#===================================================================== # Licensed to the Apache Software Foundation (ASF) under one or more # contributor license agreements. See the NOTICE file distributed with # this work for additional information regarding copyright ownership. # The ASF licenses this file to You under the Apache License, Version 2.0 # (the "License"); you may not use this file except in compliance with # the License. You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. #===================================================================== # $Rev$ $Date$ ajax.progressbar.processing = Processing... car.addRepository.currentlyPluginRepositories = The currently available plugin repositories are car.addRepository.downloadRunningCongfig = You can also download running configurations from another Geronimo server just as if you're browsing and installing third-party plugins. If you want to point to a remote Geronimo server, enter a URL such as http://geronimo-server:8080/plugin/maven-repo/ car.addRepository.howToAddPluginRepositories = To add a new plugin repository to this list, enter the URL to the repository. The repository must have a geronimo-plugins.xml file in the root directory listing the available plugins in the repository. car.addRepository.title = Add Plugin Repository car.assemblyConfirm.description = Description car.assemblyConfirm.fileLocation = File Location car.assemblyConfirm.moduleId = Module ID car.assemblyConfirm.plugin = Plugin car.assemblyConfirm.successful = Server Assembly Successful car.common.addRepository = Add Repository car.common.assemble = Assemble car.common.author = Author car.common.category = Category car.common.createGeronimoPlugin = Create Geronimo Plugin car.common.dependencies = Dependencies car.common.downloadRepositories = Download Repositories car.common.exportPlugin = Export Plugin car.common.geronimoVersions = Geronimo Versions car.common.group = Group car.common.license = License car.common.listCategory = Category car.common.listInstallable = Installable car.common.listName = Name car.common.listVersion = Version car.common.moduleID = Module ID car.common.newRepository = New Repository car.common.obsoletes = Obsoletes car.common.openSource = Open Source car.common.pluginURL = Plugin URL car.common.prereq1Description = Prereq 1 Description car.common.prereq2Description = Prereq 2 Description car.common.prereq3Description = Prereq 3 Description car.common.prerequisite1ID = Prerequisite 1 ID car.common.prerequisite1Type = Prerequisite 1 Type car.common.prerequisite2ID = Prerequisite 2 ID car.common.prerequisite2Type = Prerequisite 2 Type car.common.prerequisite3ID = Prerequisite 3 ID car.common.prerequisite3Type = Prerequisite 3 Type car.common.prerequisites = Prerequisites car.common.proprietary = Proprietary car.common.removePlugins = Remove Geronimo Plugins car.common.repository = Repository car.common.savePluginData = Save Plugin Data car.common.searchForPlugins = Show Plugins in selected repository car.common.uniqueID = Unique ID car.common.viewDetails = View Details car.common.webSite = Web Site car.confirmExport.title = Export Plugin -- Save to Disk car.confirmExport.useBtnBelow = Use the button below to save the plugin "{0}" to disk. car.download.foundDependencies = Found the following dependencies for this plugin. Any missing dependencies will be installed for you automatically if you proceed. car.download.processing = Processing {0}... car.downloadStatus.processing = Current file being operated on... car.index.assembleServer = Assemble a server car.index.assembleServerLong = Assemble a server from plugins in this one car.index.createGeronimoPluginExp = Choose a configuration in the current Geronimo server to export as a Geronimo plugin. The configuration will be saved as a CAR file to your local filesystem. Note: at present, you must manually add a META-INF/geronimo-plugin.xml file to the CAR after you export it in order for it to be a valid plugin. car.index.optionalAuthentication = Optional Authentication car.index.removePluginsExp = To remove a plugin, use the categories under Applications to locate the plugin module and uninstall it. car.index.summary =

Install Geronimo Plugins

This portlet lets you install Geronimo plugins. This can be used to install new features into a Geronimo server at runtime.

Choose a remote repository to inspect for available Geronimo plugins. The repository must have a geronimo-plugins.xml file in the root directory listing the available plugins in the repository.

