resources to Apache Karaf, and avoid some perm space saturation if you do a lot of bundles refresh.
-
-See [http://www.oracle.com/technetwork/java/javase/gc-tuning-6-140523.html] for details about Java 6 tuning.
-
-h3. Java 7
-
-Java 7 introduces a new GC algorithm: the GC1.
-
-Depending of the use cases (and usage of the heap), the new GC1 algorithm can give good performance improvements:
-
-* {{-XX:+UseG1GC}}
-* {{-XX:-UseAdaptiveSizePolicy}}
-
-See [http://docs.oracle.com/javase/7/docs/technotes/guides/vm/G1.html] for details about Java 7 GC1 tuning.
-
-You can find a good article about Java 7 tuning here: [http://java-is-the-new-c.blogspot.de/2013/07/tuning-and-benchmarking-java-7s-garbage.html].
-
-h2. Threads
-
-In high loaded system, the number of threads can be very large.
-
-h3. WebContainer
-
-If you use the Apache Karaf WebContainer, the Jetty connectors create threads to handle the incoming HTTP requests.
-
-The {{etc/jetty.xml}} configuration file allows you to tune the Jetty connector.
-
-For instance, the following connector configuration:
-
-{code}
-    <Call name="addConnector">
-        <Arg>
-            <New class="org.eclipse.jetty.server.nio.SelectChannelConnector">
-                <Set name="host">
-                    <Property name="jetty.host" />
-                </Set>
-                <Set name="port">
-                    <Property name="jetty.port" default="8181" />
-                </Set>
-                <Set name="maxIdleTime">300000</Set>
-                <Set name="Acceptors">2</Set>
-                <Set name="statsOn">false</Set>
-                <Set name="confidentialPort">8443</Set>
-                <Set name="lowResourcesConnections">20000</Set>
-                <Set name="lowResourcesMaxIdleTime">5000</Set>
-            </New>
-        </Arg>
-    </Call>
-{code}
-
-defines the following properties:
-
-* {{maxIdleTime}} is the maximum inactivity time for a connection.
-* {{lowResourcesConnections}} defines the number of connections. If the current number of connections is greater than
- this value, the status is "low on resources". In that case, a new connection timeout is applied: the {{lowResourceMaxIdleTime}}.
-* {{Acceptors}} defines the number of threads for incoming connections.
-
-h3. Apache Camel
-
-For instance, if you use Apache Camel inside Apache Karaf, Camel components can create a lot of threads.
-
-Apache Camel use the notion of {{threadPoolProfile}} to control the threads creation.
-
-For instance, the following Camel configuration defines a pool creation strategy:
-
-{code}
-<threadPoolProfile id="defaultThreadPoolProfile" defaultProfile="true"
-                   poolSize="10" maxPoolSize="20" maxQueueSize="1000"
-                   rejectedPolicy="CallerRuns"/>
-{code}
-
-See the [Apache Camel website|http://camel.apache.org] for details.
-
-h3. Apache CXF
-
-Apache CXF uses workqueues to handle server request/response.
-
-You may see a {{etc/org.apache.cxf.workqueues-default.cfg}} configuration file. It's the default configuration applied
-to all workqueues (a workqueue can be associated to a specific endpoint).
-
-On a workqueue, you can define the following properties about the threads:
-
-* {{org.apache.cxf.workqueue.default.highWaterMark}} defines the maximum number of threads.
-* {{org.apache.cxf.workqueue.default.lowWaterMark}} defines the minimum number of threads.
-* {{org.apache.cxf.workqueue.default.initialSize}} defines the initial number of threads.
-
-See the [Apache CXF website|http://cxf.apache.org] for details.
-
-h2. System packages
-
-The {{etc/jre.properties}} defines the packages directly provided by the JVM.
-
-Most of the time, the default configuration in Apache Karaf is fine and works in most of the use cases.
-
-However, some times, you may want to not use the packages provided by the JVM, but the same packages provided by a bundle.
-
-For instance, the JAXB version provided by the JVM is "old", and you want to use new JAXB bundles.
-
-In that case, you have to comment the packages in {{etc/jre.properties}} to avoid to be provided by the JVM and use the
-ones from the bundles.
