; Wed, 12 Dec 2012 09:17:31 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r841833 [3/28] - in /websites/staging/sling/trunk/content: ./ site/ site/46-line-blog.data/ site/authentication.data/ site/documentation.data/ site/first-steps.data/ site/getting-and-building-sling.data/ site/how-to-manage-events-in-sling.d... Date: Wed, 12 Dec 2012 09:17:17 -0000 To: commits@sling.apache.org From: buildbot@apache.org X-Mailer: svnmailer-1.0.8-patched Message-Id: <20121212091731.3856C2388ABA@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Added: websites/staging/sling/trunk/content/site/authentication-actors.html ============================================================================== --- websites/staging/sling/trunk/content/site/authentication-actors.html (added) +++ websites/staging/sling/trunk/content/site/authentication-actors.html Wed Dec 12 09:16:44 2012 @@ -0,0 +1,140 @@ + + + + + Apache Sling - Authentication - Actors + + + + + +

+ +

+Apache Sling Website > Apache Sling > Documentation > The Sling Engine > Authentication > Authentication - Actors +

Actors

+ +

The authentication process involves a number of actors contributing to the concepts, the API and the particular implementations.

+ + +

OSGi Http Service Specification

+ +

The main support for authentication is defined by the OSGi Http Service specification. This specification defines how an OSGi application can register servlets and resources to build web applications. As part of the servlet and/or resource registration a HttpContext may be provided, which allows for additional support.

+ +

The main method of interest to the authentication process is the handleSecurity method. This is called by the OSGi Http Service implementation before the registered servlet is called. Its intent is to authenticate the request and to provide authentication information for the request object: the authentication type and the remote user name.

+ +

The Sling Commons Auth bundle provides the AuthenticationSupport service which may be used to the implement the HttpContext.handleSecurity method.

+ + +

Sling Engine

+ +

The Sling Engine implements the main entry point into the Sling system by means of the SlingMainServlet. This servlet is registered with the OSGi Http Service and provides a custom HttpContext whose handleSecurity method is implemented by the AuthenticationSupport service.

+ +

When the request hits the service method of the Sling Main Servlet, the resource resolver provided by the AuthenticationSupport service is retrieved from the request attributes and used as the resource resolver for the request.

+ +

That's all there is for the Sling Engine to do with respect to authentication.

+ + +

Sling Commons Auth

+ +

The support for authenticating client requests is implemented in the Sling Commons Auth bundle. As such this bundle provides three areas of support

+ +

AuthenticationHandler service interface. This is implemented by services providing functionality to extract credentials from HTTP requests.
Authenticator service interface. This is implemented by the SlingAuthenticator class in the Commons Auth bundle and provides applications with entry points to login and logout.
AuthenticationSupport service interface. This is implemented by the SlingAuthenticator class in the Commons Auth bundle and allows applications registering with the OSGi HTTP Service to make use of the Sling authentication infrastructure.

+ + + +

JCR Repository

+ +

The actual process of logging into the repository and provided a Session is implementation dependent. In the case of Jackrabbit extensibility is provided by configuration of the Jackrabbit repository by means of an interface and two helper classes:

+ +

LoginModule – The interface to be implemented to provide login processing plugins
AbstractLoginModule – A an abstract base class implementation of the LoginModule interface.
DefaultLoginModule – The default implementation of the AbstractLoginModule provided by Jackabbit. This login module takes SimpleCredentials and uses the repository to lookup the users, validate the credentials and providing the Principal representing the user towards the repository.

+ + +

The Sling Jackrabbit Embedded Repository bundle provides additional plugin interfaces to extend the login process dynamically using OSGi services. To this avail the bundle configures a LoginModule with the provided default Jackrabbit configuration supporting these plugins:

+ +

LoginModulePlugin – The main service interface. Plugins must implement this interface to be able to extend the login process. See for example the Sling OpenID authentication handler, which implements this interface to support OpenID authentication.
AuthenticationPlugin – Helper interface for the LoginModulePlugin.

+ + + +

Sling Applications

+ +

Sling Applications requiring authenticed requests should not care about how authentication is implemented. To support such functionality the Authenticator service is provided with two methods:

+ +

login – allows the application to ensure requests are authenticated. This involves selecting an AuthenticationHandler to request credentials for authentication.

+ + +

logout – allows the application to forget about any authentication. This involves selecting an AuthenticationHandler to forget about credentials in the request.

