#
#  Licensed to the Apache Software Foundation (ASF) under one
#  or more contributor license agreements.  See the NOTICE file
#  distributed with this work for additional information
#  regarding copyright ownership.  The ASF licenses this file
#  to you under the Apache License, Version 2.0 (the
#  "License"); you may not use this file except in compliance
#  with the License.  You may obtain a copy of the License at
#
#   http://www.apache.org/licenses/LICENSE-2.0
#
#  Unless required by applicable law or agreed to in writing,
#  software distributed under the License is distributed on an
#  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
#  KIND, either express or implied.  See the License for the
#  specific language governing permissions and limitations
#  under the License.
#


#
# This file contains localization strings for configuration labels and
# descriptions as used in the metatype.xml descriptor generated by the
# the Sling SCR plugin

#
# Request Authenticator. Uses AuthenticationHandlers for the
# actual work of extracting user details from the request.
auth.name = Apache Sling Authentication Service
auth.description = Extracts user authentication details from the request with \
 the help of authentication handlers registered as separate services. One \
 example of such an authentication handler is the handler HTTP Authorization \
 header contained authentication.

auth.annonymous.name = Allow Anonymous Access
auth.annonymous.description = Whether default access as anonymous when no \
 credentials are present in the request is allowed. The default value is \
 "true" to allow access without credentials. When set to "false" access to the \
 repository is only allowed if valid credentials are presented. The value of \
 this configuration option is added to list of Authentication Requirements \
 and needs not be explicitly listed. If anonymous access is allowed the entry \
 added is "-/". Otherwise anonymous access is denied and "+/" is added to the \
 list.
 
sling.auth.anonymous.user.name = Anonymous User Name
sling.auth.anonymous.user.description = Defines which user name to assume \
 for anonymous requests, that is requests not providing credentials \
 supported by any of the registered authentication handlers. If this \
 property is missing or empty, the default is assumed which depends on \
 the resource provider(s). Otherwise anonymous requests are handled with \
 this user name. If the configured user name does not exist or is not \
 allowed to access the resource data, anonymous requests may still be \
 blocked. If anonymous access is not allowed, this property is ignored.

sling.auth.anonymous.password.name = Anonymous User Password
sling.auth.anonymous.password.description = Password for the anonymous \
 user defined in the Anonymous User Name field. This property is only \
 used if a non-empty anonymous user name is configured. If this property \
 is not defined but a password is required, an empty password would be \
 assumed.
    
 
sling.auth.requirements.name = Authentication Requirements
sling.auth.requirements.description = Defines URL space subtrees which require \
 or don't require authentication. For any request the best matching path \
 configured applies and defines whether authentication is actually required \
 for the request or not. Each entry in this list can be an absolute path (such \
 as /content) or and absolute URI (such as http://thehost/content). Optionally \
 each entry may be prefixed by a plus (+) or minus (-) sign indicating that \
 authentication is required (plus) or not required (minus). Example entries are \
 "/content" or "+/content" to require authentication at and below "/content" and \
 "-/system/sling/login" to not require authentication at and below \
 "/system/sling/login". By default this list is empty. This list is extended at \
 run time with additional entries: One entry is added for the "Allow Anonymous \
 Access" configuration. Other entries are added for any services setting the \
 "sling.auth.requirements" service registration property.
 
auth.uri.suffix.name = Authentication URI Suffices
auth.uri.suffix.description = A list of request URI suffixes intended to \
 be handled by Authentication Handlers. Any request whose request URI \
 ends with any one of the listed suffices is intended to be handled by \
 an Authentication Handler causing the request to either be rejected or \
 the client being redirected to another location and thus the request not \
 being further processed after the authentication phase. The default is \
 just "/j_security_check" which is the suffix defined by the Servlet API \
 specification used for FORM based authentication.

auth.sudo.cookie.name = Impersonation Cookie
auth.sudo.cookie.description = The name the HTTP Cookie to set with the value \
 of the user which is to be impersonated. This cookie will always be a session \
 cookie.

auth.sudo.parameter.name = Impersonation Parameter
auth.sudo.parameter.description = The name of the request parameter initiating \
 impersonation. Setting this parameter to a user id will result in using an \
 impersonated session (instead of the actually authenticated session) and set \
 a session cookie of the name defined in the Impersonation Cookie setting.

auth.http.name = HTTP Basic Authentication
auth.http.description = Level of support for HTTP Basic Authentication. Such \
 support can be provided in three levels: (1) no support at all, that is \
 disabled, (2) preemptive support, that is HTTP Basic Authentication is \
 supported if the authentication header is set in the request, (3) full \
 support. The default is preemptive support unless Anonymous Access is \
 not allowed. In this case HTTP Basic Authentication is always enabled \
 to ensure clients can authenticate at least with basic authentication.

auth.http.realm.name = Realm
auth.http.realm.description = HTTP BASIC authentication realm. This property \
 is only used if the HTTP Basic Authentication support is not disabled. The \
 default value is "Sling (Development)".