Dear Wiki user, You have subscribed to a wiki page or wiki category on "Turbine Wiki" for change notification.
The "Turbine4/Turbine4.0M1/Migrate233" page has been changed by ThomasVandahl: https://wiki.apache.org/turbine/Turbine4/Turbine4.0M1/Migrate233?action=diff&rev1=16&rev2=17 <xmlPath>WEB-INF/conf/intake2.xml</xmlPath> </xmlPaths> </intake> + }}} + + === SecurityService === + + The !TurbineSecurityService has been replaced with the [[http://turbine.apache.org/fulcrum/fulcrum-security/index.html|Fulcrum Security Components]]. The following example shows the default configuration of the ''!SecurityService'' before and after the migration. For details of the configuration options available see the [[http://turbine.apache.org/fulcrum/fulcrum-security/index.html|Fulcrum Security Site]]. + + `TurbineResources.properties`: + + {{{#!properties + services.SecurityService.classname=org.apache.turbine.services.security.torque.TorqueSecurityService + + # ------------------------------------------------------------------- + # + # S E C U R I T Y S E R V I C E + # + # ------------------------------------------------------------------- + + # + # This is the class that implements the UserManager interface to + # manage User objects. Default is the UserManager from the + # DBSecurityService. + # Override this setting if you want your User information stored + # on a different medium (LDAP directory is a good example). + # + # Adjust this setting if you change the Setting of the SecurityService class (see above). + + # Default: org.apache.turbine.services.security.db.DBUserManager + services.SecurityService.user.manager = org.apache.turbine.services.security.torque.TorqueUserManager + + # + # These are the default classes used by the Security Service to + # provide User, Group, Role and Permission objects. + # You want to override this setting only if you want your + # implementation to provide application specific addtional + # functionality. + # + # Class for User. Default: org.apache.turbine.om.security.TurbineUser + services.SecurityService.user.class=org.apache.turbine.services.security.torque.TorqueUser + # Class for Group. Default: org.apache.turbine.om.security.TurbineGroup + services.SecurityService.group.class=org.apache.turbine.services.security.torque.TorqueGroup + # Class for Role. Default: org.apache.turbine.om.security.TurbineRole + services.SecurityService.role.class=org.apache.turbine.services.security.torque.TorqueRole + # Class for Permission. Default: org.apache.turbine.om.security.TurbinePermission + services.SecurityService.permission.class=org.apache.turbine.services.security.torque.TorquePermission + + # + # This is the class that implements the ACL interface. + # You want to override this setting only if you want your ACL + # implementation to provide application specific addtional + # functionality. + # + + # Default: org.apache.turbine.util.security.TurbineAccessControlList + services.SecurityService.acl.class = org.apache.turbine.util.security.TurbineAccessControlList + + # + # This is used by the SecurityService to make the password checking + # secure. When enabled, passwords are transformed by a one-way + # function into a sequence of bytes that is base64 encoded. + # It is impossible to guess the plain-text form of the password + # from the representation. When user logs in, the entered password + # is transformed the same way and then compared with stored value. + # + # Default: false + # + + services.SecurityService.secure.passwords=false + + # + # This property lets you choose what digest algorithm will be used + # for encrypting passwords. Check documentation of your JRE for + # available algorithms. + # + # Default: SHA + # + + services.SecurityService.secure.passwords.algorithm=SHA + }}} + + New `TurbineResources.properties`: + + {{{#!properties + services.SecurityService.classname=org.apache.turbine.services.security.DefaultSecurityService + + # ------------------------------------------------------------------- + # + # S E C U R I T Y S E R V I C E + # + # ------------------------------------------------------------------- + + # + # This is the class that implements the UserManager interface to + # manage User objects. Default is the PassiveUserManager + # + # Adjust this setting if you change the Setting of the SecurityService class (see above). + + # Default: org.apache.turbine.services.security.passive.PassiveUserManager + services.SecurityService.user.manager = org.apache.turbine.services.security.DefaultUserManager + }}} + + `roleConfiguration.xml`: + + {{{#!xml + <role + name="org.apache.torque.avalon.Torque" + shorthand="torqueService" + default-class="org.apache.torque.avalon.TorqueComponent" + early-init="true" /> + + <!-- These components belong to the Fulcrum-Security services --> + <role + name="org.apache.fulcrum.security.SecurityService" + shorthand="securityService" + default-class="org.apache.fulcrum.security.BaseSecurityService"/> + + <role + name="org.apache.fulcrum.security.UserManager" + shorthand="userManager" + early-init="true" + default-class="org.apache.fulcrum.security.torque.turbine.TorqueTurbineUserManagerImpl"/> + + <role + name="org.apache.fulcrum.security.GroupManager" + shorthand="groupManager" + default-class="org.apache.fulcrum.security.torque.turbine.TorqueGroupManagerImpl"/> + + <role + name="org.apache.fulcrum.security.RoleManager" + shorthand="roleManager" + default-class="org.apache.fulcrum.security.torque.turbine.TorqueRoleManagerImpl"/> + + <role + name="org.apache.fulcrum.security.PermissionManager" + shorthand="permissionManager" + default-class="org.apache.fulcrum.security.torque.turbine.TorquePermissionManagerImpl"/> + + <role + name="org.apache.fulcrum.security.ModelManager" + shorthand="modelManager" + default-class="org.apache.fulcrum.security.torque.turbine.TorqueTurbineModelManagerImpl"/> + + <role + name="org.apache.fulcrum.security.authenticator.Authenticator" + shorthand="authenticator" + default-class="org.apache.fulcrum.security.authenticator.TextMatchAuthenticator"/> + + <role + name="org.apache.fulcrum.security.model.ACLFactory" + shorthand="aclFactory" + default-class="org.apache.fulcrum.security.model.turbine.TurbineACLFactory"/> + }}} + + `componentConfiguration.xml`: + + {{{#!xml + <!-- These components belong to the Fulcrum-Security services --> + <securityService/> + <authenticator/> + <modelManager/> + <aclFactory/> + + <userManager> + <className>org.apache.fulcrum.security.torque.om.TorqueTurbineUser</className> + </userManager> + <groupManager> + <className>org.apache.fulcrum.security.torque.om.TorqueTurbineGroup</className> + </groupManager> + <roleManager> + <className>org.apache.fulcrum.security.torque.om.TorqueTurbineRole</className> + </roleManager> + <permissionManager> + <className>org.apache.fulcrum.security.torque.om.TorqueTurbinePermission</className> + </permissionManager> + + <torqueService> + <configfile>/WEB-INF/conf/Torque.properties</configfile> + </torqueService> }}} == Added Components == --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