+ + +

Sling Applications should never directly use any knowledge of any authentication handler or directly call into an authentication handler. This will certainly break the application and cause unexpected behaviour.

+ +

If you want to know whether a request is authenticated or not, you can inspect the result of the HttpServletRequest.getAuthType method: If this method returns null the request is not authenticated.

+Last modified by fmeschbe on 2010-02-01 13:32:17.0 +

+Apache Sling, Sling, Apache, the Apache feather logo, and the Apache Sling project logo are trademarks of The Apache Software Foundation. All other marks mentioned may be trademarks or registered trademarks of their respective owners. +

+ + + Added: websites/staging/sling/trunk/content/site/authentication-authenticationhandler.html ============================================================================== --- websites/staging/sling/trunk/content/site/authentication-authenticationhandler.html (added) +++ websites/staging/sling/trunk/content/site/authentication-authenticationhandler.html Wed Dec 12 09:16:44 2012 @@ -0,0 +1,252 @@ + + + + + Apache Sling - Authentication - AuthenticationHandler + + + + + +

+ +

+Apache Sling Website > Apache Sling > Documentation > The Sling Engine > Authentication > Authentication - AuthenticationHandler +

AuthenticationHandler

+ +

The AuthenticationHandler interface defines the service API which may be implemented by authentication handlers registered as OSGi services.

+ +

AuthenticationHandler services have a single required service registration property which is used to identify requests to which the AuthenticationHandler service is applicable:

+ +

+ + + + + + + + + +

path One or more (array or vector) string values indicating the request URLs to which the AuthenticationHandler is applicable.

authtype The authentication type implemented by this handler. This is a string value property and should be the same as will be used as the authentication type of the AuthenticationInfo object provided by the extractCredentials method. If this property is set, the requestCredentials method of the authentication handler is only called if the sling:authRequestLogin request parameter is either not set or is set to the same value as the authtype of the handler. This property is optional. If not set, the requestCredentials method is always called regardless of the value of the sling:authRequestLogin request parameter.

+ + +

Each path may be an absolute URL, an URL with just the host/port and path or just a plain absolute path:

+ +

+ + + + + + + + + + + + + + + + + + + + + + + + + +

URL part	Scheme	Host/Port	Path
Absolute URL	must match	must match	request URL path is prefixed with the path
Host/Port with Path	ignored	must match	request URL path is prefixed with the path
Path	ignored	ignored	request URL path is prefixed with the path

+ + +

When looking for an AuthenticationHandler the authentication handler is selected whose path is the longest match on the request URL. If the service is registered with Scheme and Host/Port, these must exactly match for the service to be eligible. If multiple AuthenticationHandler services are registered with the same length matching path, the handler with the higher service ranking is selected + + +^{+
+ 1
+
+} +.

+ +

The value of path service registration property value triggering the call to any of the AuthenticationHandler methods is available as the path request attribute (for the time of the method call only). If the service is registered with multiple path values, the value of the path request attribute may be used to implement specific handling.

+ + +

Implementations provided by Sling

+ +

+ + +

Sample implementations

+ + +

HTTP Basic Authentication Handler

+ +

extractCredentials – Get user name and password from the Authorization HTTP header
requestCredentials – Send a 401/UNAUTHORIZED status with WWW-Authenticate response header setting the Realm
dropCredentials – Send a 401/UNAUTHORIZED status with WWW-Authenticate response header setting the Realm

+ + +

Interestingly the dropCredentials method is implemented in the same way as the requestCredentials method. The reason for this is, that HTTP Basic authentication does not have a notion of login and logout. Rather the request is accompanied with an Authorization header or not. The contents of this header is usually cached by the client browser. So logout is actually simulated by sending a 401/UNAUTHORIZED status thus causing the client browser to clear the cache and ask for user name and password.

+ + +

Form Based Authentication Handler

+ + +

extractCredentials – Get user name and password with the help of a special cookie (note, that of course the cookie should not contain this data, but refer to it in an internal store of the authentication handler). If the cookie is not set, check for specific login parameters to setup the cookie.
requestCredentials – Send the login form for the user to provide the login parameters.
dropCredentials – Clear the authentication cookie and internal store.

