diff --git a/distribution/docs/README.md b/distribution/docs/README.md index ae805adc363b..2c403d4db0e0 100644 --- a/distribution/docs/README.md +++ b/distribution/docs/README.md @@ -2,11 +2,138 @@ Documentation is made available in a single document, or individual sections can be accessed based on audience need. -## Managing DDF -How to install and configure DDF, targeted for system administrators. +## Documentation Library -## Integrating DDF -How to connect to and from DDF using service interfaces, targeted for system integrators. +### DDF Introduction +Overview of what DDF is and what DDF does -## Extending DDF -How to add and modify system behaviors, targeted for developers. +### DDF: Quick Start Guide +Set up a test, demonstration, or evaluation instance of DDF + +### Managing DDF +How to install, configure, and maintain DDF + +### DDF User's Guide +Learn your way around the DDF documentation + +### Integrating with DDF +How to connect to and from DDF using service interfaces + +### Developing DDF Components: Developer's Guide +Create custom implementations of DDF interfaces + +### DDF Architecture +Learn about how the components of DDF work together + +### DDF Reference Guide +Complete list of possible configurations + +### DDF Metadata Reference Guide +Schemas and attributes used by DDF + +### DDF Documentation: Complete Documentation +All of the above, compliled into a single document + +## Documentation Module + +### Build Commands + +#### Build HTML documentation +`mvn clean install` + +#### Build HTML and PDF documentation +`mvn clean install -Prelease` + +#### Build Results + +These artifacts are produced by the standard build +- `target/docs/html`: Rendered Content +- `target/export-docs/` Zip of raw source files to use in downstream project +- `target/export-templates/` Zip of template files to optionally use in downstream projects + +### plugins + +- `` This plugin retrieves any content from upstream projects. +- `` copies all of the content, images, scripts, and configuration files to the target directory. During this process, the text files are filtered to replace placeholders with the configured values. +- `` takes the filtered content pages and applies freemarker tempates to determine the order of the documents. + - The asciidoc files (`.adoc`) have assigned `type`, `order` and `parent` properties in their headers that determine placement within larger sections. + +_Asciidoctor header example_ +``` +:title: Configuring HTTP(S) Ports +:type: configuration +:status: published +:parent: Configuring Federation +:summary: Configure HTTP(S) Ports. +:order: 01 +``` + + - The freemarker templates (`*.ftl`) iterate on the `type` properties to determine the document placement. Types are defined in the `jbake.properties` file. + +_jbake.properties excerpt_ +``` +output.extension=.adoc +template.documentation.file=documentation.ftl +template.introduction.file=overview.ftl +template.coreConcept.file=overview.ftl +template.subCoreConcept.file=overview.ftl +template.quickStart.file=quickstart.ftl +``` + - The `order` property of each `adoc` file sorts the sections and `parent` property matches subsections to their larger placement. The templates can also adjust the outline level of a subsection within the document. I use a nested loop to get a three-level outline structure. + +_Freemarker (`*.ftl`) example_ +``` +<#list configuringIntros?sort_by("order") as ci> +<#if (ci.status == "published")> + +\include::${ci.file}[leveloffset=+1] + +<#list configurations?sort_by("order") as configuration> +<#if (configuration.parent == ci.title)> + +\include::${configuration.file}[leveloffset=+2] + +<#if (configuration.title == "Connecting to Sources")> + +<#include "sources.ftl"> + +<#list subConfigurations?sort_by("order") as subConfiguration> +<#if (subConfiguration.parent == configuration.title)> + +\include::${subConfiguration.file}[leveloffset=+3] + + + + + + + +``` + +- `` compiles the newly-created asciidoc content into the final, publishable form. + - `HTML` pages are run by default, `PDF` generation is optional in a development environment by creating a `` for PDF output. +- `` files package the raw adocs, and completed versions in zip files for deployment. + +_asciidocs.xml excerpt_ +``` + + 0644 + 0755 + src/main/resources/content + + ** + + + +``` + +- `` deploys the published HTML and PDF files to the server for end-users to view. + +_pom.xml excerpt_ +``` + + ${project.build.directory}/docs/html/documentation.html + html + documentation + +``` diff --git a/distribution/docs/src/main/resources/content/_architectures/_actionFramework/action-framework-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_actionFramework/action-framework-intro.adoc index f29928507b9d..2b63b9fd4bb9 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_actionFramework/action-framework-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_actionFramework/action-framework-intro.adoc @@ -5,7 +5,7 @@ :order: 05 :summary: Introduction to the Action Framework. -The Action Framework was designed as a way to limit dependencies between applications (apps) in a system. +The ((Action Framework)) was designed as a way to limit dependencies between applications (apps) in a system. For instance, a feature in an app, such as an Atom feed generator, might want to include an external link as part of its feed's entries. That feature does not have to be coupled to a REST endpoint to work, nor does it have to depend on a specific implementation to get a link. In reality, the feature does not identify how the link is generated, but it does identify whether the link works or does not work when retrieving the intended entry's metadata. @@ -17,6 +17,6 @@ The Action Framework consists of two major Java interfaces in its API: . `ddf.action.Action` . `ddf.action.ActionProvider` -Actions:: Specific tasks that can be performed as services. +((Actions)):: Specific tasks that can be performed as services. -Action Providers:: Lists of related actions that a service is capable of performing. +((Action Providers)):: Lists of related actions that a service is capable of performing. diff --git a/distribution/docs/src/main/resources/content/_architectures/_actionFramework/action-providers.adoc b/distribution/docs/src/main/resources/content/_architectures/_actionFramework/action-providers.adoc index b49b0b521635..ea0c96a0dc98 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_actionFramework/action-providers.