You can also download running configurations from another Geronimo server just as if you're browsing and installing third-party plugins. If you want to point to a remote Geronimo server, enter a URL such as http://geronimo-server:8080/plugin/maven-repo/ and the enter the administrator username and password in the optional authentication fields.

car.index.updateRepositoryList = Update Repository List car.index.validateConfig = Please select a configuration to export. car.list.assemblyArtifactId = Assembly artifactId: car.list.assemblyFormat = Assembly format: car.list.assemblyGroupId = Assembly groupId: car.list.assemblyPath = Assembly target path: car.list.assemblyServerName = Name the server to be assembled car.list.assemblyVersion = Assembly version: car.list.noPlugins = No plugins are listed at this repository. car.list.pluginLocal = Plugins in local server car.list.pluginRepo = Plugins listed at car.pluginParams.JVMVersionsExp = An optional list of JVM version prefixes supported by this plugin. If no values are listed, the plugin can be installed in Geronimo running in any version of the JVM. Otherwise, list one acceptable JVM version prefix per line, like "1.4.2 \r\n 1.5 \r\n ..." (ideally, of course, this means you've actually tested the plugin with Geronimo on each JVM version listed here). car.pluginParams.authorExp = The author of the plug, which may be a person, company, open source project, etc. car.pluginParams.categoryExp = The category this plugin falls into. Plugins in the same category will be listed together. If this plugin is intended to be listed on geronimoplugins.com then you should use one of the category names there if any of them fit. Otherwise, you can select this freely, or according to the categories acceptable to the repository where you plan to post this. car.pluginParams.dependenciesExp = A list of JARs or other module IDs that this plugin depends on. These will be downloaded automatically when this plugin is installed. Normally you shouldn't change this list. However, you can move entries from the dependency list to the prerequisite list if the user must install the dependency manually before installing the plugin (e.g. for a database pool where a plugin wouldn't know what server to connect to).