+ + + +

+ + + + + + + + + + + + + +
Footnotes
Reference Notes
+ + 1 + + + Service ranking is defined by the OSGi Core Specification as follows: If multiple qualifying service interfaces exist, a service with the highest service.ranking number, or when equal to the lowest service.id, determines which service object is returned by the Framework. +

Footnotes
Reference	Notes
+ + 1 + +	+ Service ranking is defined by the OSGi Core Specification as follows: If multiple qualifying service interfaces exist, a service with the highest `service.ranking` number, or when equal to the lowest `service.id`, determines which service object is returned by the Framework. +

+Last modified by fmeschbe on 2010-02-16 12:49:30.0 +

+ + + Added: websites/staging/sling/trunk/content/site/authentication-framework.html ============================================================================== --- websites/staging/sling/trunk/content/site/authentication-framework.html (added) +++ websites/staging/sling/trunk/content/site/authentication-framework.html Wed Dec 12 09:16:44 2012 @@ -0,0 +1,261 @@ + + + + + Apache Sling - Authentication - Framework + + + + + +

+ +

+Apache Sling Website > Apache Sling > Documentation > The Sling Engine > Authentication > Authentication - Framework +

Framework

+ +

The core piece of functionality with respect to authentication in Sling is contained in the Sling Commons Auth bundle. This bundle provides the API for Sling and Sling applications to make use of authentication.

+ +

This support encompasses three parts:

+ +

The AuthenticationSupport service provided by the SlingAuthenticator class. This service can be used by implementations of the OSGi HttpContext interface to delegate authentication.
The Authenticator service also provided by the SlingAuthenticator class. This service may be used by Sling Applications to help clients login and logout.
The AuthenticationHandler service interface. These services may be implemented by extensions to support various ways for transporting credentials from clients to the Sling server.

+ + +

This page describes how the SlingAuthenticator class provides the AuthenticationSupport and Authenticator services. For a description of the AuthenticationHandler service interface and the interaction between the SlingAuthenticator and the AuthenticationHandler services refer to the AuthenticationHandler page.

+ +

The SlingAuthenticator class is an internal class of the org.apache.sling.commons.auth bundle and implements the Authenticator and AuthenticationSupport services.

+ + +

AuthenticationSupport

+ +

The AuthenticationSupport service interface defines a single method: handleSecurity. This method is intended to be called by the handleSecurity method of any HttpContext implementation wishing to make use of the Sling Authentication Framework.

+ +

The Sling Authenticator implementation selects an AuthenticationHandler service appropriate for the request and calls the AuthenticationHandler.extractCredentials method to extract the credentials from the request. If no credentials could be extracted, the Sling Authenticator either admits the request as an anonymous request or requests authentication from the client by calling its own login method.

+ + +

The implementation follows this algorithm:

+ +

Select one or more AuthenticationHandler for the request according to the request URL's scheme and authorization part.
Call the extractCredentials method of each authentication handler, where the order of handler call is defined by the length of the registered path: handlers registered with longer paths are called before handlers with shorter paths. The goal is to call the handlers in order from longest request path match to shortest match. Handlers not matching the request path at all are not called.
The first handler returning a non-null AuthenticationInfo result "wins" and the result is used for authentication.
If any AuthenticationInfoPostProcessor services are registered, the AuthenticationInfo object is passed to their postProcess() method.
If no handler returns a non-null result, the request may be handled anonymously. In these cases, an empty AuthenticationInfo object is passed to any AuthenticationInfoPostProcessor services.
(Try to) log into the repository either with the provided credentials or anonymously.
If there were credentials provided and the login was successful, a login event is posted if the AuthenticationInfo object contains a non-null object with the key $$auth.info.login$$ (AuthConstants.AUTH_INFO_LOGIN). This event is posted with the topic org/apache/sling/auth/core/Authenticator/LOGIN. (added in Sling Auth Core 1.1.0)
Set request attributes listed below.

+ + +

Extracting the credentials and trying to login to the repository may yield the following results:

+ +

+ + + + + + + + + + + + + + + + + + + + + + + + + + +

Credentials	Login	Consequence
present	successfull	Continue with an authenticated request
present	failed	Select `AuthenticationHandler` and call `requestCredentials` method
missing	anonymous allowed	Continue with a non authenticated request using anonymous access to the repository
missing	anonymous forbidden	Select `AuthenticationHandler` and call `requestCredentials` method

+ + +

Only one AuthenticationHandler is able to provide credentials for a given request. If the credentials provided by the handler cannot be used to login to the repository, authentication fails and no further AuthenticationHandler is consulted.