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_actionFramework/action-providers.adoc @@ -7,10 +7,10 @@ :summary: Action Providers. .[[_included_action_providers]]Included Action Providers -Download Resource ActionProvider:: Downloads a resource to the local product cache. -IdP Logout Action Provider:: Identity Provider Logout. -Karaf Logout Action:: Local Logout. -LDAP Logout Action:: Ldap Logout. -Overlay ActionProvider:: Provides a metacard URL that transforms the metacard into a geographically aligned image (suitable for overlaying on a map). -View Metacard ActionProvider:: Provides a URL to a metacard. -Metacard Transformer ActionProvider:: Provides a URL to a metacard that has been transformed into a specified format. +((Download Resource ActionProvider)):: Downloads a resource to the local product cache. +((IdP Logout Action Provider)):: Identity Provider Logout. +((Karaf Logout Action)):: Local Logout. +((LDAP Logout Action)):: Ldap Logout. +((Overlay ActionProvider)):: Provides a metacard URL that transforms the metacard into a geographically aligned image (suitable for overlaying on a map). +((View Metacard ActionProvider)):: Provides a URL to a metacard. +((Metacard Transformer ActionProvider)):: Provides a URL to a metacard that has been transformed into a specified format. diff --git a/distribution/docs/src/main/resources/content/_architectures/_asyncFramework/processing-framework-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_asyncFramework/processing-framework-intro.adoc index f6e0e0120450..76f83b3ecae7 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_asyncFramework/processing-framework-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_asyncFramework/processing-framework-intro.adoc @@ -10,7 +10,7 @@ This code is experimental. While this interface is functional and tested, it may change or be removed in a future version of the library. ==== -The *Asynchronous Processing Framework* is a way to run plugins asynchronously. Generally, plugins that take a significant amount of processing time and whose +The ((Asynchronous Processing Framework)) is a way to run plugins asynchronously. Generally, plugins that take a significant amount of processing time and whose results are not immediately required are good candidates for being asynchronously processed. A *Processing Framework* can either be run on the local or remote system. Once the *Processing Framework* finishes processing incoming requests, it may submit ``(Create|Update|Delete)Request``s to the Catalog. The type of plugins that a *Processing Framework* runs are the *Post-Process Plugins*. The *Post-Process Plugins* are triggered by the *Processing Post Ingest Plugin*, which is a *Post-Ingest Plugin*. *Post-Ingest Plugins* are run after the metacard @@ -19,7 +19,7 @@ has been ingested into the Catalog. This feature is uninstalled by default. [WARNING] ==== The *Processing Framework* does not support partial updates to the Catalog. This means that if any changes are made to a metacard in the Catalog between the time -asynchronous processing starts and ends, those changes will be overwritten by the *ProcessingFramework* updates sent back to the Catalog. This feature should be used with caution. +asynchronous processing starts and ends, those changes are overwritten by the *ProcessingFramework* updates sent back to the Catalog. This feature should be used with caution. ==== .Processing Framework Architecture @@ -141,7 +141,7 @@ A `ProcessRequest` contains a list of ``ProcessItem``s for the `ProcessingFramew should mark the `ProcessRequest` as already been processed, so that it does not process it again. .PostProcessPlugin -The `PostProcessPlugin` is a plugin that will be run by the `ProcessingFramework`. It is capable of processing ``ProcessCreateItem``s, ``ProcessUpdateItem``s, and ``ProcessDeleteItem``s. +The `PostProcessPlugin` is a plugin that is run by the `ProcessingFramework`. It is capable of processing ``ProcessCreateItem``s, ``ProcessUpdateItem``s, and ``ProcessDeleteItem``s. .ProcessItem [WARNING] diff --git a/distribution/docs/src/main/resources/content/_architectures/_catalogFrameworks/catalog-api.adoc b/distribution/docs/src/main/resources/content/_architectures/_catalogFrameworks/catalog-api.adoc index 570538e398cb..e44d5c5cdc41 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_catalogFrameworks/catalog-api.