Each entry in this list should use the Unique ID format like is used for this plugin above. You may remove the version number if you'd like to work with any version of the dependency, though that may be risky. Each value should be on a separate line. car.pluginParams.descriptionExp = A description of this plugin. You should use plain text only, with blank lines to separate paragraphs. car.pluginParams.downloadRepositoriesExp = A list of repositories to check for any dependencies that need to be downloaded. This should be a list of one URL per line, with values such as http://geronimoplugins.com/repository/ and http://www.ibiblio.org/maven2/. Note that the repository this plugin is deployed to should typically be the first one listed. car.pluginParams.geronimoVersionsExp = An optional list of Geronimo versions supported by this plugin. If no values are listed, the plugin can be installed in any version of Geronimo. Otherwise, list one acceptable Geronimo version per line, like "1.1 \r\n 1.1.1 \r\n 1.1.2 \r\n ..." (ideally, of course, this means you've actually tested the plugin with each Geronimo version listed here). car.pluginParams.humanReadableName = Human Readable Name car.pluginParams.humanReadableNameExp = A human-readable name that will be displayed for this plugin. car.pluginParams.licenseExp = The name of the license that this plugin is covered by. Ideally, it would be prefixed by the class of license, like "BSD -- (name)" or "GPL -- (name)". car.pluginParams.obsoletesExp = A list of module IDs that this plugin replaces. Those plugins or modules will be removed when this one is installed. That may include previous versions of this plugin if you want installing it to "upgrade" rather than just offering an additional alternative. This should be a list with one module ID per line. car.pluginParams.openSourceExp = Check this box if the license is an OSI-approved open source license (see http://www.opensource.org/licenses/index.php). car.pluginParams.pluginURLExp = A URL to get more information about the plugin (e.g. the plugin home page). car.pluginParams.prereqDescriptionExp = A longer description of what the user needs to do to comply with this prerequisite (for example, instructions to set up a database pool listing the supported database products and telling the user where to find a script to initialize the database). This should be plain text with empty lines to separate paragraphs. car.pluginParams.prerequisiteIDExp = The module ID of a prerequisite for this plugin. This is a module that must be present in the server before the plugin can be installed. It may be something like a specific web container for a web application (geronimo/jetty/*/car) or something like a database pool or security realm that the user must install because the plugin author can't create a value that will be valid in the destination server. You may want to leave out as many segments of the module ID as possible in order to accommodate more users (e.g. */mypool/*/* rather than myapp/mypool/1.2/car). car.pluginParams.prerequisiteTypeExp = A brief description of the type of prerequisite this is (for the benefit of the user). Examples could include Database Pool or Web Container. car.pluginParams.title = Export Plugin -- Configure Plugin Data car.pluginParams.uniqueIDExp = The globally unique ID for this plugin. This is determined from the installation in the server you're exporting. This defines the version number for the plugin, so make sure it's correct. car.results.filesProcessed = Files Processed car.results.titles = The following plugin(s) have been installed car.viewForDownload.author = Author car.viewForDownload.dependencies = Dependencies car.viewForDownload.description = Description car.viewForDownload.geronimoVersions = Geronimo-Versions car.viewForDownload.group = Group car.viewForDownload.installable = Installable car.viewForDownload.jvmVersions = JVM Versions car.viewForDownload.license = License car.viewForDownload.moduleId = Module ID car.viewForDownload.obsoletes = Obsoletes car.viewForDownload.prerequisites = Prerequisites car.viewForDownload.website = Web Site configmanager.common.archive = Archive configmanager.common.plan = Plan(optional) configmanager.common.startAppAfterInstall = Start application after installation configmanager.common.redeployapplication = Redeploy application configmanager.deploy.migratedPlan = Migrated plan configmanager.deploy.migratedPlanSummary = The deployment plan you provided appears to be for a previous version of the application server. A migrated version of your plan is provided below for your convenience. Not all deployment plans can be fully migrated so some manual editing may be required before the migrated plan can be deployed. configmanager.deploy.originalPlan = Original plan configmanager.deploy.redeployApplication = Redeploy application configmanager.deploy.saveLocally = Save this plan locally configmanager.deploy.showMigratedPlan = Show Migrated plan configmanager.deploy.showOriginalPlan = Show original plan configmanager.deployHelp.archiveExp = Browse to select the Java EE archive file in the Archive box. configmanager.deployHelp.installApplication = Install the application in the Geronimo server. configmanager.deployHelp.planExp = If the deployment plan is separate from the archive file, then browse to select it. If the deployment plan is packaged within the archive file, then leave this field blank. configmanager.deployHelp.startAppAfterInstallExp = Check this to automatically start the application when it is installed. Otherwise, the user can start the application by clicking on the associated "Start" toggle in the"Installed Applications" window. By default this checkbox is checked and newly installed applications will automatically be started. configmanager.deployHelp.redeployapplication = Check this to redeploy the application. Geronimo server will try to identify the module from the repository and replace it with the new one. configmanager.deployHelp.title = This portlet allows the user to deploy or redeploy applications on Geronimo. For example, web applications require deployment plans, which are either packaged within the war file or kept in a separate file which is typically called geronimo-web.xml. A deployment plan can also be a stand-alone xml file when a RAR is being used or for providing environment specific settings. consolebase.common.JVMVersions = JVM Versions consolebase.common.actions = Actions consolebase.common.cancel = Cancel consolebase.common.commands = Commands consolebase.common.confirmPassword = Confirm Password consolebase.common.delete = Delete consolebase.common.deployedAs = Deployed As consolebase.common.description = Description consolebase.common.done = Done consolebase.common.edit = Edit consolebase.common.install = Install consolebase.common.name = Name consolebase.common.next = Next consolebase.common.password = Password consolebase.common.restart = Restart consolebase.common.return = Return