README.txt - directory-fortress-commander - Git at Google

 #
 # This work is part of OpenLDAP Software <http://www.openldap.org/>.
 #
 # Copyright 1998-2014 The OpenLDAP Foundation.
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without
 # modification, are permitted only as authorized by the OpenLDAP
 # Public License.
 #
 # A copy of this license is available in the file LICENSE in the
 # top-level directory of the distribution or, alternatively, at
 # <http://www.OpenLDAP.org/license.html>.
 #
 ___________________________________________________________________________________
 ###################################################################################
 README for Fortress Commander Web Application Installation
 RC36 (BETA RELEASE CANDIDATE)
 Last updated: April 27, 2014
 ___________________________________________________________________________________
 ###################################################################################
 # SECTION 1: Prerequisites
 ###################################################################################
 1. Internet access to retrieve dependencies from online Maven repo.

 NOTE: The Commander maven may run without connection to Internet iff:
 - The binary dependencies are already present in M2_HOME

 2. Java SDK Version 7 or beyond installed to target environment

 3. Apache Ant installed.

 4. Apache Maven 3 installed.

 5. Fortress/OpenLDAP QUICKSTART installed to target system.
 Instructions: http://www.jts.us/iamfortress/guides/README-QUICKSTART.html
 Download: http://iamfortress.org/download/

 6. Tomcat 7 (or suitable servlet container) installed:
 http://tomcat.apache.org

 7. Fortress Sentry package (a.k.a Realm) installed as the Java security provider on Tomcat server:
 Instructions: http://www.jts.us/iamfortress/javadocs/api-sentry/org/openldap/sentry/tomcat/package-summary.html

 Important Note: The Fortress QUICKSTART package includes prerequisite #'s 3,4,5,6 & 7 from above.
 Download QUICKSTART packages from here: http://iamfortress.org/download/
 ___________________________________________________________________________________
 ###################################################################################
 # SECTION 2: Important Notes about Commander Web Application
 ###################################################################################

 1. Commander is released as Open Source and available for unrestricted use via BSD 3 clause license. (see LICENSE.txt)
   - Commander dependencies are Open Source also.

 2. This web app was tested using Apache Tomcat 7 but would work inside any current Java Servlet container (with changes to deploy procedure)

 3. Maven 'install' target in this package builds Commander war file which deploys to Java EE servlet container.

 4. This document includes instructions to Compile, Deploy, run Javadoc and Test the Commander Web application using Apache Tomcat.

 5. Security Measures implemented within this application include:

   - Java EE Security - Confidentiality, Authentication, Session Management
     - requires HTTP Basic Auth header exchange to pass credentials used for security checks.

   - Spring Security - Role-Based Access Control Interceptor
     - Service-level Authorization uses Spring Security.
     - To find out what Roles required to which Services, view the Spring annotations inside this file:
         commander-dist-[version]/src//main/java/org/openldap/enmasse/FortressServiceImpl.java

   - Fortress Sentry - Java EE security plugin for Identity, Coarse-grained Authorization, and Audit Trail

   - Commander - Identity, Administrative, Compliance and Review pages

   - Wicket - Controls buttons and links displayed by role and permissions

   - OpenLDAP - Password Hashing, Policies.
 _________________________________________________________________________________
 ###################################################################################
 # SECTION 3:  Instructions for Commander installation using Source Bundle
 ###################################################################################

 1. Retrieve Fortress Commander source code bundle either from iamfortress.org or OpenLDAP.org.

 2. Extract contents of openldap-fortress-commander.tar.gz to target env.
 ___________________________________________________________________________________
 ###################################################################################
 # SECTION 4:  Instructions to build Commander Web archive file
 ###################################################################################

 1. Open a command prompt on target machine in the root folder of the commander-dist package

 2. Set java home:
 >export JAVA_HOME=/opt/jdk1.7.0_10

 3. Set maven home:
 >export M2_HOME=/usr/share/maven

 4. Run maven install:
 >mvn install

 ###################################################################################
 # SECTION 5:  Instructions to Deploy Commander Web application to Tomcat
 ###################################################################################

 1. Enable Maven to communicate with Tomcat using settings.xml file.

 note: a typical location for this maven configuration file is: ~/.m2/settings.xml

 Add to file:

 <server>
 	<id>local-tomcat</id>
       <username>tcmanager</username>
       <password>m@nager123</password>
 </server>

 note: If you followed the installation steps of Fortress QUICKSTART your Tomcat Manager creds would be as above.

 2. Enter maven command to deploy to Tomcat:
 >mvn tomcat:deploy

 3. To redeploy:
 >mvn tomcat:redeploy
 ___________________________________________________________________________________
 ###################################################################################
 # SECTION 6:  Instructions to integration test Commander Web application
 ###################################################################################

 Note: This test case depends that the prerequisite tasks have been performed in SECTION 1.

 1. Load the test security policy into LDAP using Commander test target:
 >mvn test

 2. Run the Selenium Web driver integration tests:
 >mvn verify -DskipTests=false

 ___________________________________________________________________________________
 ###################################################################################
 # SECTION 7:  Instructions to create Commander javadoc (optional)
 ###################################################################################

 The service level documentation provides descriptions for each of the Commander pages.