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_catalogFrameworks/catalog-api.adoc @@ -6,7 +6,7 @@ ==== Catalog API -The Catalog API is an OSGi bundle (`catalog-core-api`) that contains the Java interfaces for the Catalog components and implementation classes for the Catalog Framework, Operations, and Data components. +The ((Catalog API)) is an OSGi bundle (`catalog-core-api`) that contains the Java interfaces for the Catalog components and implementation classes for the Catalog Framework, Operations, and Data components. ===== Catalog API Search Interfaces @@ -14,7 +14,7 @@ The Catalog API includes two different search interfaces. ${ddf-ui} Application Search Interface:: The ${branding} Search UI application provides a graphic interface to return results and locate them on an interactive globe or map. -SSH Search Interface:: Additionally, it is possible to use a client script to remotely access ${branding} via SSH and send console commands to search and ingest data. +((SSH Search Interface)):: Additionally, it is possible to use a client script to remotely access ${branding} via SSH and send console commands to search and ingest data. ===== Catalog Search Result Objects @@ -36,8 +36,8 @@ Searching the catalog involves three basic steps: .. For contextual search, optionally set the `fuzzy` flag to `true` or `false` (the default value for the `Metadata Catalog` `fuzzy` flag is `true`, while the `portal` default value is `false`). .. For contextual search, optionally set the `caseSensitive` flag to true (the default is that `caseSensitive` flag is NOT set and queries are not case sensitive). Doing so enables case sensitive matching on the search criteria. -For example, if `caseSensitive` is set to true and the phrase is “Baghdad” then only metadata containing “Baghdad” with the same matching case will be returned. -Words such as “baghdad”, “BAGHDAD”, and “baghDad” will not be returned because they do not match the exact case of the search term. +For example, if `caseSensitive` is set to true and the phrase is “Baghdad” then only metadata containing “Baghdad” with the same matching case is returned. +Words such as “baghdad”, “BAGHDAD”, and “baghDad” are not returned because they do not match the exact case of the search term. . Issue a search. . Examine the results. @@ -76,7 +76,7 @@ There are three policies available. |=== -If no sort policy is defined for a particular search, the temporal policy will automatically be applied. +If no sort policy is defined for a particular search, the temporal policy is automatically applied. ===== Product Retrieval @@ -105,7 +105,7 @@ The Endpoint bundle contains a Web service that exposes the interface to retriev The Endpoint calls the `CatalogFramework` to execute the operations of its specification. The `CatalogFramework` relies on the Sources to execute the actual resource retrieval. Optional `PreResource` and `PostResource` Catalog Plugins may be invoked by the `CatalogFramework` to modify the resource retrieval request/response prior to the Catalog Provider processing the request and providing the response. -It is possible to retrieve resources from specific remote Sources by specifying the site name(s) in the request. +It is possible to retrieve resources from specific remote Sources by specifying the site names in the request. .Product Caching Product Caching is enabled by default. diff --git a/distribution/docs/src/main/resources/content/_architectures/_catalogFrameworks/catalog-framework-camel-component.adoc b/distribution/docs/src/main/resources/content/_architectures/_catalogFrameworks/catalog-framework-camel-component.adoc index d7a695bfc359..a23a9449f7a4 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_catalogFrameworks/catalog-framework-camel-component.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_catalogFrameworks/catalog-framework-camel-component.adoc @@ -1,11 +1,11 @@ :title: Catalog Framework Camel Component :type: catalogFramework :status: published -:summary: Supports creating, updating, and deleting metacards using the Catalog Framework from a Camel route. +:summary: Supports creating, updating, and deleting metacards using the Catalog Framework from a Camel route. :link: _catalog_framework_camel_component :order: 01 -The Catalog Framework Camel Component supports creating, updating, and deleting metacards using the Catalog Framework from a Camel route. +The ((Catalog Framework Camel Component)) supports creating, updating, and deleting metacards using the Catalog Framework from a Camel route. .URI Format ---- @@ -22,18 +22,18 @@ catalog:framework |the operation to perform using the Catalog Framework (possible values are CREATE \| UPDATE \| DELETE) |=== -===== Sending Messages to Catalog Framework Endpoint +== Sending Messages to Catalog Framework Endpoint .Catalog Framework Producer -In Producer mode, the component provides the ability to supply different inputs and have the Catalog Framework perform different operations based upon the header values.   +In Producer mode, the component provides the ability to supply different inputs and have the Catalog Framework perform different operations based upon the header values. -For the CREATE and UPDATE operation, the message body can contain a list of metacards or a single metacard object.  +For the CREATE and UPDATE operation, the message body can contain a list of metacards or a single metacard object. For the DELETE operation, the message body can contain a list of strings or a single string object. -The string objects represent the IDs of metacards to be deleted.  -The exchange's "in" message will be set with the affected metacards. -In the case of a CREATE, it will be updated with the created metacards. -In the case of the UPDATE, it will be updated with the updated metacards and with the DELETE it will contain the deleted metacards. +The string objects represent the IDs of metacards to be deleted. +The exchange's "in" message is set with the affected metacards. +In the case of a CREATE, it is updated with the created metacards. +In the case of the UPDATE, it is updated with the updated metacards and with the DELETE it contains the deleted metacards. .Catalog Framework Camel Component Operations [cols="2,2,3" options="header"] @@ -60,7 +60,7 @@ In the case of the UPDATE, it will be updated with the updated metacards and wit [NOTE] ==== If there is an exception thrown while the route is being executed, a -FrameworkProducerException will be thrown causing the route to fail +`FrameworkProducerException` is thrown causing the route to fail with a CamelExecutionException. ==== diff --git