consolebase.common.returnToList = Return to List consolebase.common.save = Save consolebase.common.start = Start consolebase.common.state = State consolebase.common.stop = Stop consolebase.common.uninstall = Uninstall consolebase.common.usage = usage consolebase.common.user = User consolebase.common.userName = Username realmwizard._sql.JDBCDriverClassExp = The fully-qualified JDBC driver class name. This driver must be located in the JAR specified in the next field. realmwizard._sql.JDBCPasswordExp = The password used to connect to the database realmwizard._sql.JDBCUrlExp = The JDBC URL that specifies the details of the database to connect to. This has a different form for each JDBC driver. realmwizard._sql.JDBCUsernameExp = The username used to connect to the database realmwizard._sql.databasePoolExp = A database pool that the login module will use to connect to the database. If this is specified, none of the rest of the settings after this are necessary. realmwizard._sql.digestAlgorithmExp = Message Digest algorithm (e.g. MD5, SHA1, etc.) used on the passwords. Leave this field empty if no digest algorithm is used. realmwizard._sql.digestEncodingExp = Encoding to use for digests (e.g. hex, base64). This is used only if a Message Digest algorithm is specified.If no encoding is specified, hex will be used. realmwizard._sql.driverJARExp = The JAR holding the selected JDBC driver. Should be installed under GERONIMO/repository/ to appear in this list. realmwizard._sql.eitherPoolOrJDBC = A SQL security realm must either have a database pool or JDBC connectivity settings to connect to the database. Please select EITHER the database pool, OR the rest of the JDBC settings. realmwizard._sql.groupSelectSQLExp = A SQL statement to load group information for a user. It should return 2 columns, the first holding a username and the second holding a group name. The statement may use the PreparedStatement syntax of ? for a parameter, in which case the username will be set for every parameter. A typical setting would be SELECT username, group_name FROM user_groups WHERE username=? or for a more normalized schema, SELECT u.username, g.name FROM app_users u, groups g, user_groups ug WHERE ug.user_id=users.id AND ug.group_id=g.id AND u.username=? realmwizard._sql.selectDatabasePool = A SQL security realm must either have a database pool or JDBC connectivity settings to connect to the database. Please select EITHER the database pool, OR the rest of the JDBC settings. realmwizard._sql.userSelectSQLExp = A SQL statement to load user/password information. It should return 2 columns, the first holding a username and the second holding a password. The statement may use the PreparedStatement syntax of ? for a parameter, in which case the username will be set for every parameter. A typical setting would be SELECT username, password FROM app_users WHERE username=? realmwizard.advanced.AuditEnabledExp = If enabled, every login attempt will be recorded to the specified file. The path should be relative to the Geronimo home directory (a typical value would be var/log/login-attempts.log). realmwizard.advanced.credentialName = Credential Name realmwizard.advanced.credentialNameExp = If enabled, the realm will store each username and password in a private credential in the Subject under a specified credential name. realmwizard.advanced.failuresWithin = failures within realmwizard.advanced.failuresWithinSeconds = seconds realmwizard.advanced.keepAccountLockedFor = and keep the account locked for realmwizard.advanced.keepAccountLockedForSeconds = seconds realmwizard.advanced.lockUserAfter = Lock a user after realmwizard.advanced.lockoutEnabledExp = If enabled, a certain number of failed logins in a particular time frame will cause a user's account to be locked for a certain period of time. This is a defense against brute force account cracking attacks. realmwizard.advanced.namedCredential = Named Credential realmwizard.advanced.storePasswordEnabledExp = If enabled, the realm will store each user's password in a private credential in the Subject. This will allow access to the password later after the login process has completed. This is not normally required. realmwizard.advanced.title = Create Security Realm -- Step 3: Advanced Configuration realmwizard.common.JDBCDriverClass = JDBC Driver Class realmwizard.common.JDBCPassword = JDBC Password realmwizard.common.JDBCUrl = JDBC URL realmwizard.common.JDBCUsername = JDBC Username realmwizard.common.addSecurityRealm = Add new security realm realmwizard.common.addToEAR = Add to EAR realmwizard.common.configurationOptions = Configuration Options realmwizard.common.controlFlag = Control Flag realmwizard.common.controlFlag.optional = Optional realmwizard.common.controlFlag.required = Required realmwizard.common.controlFlag.requisite = Requisite realmwizard.common.controlFlag.sufficient = Sufficient realmwizard.common.databasePool = Database Pool realmwizard.common.deploy = Deploy realmwizard.common.deployCommand = Deploy Command realmwizard.common.deployRealm = Deploy Realm realmwizard.common.deploymentPlan = Deployment Plan realmwizard.common.digestAlgorithm = Digest Algorithm realmwizard.common.digestEncoding = Digest Encoding realmwizard.common.driverJAR = Driver JAR realmwizard.common.editRealm = Edit Realm realmwizard.common.editSettings = Edit Settings realmwizard.common.enableAuditing = Enable Auditing realmwizard.common.enableLockout = Enable Lockout realmwizard.common.groupSelectSQL = Group SELECT SQL realmwizard.common.logFile = Log File realmwizard.common.loginDomainName = Login Domain Name realmwizard.common.loginModule = Login Module realmwizard.common.loginModuleClass = Login Module Class realmwizard.common.nameOfSecurityRealm = Name of Security Realm realmwizard.common.principals = Principals realmwizard.common.realmName = Realm Name realmwizard.common.realmType = Realm Type realmwizard.common.serverSide = Server-Side realmwizard.common.serverWide = Server-wide realmwizard.common.showPlan = Show Plan realmwizard.common.skipTestAndDeploy = Skip Test and Deploy realmwizard.common.skipTestAndShowPlan = Skip Test and Show Plan realmwizard.common.storePassword = Store Password realmwizard.common.supportAdvancedMapping = Support Advanced Mapping realmwizard.common.supportAdvancedMapping.no = No realmwizard.common.supportAdvancedMapping.yes = Yes realmwizard.common.testAgain = Test Again realmwizard.common.testLogin = Test a Login realmwizard.common.userSelectSQL = User SELECT SQL realmwizard.configure.certprops.groupsURI.description = The location of a properties file (relative to the Geronimo home dir) holding group information. The format of each line should be group=user,user,.... realmwizard.configure.certprops.groupsURI.name = Groups File URI realmwizard.configure.certprops.usersURI.description = The location of a properties file (relative to the Geronimo home dir) holding certificate to user mapping information. The format of each line should be