-
-

http://git-wip-us.apache.org/repos/asf/karaf/blob/9f08eb9e/manual/src/main/webapp/users-guide/update.conf
----------------------------------------------------------------------
diff --git a/manual/src/main/webapp/users-guide/update.conf b/manual/src/main/webapp/users-guide/update.conf
deleted file mode 100644
index d7ee64f..0000000
--- a/manual/src/main/webapp/users-guide/update.conf
+++ /dev/null
@@ -1,5 +0,0 @@
-h1. Update procedure
-
-h2. From Karaf 3.0.x to Karaf 3.0.x
-
-h2. From Karaf 2.2.x to Karaf 3.0.x

http://git-wip-us.apache.org/repos/asf/karaf/blob/9f08eb9e/manual/src/main/webapp/users-guide/urls.conf
----------------------------------------------------------------------
diff --git a/manual/src/main/webapp/users-guide/urls.conf b/manual/src/main/webapp/users-guide/urls.conf
deleted file mode 100644
index a798368..0000000
--- a/manual/src/main/webapp/users-guide/urls.conf
+++ /dev/null
@@ -1,44 +0,0 @@
-h1. Artifacts repositories and URLs
-
-// TODO temp
-The main information provided by a feature is the set of OSGi bundles that defines the application.  Such bundles are URLs pointing to the actual bundle jars.  For example, one would write the following definition:
-{code:lang=xml}
-<bundle>http://repo1.maven.org/maven2/org/apache/servicemix/nmr/org.apache.servicemix.nmr.api/1.0.0-m2/org.apache.servicemix.nmr.api-1.0.0-m2.jar</bundle>
-{code}
-Doing this will make sure the above bundle is installed while installing the feature.
-
-However, Karaf provides several URL handlers, in addition to the usual ones (file, http, etc...). One of these is the Maven URL handler, which allow reusing maven repositories to point to the bundles.
-
-You can deploy bundles from file system without using Maven
-
-As we can use file: as protocol handler to deploy bundles, you can use the following syntax to deploy bundles when they are
-located in a directory which is not available using Maven
-
-{code:lang=xml}
-<bundle>file:base/bundles/org.apache.servicemix.nmr.api-1.0.0-m2.jar</bundle>
-{code}
-
-Note: The path is relative to the Apache Karaf installation directory
-
-h4. Maven URL Handler
-
-The equivalent of the above bundle would be:
-{code:lang=xml}
-<bundle>mvn:org.apache.servicemix.nmr/org.apache.servicemix.nmr.api/1.0.0-m2</bundle>
-{code}
-
-In addition to being less verbose, the Maven url handlers can also resolve snapshots and can use a local copy of the jar if one is available in your Maven local repository.
-
-The {{org.ops4j.pax.url.mvn}} bundle resolves {{mvn}} URLs. It can be configured using the file {{etc/org.ops4j.pax.url.cfg}}
-
-The most important property is :
-
-* {{org.ops4j.pax.url.mvn.repositories}} : Comma separated list of repository remote repository URLs that are checked in order of occurence when resolving maven artifacts
-
-By default, snapshots are disabled. To enable an URL for snapshots append @snapshots to a repository entry. For example
-
-{code}
-http://www.example.org/repo@snapshots
-{code}
-
-Repositories on the local machine are supported through {{file:/}} URLs.
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/karaf/blob/9f08eb9e/manual/src/main/webapp/users-guide/webconsole.conf
----------------------------------------------------------------------
diff --git a/manual/src/main/webapp/users-guide/webconsole.conf b/manual/src/main/webapp/users-guide/webconsole.conf
deleted file mode 100644
index a97d3bc..0000000
--- a/manual/src/main/webapp/users-guide/webconsole.conf
+++ /dev/null
@@ -1,48 +0,0 @@
-h1. WebConsole
-
-Apache Karaf provides an optional WebConsole.
-
-This WebConsole provides a graphical web GUI to see and manage your Apache Karaf container.
-
-You can use the WebConsole to:
-
-* manage Apache Karaf features
-* manage OSGi bundles
-* manage the instances
-* manage the confgurations
-* manage the log service
-
-The WebConsole is extensible via a plugins system. Some applications can add new pages to the WebConsole.
-For instance, Apache Karaf Cellar provides additional pages to administrate cluster groups, nodes, etc.