+ + +

Request Attributes on Successful Login

+ +

The handleSecurity method gets credentials from the AuthenticationHandler and logs into the JCR repository using those credentials. If the login is successful, the SlingAuthenticator sets the following request attributes:

+ +

+ + + + + + + + + + + + + + + + + + + + + + + + + +

Attribute	Description
`org.osgi.service.http.authentication.remote.user`	The user ID of the JCR Session. This attribute is used by the HTTP Service implementation to implement the `HttpServletRequest.getRemoteUser` method.
`org.osgi.service.http.authentication.type`	The authentication type defined by the `AuthenticationHandler`. This attribute is used by the HTTP Service implementation to implement the `HttpServletRequest.getAuthType` method.
`org.apache.sling.commons.auth.ResourceResolver`	The `ResourceResolver` created from the credentials and the logged in JCR Session. This attribute may be used by servlets to access the repository. Namely the `SlingMainServlet` uses this request attribute to provide the `ResourceResolver` to handle the request.
`javax.jcr.Session`	The JCR Session. This attribute is for backwards compatibility only. Its use is deprecated and the attribute will be removed in future versions.
`org.apache.sling.commons.auth.spi.AuthenticationInfo`	The `AuthenticationInfo` object produced from the `AuthenticationHandler`.

+ + +

NOTE: Do NOT use the javax.jcr.Session request attribute in your Sling applications. This attribute must be considered implementation specific to convey the JCR Session to the SlingMainServlet. In future versions of the Sling Commons Auth bundle, this request attribute will not be present anymore. To get the JCR Session for the current request adapt the request's resource resolver to a JCR Session:

+ +

+Session session = request.getResourceResolver().adaptTo(Session.class);
+

+ + +

Anonymous Login

+ +

The SlingAuthenticator provides high level of control with respect to allowing anonymous requests or requiring authentication up front:

+ +

Global setting of whether anonymous requests are allowed or not. This is the value of the Allow Anonymous Access (auth.annonymous) property of the SlingAuthenticator configuration. This property is supported for backwards compatibility and defaults to true (allowing anonymous access).
Specific configuration per URL. The Authentication Requirements (sling.auth.requirements) property of the SlingAuthenticator configuration may provide a list of URLs for which authentication may be required or not: Any entry prefixed with a dash - defines a subtree for which authentication is not required. Any entry not prefixed with a dash or prefixed with a plus + defines a subtree for which authentication is required up front and thus anonymous access is not allowed. This list is empty by default.
Any OSGi service may provide a sling.auth.requirements registration property which is used to dynamically extend the authentication requirements from the Authentication Requirements configuration. This may for example be set by AuthenticationHandler implementations providing a login form to ensure access to the login form does not require authentication. The value of this property is a single string, an array of strings or a Collection of strings and is formatted in the same way as the Authentication Requirements configuration property.

+ + +

The URLs set on the Authentication Requirements configuration property or the sling.auth.requirements service registration property can be absolute paths or URLs like the path service registration property of AuthenticationHandler services. This allows the limitation of this setup to certain requests by scheme and/or virtual host address.

+ + +

Examples

+ +

The LoginServlet contained in the Commons Auth bundle registers itself with the service registration property sling.auth.requirements = "-/system/sling/login" to ensure the servlet can be accessed without requiring authentication.

+ + +

An authentication handler may register itself with the service registration property sling.auth.requirements = "-/apps/sample/loginform" to ensure the login form can be rendered without requiring authentication.

+ + + + +

Authenticator implementation

+ +

The implementation of the Authenticator interface is similar for both methods:

+ +

login

+ +

Select one or more AuthenticationHandler for the request according to the request URL's scheme and authorization part.
Call the requestCredentials method of each authentication handler, where the order of handler call is defined by the length of the registered path: handlers registered with longer paths are called before handlers with shorter paths. The goal is to call the handlers in order from longest request path match to shortest match. Handlers not matching the request path at all are not called.
As soon as the first handlers returns true, the process ends and it is assumed credentials have been requested from the client.

+ + +

The login method has three possible exit states:

+ +

+ + + + + + + + + + + + + + + + + +

Exit State	Description
Normal	An `AuthenticationHandler` could be selected to which the login request could be forwarded.
`NoAuthenticationHandlerException`	No `AuthenticationHandler` could be selected to forward the login request to. In this case, the caller can proceed as appropriate. For example a servlet, which should just login a user may send back a 403/FORBIDDEN status because login is not possible. Or a 404/NOT FOUND handler, which tried to login as a fallback, may continue and send back the regular 404/NOT FOUND response.
`IllegalStateException`	The response has already been committed and the login request cannot be processed. Normally to request login, the current response must be reset and a new response has to be prepared. This is only possible if the request has not yet been committed.