username=certificatename where certificate name is X509Certificate.getSubjectX500Principal().getName() realmwizard.configure.certprops.usersURI.name = Users File URI realmwizard.configure.ldap.authentication.description = The security level to use, which can be none, simple, or strong (the usual value is simple. If this property is unspecified, the behavior is determined by the service provider. realmwizard.configure.ldap.authentication.name = Authentication realmwizard.configure.ldap.connectionPassword.description = The password used to connect to the LDAP server. realmwizard.configure.ldap.connectionPassword.name = Connect Password realmwizard.configure.ldap.connectionProtocol.description = The connection protocol used to communicate with the LDAP server. Normally left blank, though it can be set to ssl if the server supports it. realmwizard.configure.ldap.connectionProtocol.name = Connect Protocol realmwizard.configure.ldap.connectionURL.description = A URL that describes how to connect to the LDAP server. Normally this would be ldap://ldap-server-hostname:389 (or for the Apache directory server included with Geronimo, ldap://localhost:1389). realmwizard.configure.ldap.connectionURL.name = Connection URL realmwizard.configure.ldap.connectionUsername.description = The user name used to connect to the LDAP server. Should be an administrator or Directory manager that has access to examine other users' passwords. realmwizard.configure.ldap.connectionUsername.name = Connect Username realmwizard.configure.ldap.initialContextFactory.description = The fully-qualified class name of the initial context factory. If you don't know what to use here, you should use com.sun.jndi.ldap.LdapCtxFactory. realmwizard.configure.ldap.initialContextFactory.name = Initial Context Factory realmwizard.configure.ldap.roleBase.description = The base LDAP context (location) to search for roles. The search may look in this location only, or there and all subcontexts, depending on the settings for "Role Search Subtree" below. realmwizard.configure.ldap.roleBase.name = Role Base realmwizard.configure.ldap.roleName.description = The LDAP attribute type that corresponds to the the role name. Often set to cn. realmwizard.configure.ldap.roleName.name = Role Name realmwizard.configure.ldap.roleSearchMatching.description = The LDAP attribute search string used on a role to find the users who are members of the role. This is used when the role has many attributes with the same name, but with different values (one per user). Normally the parameter {0} is used to identify the username. A typical value would be (member={0}) or (memberUID={0}). realmwizard.configure.ldap.roleSearchMatching.name = Role User Search String realmwizard.configure.ldap.roleSearchSubtree.description = If set to true, then subtrees under the "Role Base" will be searched for roles too. If set to false, then only the "Role Base" location itself will be searched. realmwizard.configure.ldap.roleSearchSubtree.name = Role Search Subtree realmwizard.configure.ldap.userBase.description = The base LDAP context (location) to search for users. The search may look in this location only, or there and all subcontexts, depending on the settings for "User Search Subtree" below. realmwizard.configure.ldap.userBase.name = User Base realmwizard.configure.ldap.userRoleName.description = If the role entry does not have an attribute for users, but instead the user entry has an attribute for roles, this should be used instead of the "Role User Search String". It names the attribute on a user that lists a role that user is in. A typical value would be (memberOf={0}). realmwizard.configure.ldap.userRoleName.name = User Role Search String realmwizard.configure.ldap.userSearchMatching.description = The LDAP attribute search string used to find the user. RFC 2254 filters are allowed, and normally the parameter {0} is used to identify the username. A typical value would be (uid={0}) or (cn={0}). realmwizard.configure.ldap.userSearchMatching.name = User Search Matching realmwizard.configure.ldap.userSearchSubtree.description = If set to true, then subtrees under the "User Base" will be searched for users too. If set to false, then only the "User Base" location itself will be searched. realmwizard.configure.ldap.userSearchSubtree.name = User Search Subtree realmwizard.configure.props.digest.description = Message Digest algorithm (e.g. MD5, SHA1, etc.) used on the passwords. Leave this field empty if no digest algorithm is used. realmwizard.configure.props.digest.name = Digest Algorithm realmwizard.configure.props.encoding.description = Encoding to use for digests (e.g. hex, base64). This is used only if a Message Digest algorithm is specified. If no encoding is specified, hex will be used. realmwizard.configure.props.encoding.name = Digest Encoding realmwizard.configure.props.groupsURI.description = The location of a properties file (relative to the Geronimo home dir) holding group information. The format of each line should be group=user,user,.... realmwizard.configure.props.groupsURI.name = Groups File URI realmwizard.configure.props.usersURI.description = The location of a properties file (relative to the Geronimo home dir) holding user/password information. The format of each line should be username=password. realmwizard.configure.props.usersURI.name = Users File URI realmwizard.configure.title = Create Security Realm -- Step 2: Configure Login Module realmwizard.edit.configurationOptionsExp = Any configuration options necessary for the login module, in the standard Java properties format (one per line, name=value) realmwizard.edit.controlFlagExp = The control flag for the login module, which controls what happens to the overall login processing if this login module succeeds or fails. For more information see realmwizard.edit.ifLeaveBlank = If you don't need to use as many login modules as there are entries below,just leave the extra ones blank. realmwizard.edit.loginDomainExp = The login domain for this login module, which must be unique among all modules in the security realm. This can be used to distinguish principals from two otherwise identical login modules (for example, from two LDAP login modules pointing to two different LDAP servers) realmwizard.edit.loginModuleClassExp = The fully-qualified class name for the login module. realmwizard.edit.loginModuleJAR = Login Module JAR realmwizard.edit.loginModuleJARExp = The jar containing Login Module and Principal classes. realmwizard.edit.realmNameExp = A name that is different than the name for any other security realms in the server (no spaces in the name please). Other components will use this name to refer to the security realm. realmwizard.edit.serverSideExp = Server-side login modules are executed within the application server (this is normally correct). Client-side login modules are executed in the client's environment, for example, in order to use single sign-on features of the client OS. realmwizard.edit.summary =