a/distribution/docs/src/main/resources/content/_architectures/_catalogFrameworks/catalog-framework-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_catalogFrameworks/catalog-framework-intro.adoc index c5afcba5d878..7b2b050fdf85 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_catalogFrameworks/catalog-framework-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_catalogFrameworks/catalog-framework-intro.adoc @@ -30,35 +30,36 @@ +------------------------------------------------------------+ .... +(((Catalog Framework))) The `CatalogFramework` is the routing mechanism between catalog components that provides integration points for the Catalog Plugins. An <<{integrating-prefix}endpoints, endpoint>> invokes the active Catalog Framework, which calls any configured <<{architecture-prefix}pre_query_plugins, Pre-query>> or <<{architecture-prefix}pre_ingest_plugins, Pre-ingest plug-ins>>. The selected <<{managing-prefix}federation_strategy, federation strategy>> calls the active <<{managing-prefix}catalog_providers, Catalog Provider>> and any connected or federated sources. Then, any Post-query or Post-ingest plug-ins are invoked. Finally, the appropriate response is returned to the calling endpoint. -The Catalog Framework wires all Catalog components together. +The Catalog Framework wires all Catalog components together. -It is responsible for routing Catalog requests and responses to the appropriate target.  +It is responsible for routing Catalog requests and responses to the appropriate target. -<<{integrating-prefix}endpoints,Endpoints>> send Catalog requests to the Catalog Framework. -The Catalog Framework then invokes <<{architecture-prefix}catalog_plugins,Catalog Plugins>>, <<{architecture-prefix}transformers,Transformers>>, and <<{architecture-prefix}resources,Resource Components>> as needed before sending requests to the intended destination, such as one or more <<{managing-prefix}connecting_to_sources,Sources>>.  +<<{integrating-prefix}endpoints,Endpoints>> send Catalog requests to the Catalog Framework. +The Catalog Framework then invokes <<{architecture-prefix}catalog_plugins,Catalog Plugins>>, <<{architecture-prefix}transformers,Transformers>>, and <<{architecture-prefix}resources,Resource Components>> as needed before sending requests to the intended destination, such as one or more <<{managing-prefix}connecting_to_sources,Sources>>. -The Catalog Framework decouples clients from service implementations and provides integration points for Catalog Plugins and convenience methods for Endpoint developers. +The Catalog Framework decouples clients from service implementations and provides integration points for Catalog Plugins and convenience methods for Endpoint developers. -=== Catalog API Design +== Catalog API Design The Catalog is composed of several components and an API that connects them together. -The Catalog API is central to ${branding}'s architectural qualities of extensibility and flexibility.  -The Catalog API consists of Java interfaces that define Catalog functionality and specify interactions between components.  +The ((Catalog API)) is central to ${branding}'s architectural qualities of extensibility and flexibility. +The Catalog API consists of Java interfaces that define Catalog functionality and specify interactions between components. These interfaces provide the ability for components to interact without a dependency on a particular underlying implementation, thus allowing the possibility of alternate implementations that can maintain interoperability and share developed components. -As such, new capabilities can be developed independently, in a modular fashion, using the Catalog API interfaces and reused by other ${branding} installations. +As such, new capabilities can be developed independently, in a modular fashion, using the Catalog API interfaces and reused by other ${branding} installations. -==== Ensuring Compatibility +=== Ensuring Compatibility -The Catalog API will evolve, but great care is taken to retain backwards compatibility with developed components. +The Catalog API evolves, but great care is taken to retain backwards compatibility with developed components. Compatibility is reflected in version numbers. -==== Catalog Framework Sequence Diagrams +=== Catalog Framework Sequence Diagrams Because the Catalog Framework plays a central role to Catalog functionality, it interacts with many different Catalog components. To illustrate these relationships, high-level sequence diagrams with notional class names are provided below. @@ -99,16 +100,16 @@ These examples are for illustrative purposes only and do not necessarily represe The Ingest Service Endpoint, the Catalog Framework, and the Catalog Provider are key components of the Reference Implementation. The Endpoint bundle implements a Web service that allows clients to create, update, and delete metacards. The Endpoint calls the `CatalogFramework` to execute the operations of its specification. -The `CatalogFramework` routes the request through optional `PreIngest` and `PostIngest` Catalog Plugins, which may modify the ingest request/response before/after the Catalog Provider executes the ingest request and provides the response.  +The `CatalogFramework` routes the request through optional `PreIngest` and `PostIngest` Catalog Plugins, which may modify the ingest request/response before/after the Catalog Provider executes the ingest request and provides the response. Note that a `CatalogProvider` must be present for any ingest requests to be successfully processed, otherwise a fault is returned. This process is similar for updating catalog entries, with update requests calling the `update(UpdateRequest)` methods on the Endpoint, `CatalogFramework`, and Catalog Provider. Similarly, for deletion of catalog entries, the delete requests call the `delete(DeleteRequest)` methods on the `Endpoint`, `CatalogFramework`, and `CatalogProvider`. -===== Error Handling +==== Error Handling -Any ingest attempts that fail inside the Catalog Framework (whether the failure comes from the Catalog Framework itself, pre-ingest plugin failures, or issues with the Catalog Provider) will be logged to a separate log file for ease of error handling. -The file is located at `${home_directory}/data/log/ingest_error.log` and will log the Metacards that fail, their ID and Title name, and the stack trace associated with their failure. +Any ingest attempts that fail inside the Catalog Framework (whether the failure comes from the Catalog Framework itself, pre-ingest plugin failures, or issues with the Catalog Provider) are logged to a separate log file for ease of error handling. +The file is located at `${home_directory}/data/log/ingest_error.log` and it logs the Metacards that fail, their ID and Title name, and the stack trace associated with their failure. By default, successful ingest attempts are not logged. However, that functionality can be achieved by setting the log level of the `ingestLogger` to DEBUG (note that enabling DEBUG can cause a non-trivial performance hit). @@ -122,7 +123,7 @@ log:set ---- ==== -===== Query +==== Query .Query Request Data Flow [ditaa,query_request,png] @@ -157,29 +158,29 @@ log:set The Query Service Endpoint, the Catalog Framework, and the `CatalogProvider` are key components for processing a query request as well. The Endpoint bundle contains a Web service that exposes the interface to query for `Metacards`. -The Endpoint calls the `CatalogFramework` to execute the operations of its specification. +The Endpoint calls the `CatalogFramework` to execute the operations of its specification. The `CatalogFramework` relies on the `CatalogProvider` to execute the actual query. -Optional PreQuery and PostQuery Catalog Plugins may be invoked by the `CatalogFramework` to modify the query request/response prior to the Catalog Provider processing the query request and providing the query response. -If a `CatalogProvider` is not configured and no other remote Sources are configured, a fault will be returned. -It is possible to have only remote Sources configured and no local `CatalogProvider` configured and be able to execute queries to specific remote Sources by specifying the site name(s) in the query request. +Optional PreQuery and PostQuery Catalog Plugins may be invoked by the `CatalogFramework` to modify the query request/response prior to the Catalog Provider processing the query request and providing the query response. +If a `CatalogProvider` is not configured, and no other remote Sources are configured, a fault is returned. +It is possible to have only remote Sources configured and no local `CatalogProvider` configured and be able to execute queries to specific remote Sources by specifying the site names in the query request. -===== Product Caching +==== Product Caching -The Catalog Framework optionally provides caching of products, so future requests to retrieve the same product will be serviced much quicker. -If caching is enabled, each time a retrieve product request is received, the Catalog Framework will look in its cache (default location `${home_directory}/data/product-cache`) to see if the product has been cached locally. +The Catalog Framework optionally provides caching of products, so future requests to retrieve the same product are serviced much quicker. +If caching is enabled, each time a retrieve product request is received, the Catalog Framework looks in its cache (default location `${home_directory}/data/product-cache`) to see if the product has been cached locally. If it has, the product is retrieved from the local site and returned to the client, providing a much quicker turnaround because remote product retrieval and network traffic was avoided. If the requested product is not in the cache, the product is retrieved from the Source (local or remote) and cached locally while returning the product to the client. The caching to a local file of the product and the streaming of the product to the client are done simultaneously so that the client does not have to wait for the caching to complete before receiving the product. -If errors are detected during the caching, caching of the product will be abandoned, and the product will be returned to the client.  +If errors are detected during the caching, caching of the product is abandoned, and the product is returned to the client. -The Catalog Framework attempts to detect any network problems during the product retrieval, e.g., long pauses where no bytes are read implying a network connection was dropped. +The Catalog Framework attempts to detect any network problems during the product retrieval, for example, long pauses where no bytes are read implying a network connection was dropped. (The amount of time defined as a "long pause" is configurable, with the default value being five seconds.) -The Catalog Framework will attempt to retrieve the product up to a configurable number of times (default = three), waiting for a configurable amount of time (default = 10 seconds) between each attempt, trying to successfully retrieve the product. +The Catalog Framework attempts to retrieve the product up to a configurable number of times (default = three), waiting for a configurable amount of time (default = 10 seconds) between each attempt, trying to successfully retrieve the product. If the Catalog Framework is unable to retrieve the product, an error message is returned to the client. -If the admin has enabled the *Always Cache When Canceled* option, caching of the product will occur even if the client cancels the product retrieval so that future requests will be serviced quickly. +If the admin has enabled the *Always Cache When Canceled* option, caching of the product occurs even if the client cancels the product retrieval so that future requests are