-
-h2. Installation
-
-To enable the Apache Karaf WebConsole, you just have to install the {{webconsole}} feature:
-
-{code}
-karaf@root()> feature:install webconsole
-{code}
-
-The {{webconsole}} feature automatically installs the {{http}} feature (see the [WebContainer section|webcontainer] for details).
-
-h2. Access
-
-The Apache Karaf WebConsole uses the WebContainer port number (see the [WebContainer section|webcontainer] for details)
-with the {{/system/console}} context.
-
-By default, the Apache Karaf WebContainer port number is {{8181}}.
-
-It means that the Apache Karaf WebConsole is accessible on the following URL:
-
-[http://localhost:8181/system/console]
-
-As the Apache Karaf WebConsole uses the security framework, an username and password will be prompted.
-
-You have to enter an username/password from the {{karaf}} realm. By default, you can use {{karaf}}/{{karaf}}.
-
-See the [Security section|security] for details.
-
-{warning}
-Only users with the {{admin}} role are allowed to logon on the Apache Karaf WebConsole.
-Right now, the WebConsole doesn't use RBAC system as we have for console commands, or MBeans.
-{warning}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/karaf/blob/9f08eb9e/manual/src/main/webapp/users-guide/webcontainer.conf
----------------------------------------------------------------------
diff --git a/manual/src/main/webapp/users-guide/webcontainer.conf b/manual/src/main/webapp/users-guide/webcontainer.conf
deleted file mode 100644
index 64f8f6c..0000000
--- a/manual/src/main/webapp/users-guide/webcontainer.conf
+++ /dev/null
@@ -1,275 +0,0 @@
-h1. WebContainer (JSP/Servlet)
-
-Apache Karaf can act a complete WebContainer, fully supporting JSP/Servlet specification.
-
-Apache Karaf WebContainer supports both:
-
-* WAB (WebApplication Bundles) which are OSGi native web applications
-* WAR (WebApplication aRchives) which are non-OSGi web applications (the same as you can deploy in any web container like Apache Tomcat)
-
-To enable the Apache Karaf WebContainer, you just have to install the {{war}} feature:
-
-{code}
-karaf@root()> feature:install war
-{code}
-
-NB: the installation of the {{webconsole}} feature automatically installs the {{war}} feature.
-
-The {{war}} feature provides:
-
-* an embedded web container (powered by Jetty), with its configuration
-* a set of console commands
-* a new war deployer
-
-h2. Configuration
-
-The default port used by the WebContainer is 8181.
-
-The WebContainer configuration is in the {{etc/jetty.xml}} configuration file.
-
-The {{etc/jetty.xml}} is a standard Eclipse Jetty configuration file.
-
-The default Apache Karaf WebContainer {{etc/jetty.xml}} contains:
-
-{code:lang=xml}
-<?xml version="1.0"?>
-<!--
- Licensed to the Apache Software Foundation (ASF) under one
- or more contributor license agreements.  See the NOTICE file
- distributed with this work for additional information
- regarding copyright ownership.  The ASF licenses this file
- to you under the Apache License, Version 2.0 (the
- "License"); you may not use this file except in compliance
- with the License.  You may obtain a copy of the License at
-
-   http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing,
- software distributed under the License is distributed on an
- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- KIND, either express or implied.  See the License for the
- specific language governing permissions and limitations
- under the License.