This page edits a new or existing security realm.

A security realm may have one or more login modules. Many simple realms have only one login module. Additional login modules may be used to access more underlying security information stores, or to add functionality such as auditing to a realm without affecting the authentication process for the realm.

realmwizard.edit.supportAdvancedMappingExp = Normally Geronimo can't distinguish between two different principals that have the same name and same principal class but were produced by two different login modules. If this option is enabled, Geronimo will "wrap" principals to track which login module and realm each principal came from. This lets you use the "realm-principal" and "login-domain-principal" elements in your security mapping in Geronimo deployment plans. realmwizard.list.noSecurityRealms = There are no security realms defined realmwizard.list.seeExamples = For each realm listed, you can click the usage link to see examples of how to use the realm from your application.\r\n realmwizard.list.title = This page lists all the available security realms. Server-wide security realms can be edited, while security realms deployed as part of a single application cannot (change the deployment plan in the application instead). realmwizard.message.sameRealmName = Security realm with the same name already exists, please specify a new security realm name. realmwizard.selectType.nameOfSecurityRealmExp = A name that is different than the name for any other security realms in the server (no spaces in the name please). Other components will use this name to refer to the security realm. realmwizard.selectType.realmTypeExp = The type of login module used as the master for this security realm. Select "Other" for manual configuration options including custom login modules and realms that use multiple login modules to populate user principals. realmwizard.selectType.title = Create Security Realm -- Step 1: Select Name and Type realmwizard.showPlan.addToEARExp = Instead of deploying as a top-level security realm, you can deploy this realm as part of an EAR. To add a security realm to an EAR using this plan, create a META-INF/geronimo-application.xml file in your EAR that has the dependency elements (if any) and gbean elements from the plan above. It should look something like this: realmwizard.showPlan.deployCommandExp = To deploy a security realm from the command line using this plan, copy and paste it to a file (say, security-realm.xml) and save it. Then run a command like: realmwizard.showPlan.title = Create Security Realm -- Show Deployment Plan realmwizard.testLogin.passwordExp = The password to use to log in to the realm. realmwizard.testLogin.summary = From here you can enter a username and password for the main login module in the realm, and see if the login is successful and which Principals are generated for the user. This is meant to be an indication of whether the settings for the main login module are correct. It does not invoke advanced features such as auditing or lockout. realmwizard.testLogin.title = Create Security Realm -- Step 4: Test Login realmwizard.testLogin.usernameExp = The username to use to log in to the realm. realmwizard.testResults.testResults = Test Results realmwizard.testResults.title = Create Security Realm -- Step 5: Login Results realmwizard.usage.applicationCode = Application Code realmwizard.usage.applicationCodeExp =