+ + + +

logout

Select one or more AuthenticationHandler for the request according to the request URL's scheme and authorization part.
Call the dropCredentials method of each authentication handler, where the order of handler call is defined by the length of the registered path: handlers registered with longer paths are called before handlers with shorter paths. The goal is to call the handlers in order from longest request path match to shortest match. Handlers not matching the request path at all are not called.

+ + +

Unlike for the login method in the logout method case all AuthenticationHandler services selected in the first step are called. If none can be selected or none can actually handle the dropCredentials request, the logout silently returns.

+ +

+Last modified by justinedelson on 2012-01-24 22:09:01.0 +

+ + + Added: websites/staging/sling/trunk/content/site/authentication-tasks.html ============================================================================== --- websites/staging/sling/trunk/content/site/authentication-tasks.html (added) +++ websites/staging/sling/trunk/content/site/authentication-tasks.html Wed Dec 12 09:16:44 2012 @@ -0,0 +1,94 @@ + + + + + Apache Sling - Authentication - Tasks + + + + + +

+ +

+Apache Sling Website > Apache Sling > Documentation > The Sling Engine > Authentication > Authentication - Tasks +

Tasks

+ +

Authentication of HTTP Requests is generally a two-step process: First the credentials must be extracted from the request and second the credentials must be validated. In the case of Sling this means acquiring a JCR Session.

+ +

Extract Credentials from the Request

+ +

Implemented and controlled by the Sling Commons Auth bundle
Takes HttpServletRequest
Provides credentials for futher processing (basically JCR Credentials and Workspace name)
Extensible with the help of AuthenticationHandler services

+ + + +

Login to the JCR Repository

+ +

Implemented and controlled by the JCR Repository
Takes JCR Credentials and Workspace name
Provides a JCR Session
Implementation dependent process. Jackrabbit provides extensibility based on LoginModules; Sling's Embedded Jackrabbit Repository bundle provides extensibility with LoginModulePlugin services.

+ + +

Currently the credentials are always verified by trying to login to the JCR repository. Once an ResourceResolverFactory API has been added, the process of validating the credentials and logging in is actualy replaced by a process of requesting a ResourceResolver from the ResourceResolverFactory. Of course, the JCR Repository will still be the main underlying repository and as such be used to validate the credentials and get a JCR Session.

+Last modified by fmeschbe on 2010-02-01 11:57:35.0 +

+ + + Added: websites/staging/sling/trunk/content/site/authentication.data/authentication.png ============================================================================== Binary file - no diff available. Propchange: websites/staging/sling/trunk/content/site/authentication.data/authentication.png ------------------------------------------------------------------------------ svn:mime-type = image/png Added: websites/staging/sling/trunk/content/site/authentication.data/authentication.png.jpeg ============================================================================== Binary file - no diff available. Propchange: websites/staging/sling/trunk/content/site/authentication.data/authentication.png.jpeg ------------------------------------------------------------------------------ svn:mime-type = image/jpeg Added: websites/staging/sling/trunk/content/site/authentication.html ============================================================================== --- websites/staging/sling/trunk/content/site/authentication.html (added) +++ websites/staging/sling/trunk/content/site/authentication.html Wed Dec 12 09:16:44 2012 @@ -0,0 +1,100 @@ + + + + + Apache Sling - Authentication + + + + + +

+ +

+Apache Sling Website > Apache Sling > Documentation > The Sling Engine > Authentication +

Authentication

+ + + +

This section describes the framework provided by Sling to authenticate HTTP requests.

+ +

Let's look at generic request processing of Sling: Sling is linked into the outside world by registering the Sling Main Servlet – implemented by the SlingMainServlet class in the Sling Engine bundle – with an OSGi HttpService. This registration is accompanyied with an implementation instance of the OSGi HttpContext interface, which defines a method to authenticate requests: handleSecurity.

+ +

This method is called by the OSGi HTTP Service implementation after the servlet has been selected to handle the request but before actually calling the servlet's service method.