--->
-<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//
-DTD Configure//EN" "http://jetty.mortbay.org/configure.dtd">
-
-<Configure class="org.eclipse.jetty.server.Server">
-
-    <!-- =========================================================== -->
-    <!-- Set connectors -->
-    <!-- =========================================================== -->
-    <!-- One of each type! -->
-    <!-- =========================================================== -->
-
-    <!-- Use this connector for many frequently idle connections and for
-        threadless continuations. -->
-    <Call name="addConnector">
-        <Arg>
-            <New class="org.eclipse.jetty.server.nio.SelectChannelConnector">
-                <Set name="host">
-                    <Property name="jetty.host" />
-                </Set>
-                <Set name="port">
-                    <Property name="jetty.port" default="8181" />
-                </Set>
-                <Set name="maxIdleTime">300000</Set>
-                <Set name="Acceptors">2</Set>
-                <Set name="statsOn">false</Set>
-                <Set name="confidentialPort">8443</Set>
-                <Set name="lowResourcesConnections">20000</Set>
-                <Set name="lowResourcesMaxIdleTime">5000</Set>
-            </New>
-        </Arg>
-    </Call>
-
-    <!-- =========================================================== -->
-    <!-- Configure Authentication Realms -->
-    <!-- Realms may be configured for the entire server here, or -->
-    <!-- they can be configured for a specific web app in a context -->
-    <!-- configuration (see $(jetty.home)/contexts/test.xml for an -->
-    <!-- example). -->
-    <!-- =========================================================== -->
-    <Call name="addBean">
-        <Arg>
-            <New class="org.eclipse.jetty.plus.jaas.JAASLoginService">
-                <Set name="name">karaf</Set>
-                <Set name="loginModuleName">karaf</Set>
-                <Set name="roleClassNames">
-                    <Array type="java.lang.String">
-                        <Item>org.apache.karaf.jaas.boot.principal.RolePrincipal
-                        </Item>
-                    </Array>
-                </Set>
-            </New>
-        </Arg>
-    </Call>
-    <Call name="addBean">
-        <Arg>
-            <New class="org.eclipse.jetty.plus.jaas.JAASLoginService">
-                <Set name="name">default</Set>
-                <Set name="loginModuleName">karaf</Set>
-                <Set name="roleClassNames">
-                    <Array type="java.lang.String">
-                        <Item>org.apache.karaf.jaas.boot.principal.RolePrincipal
-                        </Item>
-                    </Array>
-                </Set>
-            </New>
-        </Arg>
-    </Call>
-
-</Configure>
-{code}
-
-The {{SelectChannelConnector}} defines the default connector of the WebContainer.
-
-This connector defines the 8181 port number for the HTTP protocol ({{port}} property), and the 8443 port number for the
-HTTPS protocol ({{confidentialPort}} property).
-
-By default, Apache Karaf bind these ports on all network interfaces ({{0.0.0.0}}). You can config the {{host}} property
-to bind on a specific network interface (with a given IP address).
-
-The following resources give you details about advanced {{etc/jetty.xml}} configurations:
-
-* [Standard configuration|http://wiki.eclipse.org/Jetty/Howto/Configure_Jetty]
-* [Enable SSL|http://wiki.eclipse.org/Jetty/Howto/Configure_SSL]
-* [Reference|http://wiki.eclipse.org/Jetty/Reference/jetty.xml_syntax]
-
-h2. Deploy
-
-Apache Karaf WebContainer is able to deploy:
-
-* pure OSGi WebApplication Bundle (WAB)
-* "classical" standard WebApplication aRchive (WAR)
-
-h3. WAB (WebApplication Bundle)
-
-A WAB is a standard WAR or JAR archive containing at least the following properties in the MANIFEST:
-
-* {{Bundle-ManifestVersion: 2}} defines that the bundle follows the rules of R4 specification.
-* {{Bundle-SymbolicName}} specifies a unique, non-localizable name for the bundle. This name should be based on the
- reverse domain name convention.
-* {{Web-ContextPath}} specifies the location of the web application.
-
-WAB can be deployed directly in Apache Karaf, for instance, by dropping the archive in the {{deploy}} folder, or using the
-{{bundle:install}} command.
-
-For instance, the Apache Karaf manual (documentation) is available as a WAB that you can deploy directly in a running instance:
-
-{code}
-karaf@root()> bundle:install -s mvn:org.apache.karaf/manual/3.0.0/war
-{code}
-
-h3. WAR (WebApplication aRchive)
-
-Apache Karaf allows you to deploy directly WAR files without repackaging as WAB.
-
-Using the {{webbundle}} prefix and providing headers directly on the URL, Apache Karaf creates a WAB "on the fly".
-
-For instance, you can deploy the Apache Tomcat sample non-OSGi "classical" WAR with the following command:
-
-{code}
-karaf@root()> bundle:install -s "webbundle:http://tomcat.apache.org/tomcat-7.0-doc/appdev/sample/sample.war?Bundle-SymbolicName=tomcat-sample&Web-ContextPath=/sample"
-{code}
-
-You can note the {{webbundle}} prefix, and the {{Bundle-SymbolicName}} and {{Web-ContextPath}} headers on the URL.