No special application code is required to work with security roles.

If an application calls HttpServletRequest.getUserPrincipal(), Geronimo will return a principal where the principal class implements GeronimoCallerPrincipal -- normally a username (since GeronimoUserPrincipal implements GeronimoCallerPrincipal). If you're using a custom login module and getting the wrong results for getUserPrincipal, try making your user principal class implement GeronimoCallerPrincipal.

If an application calls HttpServletRequest.isUserInRole(role), Geronimo will return true or false depending on whether any of the principals assigned to that user by the realm's login modules were listed in the role mapping above.

realmwizard.usage.geronimoWebXmlLater =

This example indicated that {0} will be used to handle all logins to the web application. Then it maps the admin role to a combination of one user (root) and one group (administrators), using a combination of the principal classes and principal names. (Note that if {0} uses a custom login module, the principal classes may be different, but the ones listed above are used for users and groups by all the standard Geronimo login modules.)

It's also possible to configure separate login modules to use separate login domain names, and then use the login domain names in the role mapping (so a user "root" from login domain "Foo" is different from a user "root" from login domain "Bar"), but this is only important if you have multiple login modules assigning principals to the users.

Finally, if the security section is declared in an EAR application.xml deployment descriptor, there's no need to repeat it in any of the modules inside the EAR -- they'll all share the same role mapping information.

realmwizard.usage.geronimoWebXmlPreface =

To configure the security realm and the members of each role, the web application needs to have a geronimo-web.xml deployment plan. That may be packaged in the WAR in the WEB-INF directory, or it may be provided separately on the command line to the deploy tool.

The geronimo-web.xml plan should have a security-realm-name element indicating which realm will be used to authenticate logins to the web application. It also needs to have a security element listing the users or groups who should be members of each security-role listed in web.xml.

realmwizard.usage.title = This page talks about how to use the security realm {0} from a J2EE application. The example here is a web application, but other application modules would work similarly. realmwizard.usage.webXmlShouldHave =

The web.xml should have