+ + + +

First the OSGi HTTP Service implementation is analyzing the request URL to find a match for a servlet or resource registered with the HTTP Service.
Now the HTTP Service implementation has to call the handleSecurity method of the HttpContext object with which the servlet or resource has been registered. This method returns true if the request should be serviced. If this method returns false the HTTP Service implementation terminates the request sending back any response which has been prepared by the handleSecurity method. Note, that the handleSecurity method must prepare the failure response sent to the client, the HTTP Service adds nothing here. If the handleSecurity method is successful, it must add two (or three) request attributes described below.
When the handleSecurity method returns true the HTTP Service either calls the Servlet.service method or sends back the requested resource depending on whether a servlet or a resource has been selected in the first step.

+ +

The important thing to note here is, that at the time the handleSecurity method is called, the SlingMainServlet is not yet in control of the request. So any functionality added by the SlingMainServlet, notably the SlingHttpServletRequest and SlingHttpServletResponse objects are not available to the implementation of the handleSecurity method.

+ +

The following pages describe the full details of request authentication in Sling in full detail:

+ +

Tasks: Authentication of HTTP Requests is generally a two-step process: First the credentials must be extracted from the request and second the credentials must be validated. In the case of Sling this means acquiring a JCR Session.
Actors: The authentication process involves a number of actors contributing to the concepts, the API and the particular implementations.
Framework: The core piece of functionality with respect to authentication in Sling is contained in the Sling Commons Auth bundle. This bundle provides the API for Sling and Sling applications to make use of authentication.
AuthenticationHandler: The AuthenticationHandler interface defines the service API which may be implemented by authentication handlers registered as OSGi services.

+ +

+Last modified by fmeschbe on 2010-02-01 11:55:33.0 +

+ + + Added: websites/staging/sling/trunk/content/site/bundle-resources-extensionsbundleresource.html ============================================================================== --- websites/staging/sling/trunk/content/site/bundle-resources-extensionsbundleresource.html (added) +++ websites/staging/sling/trunk/content/site/bundle-resources-extensionsbundleresource.html Wed Dec 12 09:16:44 2012 @@ -0,0 +1,130 @@ + + + + + Apache Sling - Bundle Resources (extensions.bundleresource) + + + + + +

+ +

+Apache Sling Website > Apache Sling > Documentation > Bundles > Bundle Resources (extensions.bundleresource) +

Bundle Resources

+ +

Introduction
Resource Types
Adapters
Configuration

+ +

Introduction

+ +

The Bundle Resource Provider provides access to files/directories included in an OSGi bundle through the Sling ResourceResolver.

+ +

Resource Types

+ +

Files and directories are mapped into the resource tree as regular Resource instances whose resource type depends on the actual nature of the mapped resource:

+ +

Regular files are assigned the nt:file resource type
Directories are assigned the nt:folder resource type

+ + + +

Adapters

+ +

Filesystem resources extend from Sling's AbstractResource class and thus are adaptable to any type for which an AdapterFactory is registered supporting bundle resources. In addition BundleResource support the following adapters natively:

+ +

java.net.URL – A valid bundle:// URL to the resource in the bundle.
java.io.InputStream – An InputStream to read file contents. Doesn't apply to folders.

+ + + +

Configuration

+ +

Providing bundles have a Bundle manifest header Sling-Bundle-Resources containing a list of absolute paths provided by the bundle. The paths are separated by comma or whitespace (SP, TAB, VTAB, CR, LF).

+ +

Example (manifest.mf):

+ +

+...
+Sling-Bundle-Resources: /libs/sling/explorer,                         
+    /libs/sling/servlet/default/explorer
+...
+

+ +

It's also possible to map resources from the bundle to a different location in the resource tree. In this case the path has to be extended with a path attrribute to declare where the resources are in the bundle:

+ +

+...
+Sling-Bundle-Resources: /somepath/inthe/resourcetree;path:=/path/inthe/bundle
+...
+

+ +

The Bundle Resource Provider also has a web console plugin through which the currently installed bundles can be seen.

+Last modified by justinedelson on 2010-08-25 08:39:51.0 +

+ + + Added: websites/staging/sling/trunk/content/site/bundles.html ============================================================================== --- websites/staging/sling/trunk/content/site/bundles.html (added) +++ websites/staging/sling/trunk/content/site/bundles.html Wed Dec 12 09:16:44 2012 @@ -0,0 +1,114 @@ + + + + + Apache Sling - Bundles + + + + + +

+ +