-
-h2. Commands
-
-h3. {{http:list}}
-
-The {{http:list}} lists the available Servlets deployed in the WebContainer.
-
-For instance, if you have installed the Apache Karaf WebConsole, you can see the WebConsole Servlets:
-
-{code}
-karaf@root()> http:list
-ID  | Servlet          | Servlet-Name   | State       | Alias               | Url
------------------------------------------------------------------------------------------------------
-113 | ResourceServlet  | /res           | Deployed    | /system/console/res | [/system/console/res/*]
-113 | KarafOsgiManager | ServletModel-2 | Undeployed  | /system/console     | [/system/console/*]
-113 | KarafOsgiManager | ServletModel-5 | Deployed    | /system/console     | [/system/console/*]
-{code}
-
-The {{ID}} is the ID of the bundle which provides the servlet ({{113}} here).
-
-The {{State}} is the current state of the Servlet ({{Deployed}} or {{Undeployed}}).
-
-The {{Url}} is the URL where the Servlet is available.
-
-h3. {{web:list}}
-
-The {{web:list}} command lists the WebApplication Bundles ("native" WAB or "wrapped WAR") deployed in the WebContainer.
-
-For instance, if you installed the Apache Karaf manual WAR file as described previously, you can see it with {{web:list}}:
-
-{code}
-karaf@root()> web:list
-ID  | State       | Web-State   | Level | Web-ContextPath | Name
----------------------------------------------------------------------------------------------------
-111 | Active      | Deployed    | 80    | /karaf-doc      | Apache Karaf :: Manual (3.0.0)
-{code}
-
-h3. {{web:stop}}
-
-The {{web:stop}} command stops a web application in the WebContainer. The {{web:stop}} command expects a {{id}} argument
-corresponding to the bundle ID (as displayed by the {{web:list}} command).
-
-For instance, to stop the Apache Karaf manual web application:
-
-{code}
-karaf@root()> web:stop 111
-{code}
-
-h3. {{web:start}}
-
-The {{web:start}} command starts a web application in the WebContainer. The {{web:start}} command expects a {{id}} argument
-corresponding to the bundle ID (as displayed by the {{web:list}} command).
-
-For instance, to start the Apache Karaf manual web application:
-
-{code}
-karaf@root()> web:start 111
-{code}
-
-h2. JMX HttpMBean
-
-On the JMX layer, you have a MBean dedicated to the manipulation of the Servlets: the HttpMBean.
-
-The ObjectName to use is {{org.apache.karaf:type=http,name=*}}.
-
-h3. Attributes
-
-The {{Servlets}} attribute provides a tabular data providing the list of deployed Servlets including:
-
-* {{Alias}} is the Servlet URL alias.
-* {{Bundle-ID}} is the ID of the bundle which provides this Servlet.
-* {{Servlet}} is the class name of the Servlet.
-* {{State}} is the current Servlet state ({{Deployed}} or {{Undeployed}}).
-* {{URL}} is the URL of the Servlet (the Servlet context path).
-
-h2. JMX WebMBean
-
-On the JMX layer, you have a MBean dedicated to the manipulation of the Web Applications: the WebMBean.
-
-The ObjectName to use is {{org.apache.karaf:type=web,name=*}}.
-
-h3. Attributes
-
-The {{WebBundles}} attribute provides a tabular data providing the list of deployed Web Applications including:
-
-* {{ID}} is the ID of the bundle providing the Web Application.
-* {{Level}} is the bundle start level.
-* {{Name}} is the bundle symbolic name providing the Web Application.
-* {{State}} is the current state of the bundle.
-* {{Web-ContextPath}} is the context path of the Web Application.
-* {{Web-State}} is the current status of the Web Application ({{Deployed}} or {{Undeployed}}).
-
-h3. Operations
-
-* {{start(id)}} starts the web context of the bundle with {{id}}.
-* {{start(list)}} starts the web context of the bundles with ID in the provided {{list}}.
-* {{stop(id)}} stops the web context of the bundle with {{id}}.
-* {{stop(list)}} stops the web context of the bundles with ID in the provided {{list}}.
-


Mime
View raw message