 1. Enter the following:

 $ mvn javadoc:javadoc

 2. View the document output here:

 openldap-fortress-commander/target/site/apidocs
	#
	# This work is part of OpenLDAP Software <http://www.openldap.org/>.
	#
	# Copyright 1998-2014 The OpenLDAP Foundation.
	# All rights reserved.
	#
	# Redistribution and use in source and binary forms, with or without
	# modification, are permitted only as authorized by the OpenLDAP
	# Public License.
	#
	# A copy of this license is available in the file LICENSE in the
	# top-level directory of the distribution or, alternatively, at
	# <http://www.OpenLDAP.org/license.html>.
	#
	___________________________________________________________________________________
	###################################################################################
	README for Fortress Commander Web Application Installation
	RC36 (BETA RELEASE CANDIDATE)
	Last updated: April 27, 2014
	___________________________________________________________________________________
	###################################################################################
	# SECTION 1: Prerequisites
	###################################################################################
	1. Internet access to retrieve dependencies from online Maven repo.

	NOTE: The Commander maven may run without connection to Internet iff:
	- The binary dependencies are already present in M2_HOME

	2. Java SDK Version 7 or beyond installed to target environment

	3. Apache Ant installed.

	4. Apache Maven 3 installed.

	5. Fortress/OpenLDAP QUICKSTART installed to target system.
	Instructions: http://www.jts.us/iamfortress/guides/README-QUICKSTART.html
	Download: http://iamfortress.org/download/

	6. Tomcat 7 (or suitable servlet container) installed:
	http://tomcat.apache.org

	7. Fortress Sentry package (a.k.a Realm) installed as the Java security provider on Tomcat server:
	Instructions: http://www.jts.us/iamfortress/javadocs/api-sentry/org/openldap/sentry/tomcat/package-summary.html

	Important Note: The Fortress QUICKSTART package includes prerequisite #'s 3,4,5,6 & 7 from above.
	Download QUICKSTART packages from here: http://iamfortress.org/download/
	___________________________________________________________________________________
	###################################################################################
	# SECTION 2: Important Notes about Commander Web Application
	###################################################################################

	1. Commander is released as Open Source and available for unrestricted use via BSD 3 clause license. (see LICENSE.txt)
	- Commander dependencies are Open Source also.

	2. This web app was tested using Apache Tomcat 7 but would work inside any current Java Servlet container (with changes to deploy procedure)

	3. Maven 'install' target in this package builds Commander war file which deploys to Java EE servlet container.

	4. This document includes instructions to Compile, Deploy, run Javadoc and Test the Commander Web application using Apache Tomcat.

	5. Security Measures implemented within this application include:

	- Java EE Security - Confidentiality, Authentication, Session Management
	- requires HTTP Basic Auth header exchange to pass credentials used for security checks.

	- Spring Security - Role-Based Access Control Interceptor
	- Service-level Authorization uses Spring Security.
	- To find out what Roles required to which Services, view the Spring annotations inside this file:
	commander-dist-[version]/src//main/java/org/openldap/enmasse/FortressServiceImpl.java

	- Fortress Sentry - Java EE security plugin for Identity, Coarse-grained Authorization, and Audit Trail

	- Commander - Identity, Administrative, Compliance and Review pages

	- Wicket - Controls buttons and links displayed by role and permissions

	- OpenLDAP - Password Hashing, Policies.
	_________________________________________________________________________________
	###################################################################################
	# SECTION 3: Instructions for Commander installation using Source Bundle
	###################################################################################

	1. Retrieve Fortress Commander source code bundle either from iamfortress.org or OpenLDAP.org.

	2. Extract contents of openldap-fortress-commander.tar.gz to target env.
	___________________________________________________________________________________
	###################################################################################
	# SECTION 4: Instructions to build Commander Web archive file
	###################################################################################

	1. Open a command prompt on target machine in the root folder of the commander-dist package

	2. Set java home:
	>export JAVA_HOME=/opt/jdk1.7.0_10

	3. Set maven home:
	>export M2_HOME=/usr/share/maven

	4. Run maven install:
	>mvn install

	###################################################################################
	# SECTION 5: Instructions to Deploy Commander Web application to Tomcat
	###################################################################################

	1. Enable Maven to communicate with Tomcat using settings.xml file.

	note: a typical location for this maven configuration file is: ~/.m2/settings.xml

	Add to file:

	<server>
	<id>local-tomcat</id>
	<username>tcmanager</username>
	<password>m@nager123</password>
	</server>

	note: If you followed the installation steps of Fortress QUICKSTART your Tomcat Manager creds would be as above.

	2. Enter maven command to deploy to Tomcat:
	>mvn tomcat:deploy

	3. To redeploy:
	>mvn tomcat:redeploy
	___________________________________________________________________________________
	###################################################################################
	# SECTION 6: Instructions to integration test Commander Web application
	###################################################################################

	Note: This test case depends that the prerequisite tasks have been performed in SECTION 1.

	1. Load the test security policy into LDAP using Commander test target:
	>mvn test

	2. Run the Selenium Web driver integration tests:
	>mvn verify -DskipTests=false

	___________________________________________________________________________________
	###################################################################################
	# SECTION 7: Instructions to create Commander javadoc (optional)
	###################################################################################

	The service level documentation provides descriptions for each of the Commander pages.

	1. Enter the following:

	$ mvn javadoc:javadoc

	2. View the document output here:

	openldap-fortress-commander/target/site/apidocs