serviced quickly. Otherwise, caching is canceled if the user cancels the product download. -===== Product Download Status +==== Product Download Status -As part of the caching of products, the Catalog Framework also posts events to the OSGi notification framework. Information includes when the product download started, whether the download is retrying or failed (after the number of retrieval attempts configured for product caching has been exhausted), and when the download completes. These events are retrieved by the Search UI and presented to the user who initiated the download. +As part of the caching of products, the Catalog Framework also posts events to the OSGi notification framework. Information includes when the product download started, whether the download is retrying or failed (after the number of retrieval attempts configured for product caching has been exhausted), and when the download completes. These events are retrieved by the Search UI and presented to the user who initiated the download. diff --git a/distribution/docs/src/main/resources/content/_architectures/_catalogFrameworks/standard-catalog-framework.adoc b/distribution/docs/src/main/resources/content/_architectures/_catalogFrameworks/standard-catalog-framework.adoc index bf4e485c8bd1..1b91d9b1bb5a 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_catalogFrameworks/standard-catalog-framework.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_catalogFrameworks/standard-catalog-framework.adoc @@ -1,16 +1,16 @@ :title: Standard Catalog Framework :type: catalogFramework :status: published -:summary: Reference implementation of a Catalog Framework that implements all requirements of the ${ddf-catalog} API. +:summary: Reference implementation of a Catalog Framework that implements all requirements of the ${ddf-catalog} API. :link: _standard_catalog_framework :order: 00 -The Standard Catalog Framework provides the reference implementation of a Catalog Framework that implements all requirements of the ${ddf-catalog} API.  -`CatalogFrameworkImpl` is the implementation of the ${branding} Standard Catalog Framework. +The ((Standard Catalog Framework)) provides the reference implementation of a Catalog Framework that implements all requirements of the ${ddf-catalog} API. +`CatalogFrameworkImpl` is the implementation of the ${branding} Standard Catalog Framework. -The Standard Catalog Framework is the core class of ${branding}. -It provides the methods for create, update, delete, and resource retrieval (CRUD) operations on the `Sources`. -By contrast, the Fanout Catalog Framework only allows for query and resource retrieval operations, no catalog modifications, and all queries are enterprise-wide. +The Standard Catalog Framework is the core class of ${branding}. +It provides the methods for create, update, delete, and resource retrieval (CRUD) operations on the `Sources`. +By contrast, the Fanout Catalog Framework only allows for query and resource retrieval operations, no catalog modifications, and all queries are enterprise-wide. Use this framework if: @@ -18,20 +18,20 @@ Use this framework if: * queries to specific sites are required. * queries to only the local provider are required. -It is possible to have only remote Sources configured with no local `CatalogProvider` configured and be able to execute queries to specific remote sources by specifying the site name(s) in the query request. +It is possible to have only remote Sources configured with no local `CatalogProvider` configured and be able to execute queries to specific remote sources by specifying the site names in the query request. -The Standard Catalog Framework also maintains a list of `ResourceReaders` for resource retrieval operations. -A resource reader is matched to the scheme (i.e., protocol, such as `file://`) in the URI of the resource specified in the request to be retrieved. +The Standard Catalog Framework also maintains a list of `ResourceReaders` for resource retrieval operations. +A resource reader is matched to the scheme (the protocol, such as `file://`) in the URI of the resource specified in the request to be retrieved. -Site information about the catalog provider and/or any federated source(s) can be retrieved using the Standard Catalog Framework. -Site information includes the source's name, version, availability, and the list of unique content types currently stored in the source (e.g., NITF). +Site information about the catalog provider and/or any federated sources can be retrieved using the Standard Catalog Framework. +Site information includes the source's name, version, availability, and the list of unique content types currently stored in the source (such as NITF). If no local catalog provider is configured, the site information returned includes site info for the catalog framework with no content types included. -===== Installing the Standard Catalog Framework +== Installing the Standard Catalog Framework -The Standard Catalog Framework is bundled as the `catalog-core-standardframework` feature and can be installed and uninstalled using the normal processes described in Configuration. +The Standard Catalog Framework is bundled as the `catalog-core-standardframework` feature and can be installed and uninstalled using the normal processes described in Configuration. -===== Configuring the Standard Catalog Framework +== Configuring the Standard Catalog Framework These are the configurable properties on the Standard Catalog Framework. @@ -141,15 +141,15 @@ See <<{reference-prefix}ddf.catalog.CatalogFrameworkImpl, Catalog Standard Frame |true |ddf.cache.CacheManager -|  +| |false |org.osgi.service.event.EventAdmin -|  +| |false |=== -===== Known Issues with Standard Catalog Framework +== Known Issues with Standard Catalog Framework None. diff --git a/distribution/docs/src/main/resources/content/_architectures/_data/data-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_data/data-intro.adoc index 4be8953088e4..a3ee7b60d3b3 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_data/data-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_data/data-intro.adoc @@ -4,7 +4,7 @@ :summary: Introduction to data and metadata sections. :order: 00 -.Catalog Architecture Diagram: Data +.Catalog Architecture Diagram Data [ditaa, catalog_architecture_data, png, ${image-width}] .... +------------------------------------------------------------+ @@ -30,17 +30,19 @@ +------------------------------------------------------------+ .... -The Catalog stores and translates Metadata, which can be transformed into many data formats, shared, and queried. -The primary form of this metadata is the metacard.  -A `Metacard` is a container for metadata.  -`CatalogProviders` accept `Metacards` as input for ingest, and `Sources` search for metadata and return matching `Results` that include `Metacards`. +The Catalog stores and translates ((Metadata)), which can be transformed into many data formats, shared, and queried. +The primary form of this metadata is the metacard. +A `Metacard` is a container for metadata. +`CatalogProviders` accept `Metacards` as input for ingest, and `Sources` search for metadata and return matching `Results` that include `Metacards`. -=== Metacards +== Metacards +(((Metacard))) A metacard is a single instance of metadata in the Catalog (an instance of a metacard type) which -generally contains general information about the resource, such as the title of the resource, the resource's geo-location, the date the resource was created and/or modified, the owner or producer, and/or the security classification.  +generally contains general information about the resource, such as the title of the resource, the resource's geo-location, the date the resource was created and/or modified, the owner or producer, and/or the security classification. -==== Metacard Type +=== Metacard Type +(((Metacard Type))) A metacard type indicates the attributes available for a particular metacard. It is a model used to define the attributes of a metacard, much like a schema. @@ -48,11 +50,11 @@ It is a model used to define the attributes of a metacard, much like a schema. A metacard type indicates the attributes available for a particular type of data. For example, an image may have different attributes than a PDF document, so each could be defined to have their own metacard type. -===== Default Metacard Type and Attributes +==== Default Metacard Type and Attributes Most metacards within the system are created using the default metacard type or a metacard type based on the default type. The default metacard type of the system can be programmatically retrieved by calling `ddf.catalog.data.impl.MetacardImpl.BASIC_METACARD`. -The name of the default `MetacardType` can be retrieved from `ddf.catalog.data.MetacardType.DEFAULT_METACARD_TYPE_NAME`. +The name of the default `MetacardType` can be retrieved from `ddf.catalog.data.MetacardType.DEFAULT_METACARD_TYPE_NAME`. The default metacard type has the following required attributes. Though the following attributes are required on all metacard types, setting their values is optional except for ID. @@ -72,53 +74,53 @@ Every <<{introduction-prefix}introduction_to_federation_and_sources,Source>> sho Other fields may or may not be applicable, but a unique ID must be returned by a source. ==== -===== Extensible Metacards +==== Extensible Metacards Metacard extensibility is achieved by creating a new `MetacardType` that supports attributes in addition to the required attributes listed above. -Required attributes must be the base of all extensible metacard types.  +Required attributes must be the base of all extensible metacard types. [WARNING] ==== Not all <<{managing-prefix}catalog_providers,Catalog Providers>> support extensible metacards. -Nevertheless, each Catalog Provider should at least have support for the default `MetacardType`; i.e., it should be able to store and query on the attributes and attribute formats specified by the default metacard type. +Nevertheless, each Catalog Provider should at least have support for the default `MetacardType`. That is, it should be able to store and query on the attributes and attribute formats specified by the default metacard type. Catalog providers are neither expected nor required to store attributes that are not in a given metacard's type. Consult the documentation of the Catalog Provider in use for more information on its support of extensible metacards. ==== -Often, the `BASIC_METACARD` `MetacardType` does not provide all the functionality or attributes necessary for a specific task. -For performance or convenience purposes, it may be necessary to create custom attributes even if others will not be aware of those attributes. -One example could be if a user wanted to optimize a search for a date field that did not fit the definition of `CREATED`, `MODIFIED`, `EXPIRATION`, or `EFFECTIVE`. -The user could create an additional `java.util.Date` attribute in order to query the attribute separately.  +Often, the `BASIC_METACARD` `MetacardType` does not provide all the functionality or attributes necessary for a specific task. +For performance or convenience purposes, it may be necessary to create custom attributes even if others are not aware of those attributes. +One example could be if a user wanted to optimize a search for a date field that did not fit the definition of `CREATED`, `MODIFIED`, `EXPIRATION`, or `EFFECTIVE`. +The user could create an additional `java.util.Date` attribute in order to query the attribute separately. -`Metacard` objects are extensible because they allow clients to store and retrieve standard and custom key/value Attributes from the `Metacard`.  -All `Metacards` must return a `MetacardType` object that includes an `AttributeDescriptor` for each `Attribute`, indicating it's key and value type. -`AttributeType` support is limited to those types defined by the Catalog. +`Metacard` objects are extensible because they allow clients to store and retrieve standard and custom key/value Attributes from the `Metacard`. +All `Metacards` must return a `MetacardType` object that includes an `AttributeDescriptor` for each `Attribute`, indicating it's key and value type. +`AttributeType` support is limited to those types defined by the Catalog. -New `MetacardType` implementations can be made by implementing the `MetacardType` interface. +New `MetacardType` implementations can be made by implementing the `MetacardType` interface. -==== Metacard Type Registry +=== Metacard Type Registry [WARNING] ==== -The `MetacardTypeRegistry` is experimental.  +The `MetacardTypeRegistry` is experimental. While this component has been tested and is functional, it may change as more information is gathered about what is needed and as it is used in more scenarios. ==== -The `MetacardTypeRegistry` allows ${branding} components, primarily catalog providers and sources, to make available the `MetacardTypes` that they support.  -It maintains a list of all supported `MetacardTypes` in the `CatalogFramework`, so that other components such as <<{integrating-prefix}endpoints,Endpoints>>, <<{architecture-prefix}types_of_plugins,Plugins>>, and <<{architecture-prefix}transformers,Transformers>> can make use of those `MetacardTypes`.  -The `MetacardType` is essential for a component in the `CatalogFramework` to understand how it should interpret a metacard by knowing what attributes are available in that metacard.  +The `MetacardTypeRegistry` allows ${branding} components, primarily catalog providers and sources, to make available the `MetacardTypes` that they support. +It maintains a list of all supported `MetacardTypes` in the `CatalogFramework`, so that other components such as <<{integrating-prefix}endpoints,Endpoints>>, <<{architecture-prefix}types_of_plugins,Plugins>>, and <<{architecture-prefix}transformers,Transformers>> can make use of those `MetacardTypes`. +The `MetacardType` is essential for a component in the `CatalogFramework` to understand how it should interpret a metacard by knowing what attributes are available in that metacard. -For example, an endpoint receiving incoming metadata can perform a lookup in the `MetacardTypeRegistry` to find a corresponding `MetacardType`.  -The discovered `MetacardType` will then be used to help the endpoint populate a metacard based on the specified attributes in the `MetacardType`.  +For example, an endpoint receiving incoming metadata can perform a lookup in the `MetacardTypeRegistry` to find a corresponding `MetacardType`. +The discovered `MetacardType` is then used to help the endpoint populate a metacard based on the specified attributes in the `MetacardType`. By doing this, all the incoming metadata elements can then be available for processing, cataloging, and searching by the rest of the `CatalogFramework`. -`MetacardTypes` should be registered with the `MetacardTypeRegistry`.  The `MetacardTypeRegistry` makes those `MetacardTypes` available to other ${branding} `CatalogFramework` components.  -Other components that need to know how to interpret metadata or metacards should look up the appropriate `MetacardType` from the registry.  -By having these `MetacardTypes` available to the `CatalogFramework`, these components can be aware of the custom attributes.  +`MetacardTypes` should be registered with the `MetacardTypeRegistry`. The `MetacardTypeRegistry` makes those `MetacardTypes` available to other ${branding} `CatalogFramework` components. +Other components that need to know how to interpret metadata or metacards should look up the appropriate `MetacardType` from the registry. +By having these `MetacardTypes` available to the `CatalogFramework`, these components can be aware of the custom attributes. -The `MetacardTypeRegistry` is accessible as an OSGi service.  +The `MetacardTypeRegistry` is accessible as an OSGi service. The following blueprint snippet shows how to inject that service into another component: .MetacardTypeRegistry Service Injection @@ -132,23 +134,23 @@ The following blueprint snippet shows how to inject that service into another co ---- -The reference to this service can then be used to register new `MetacardTypes` or to lookup existing ones.  +The reference to this service can then be used to register new `MetacardTypes` or to lookup existing ones. -Typically, new `MetacardTypes` will be registered by `CatalogProviders` or sources indicating they know how to persist, index, and query attributes from that type.  -Typically, Endpoints or `InputTransformers` will use the lookup functionality to access a `MetacardType` based on a parameter in the incoming metadata.  -Once the appropriate `MetacardType` is discovered and obtained from the registry, the component will know how to translate incoming raw metadata into a ${branding} Metacard. +New `MetacardTypes` are typically registered by `CatalogProviders` or sources indicating they know how to persist, index, and query attributes from that type. +Endpoints or `InputTransformers` typically use the lookup functionality to access a `MetacardType` based on a parameter in the incoming metadata. +Once the appropriate `MetacardType` is discovered and obtained from the registry, the component knows how to translate incoming raw metadata into a ${branding} Metacard. -==== Attributes +=== Attributes An attribute is a single field of a metacard, an instance of an attribute type. Attributes are typically indexed for searching by a source or catalog provider. -===== Attribute Types +==== Attribute Types -An attribute type indicates the attribute format of the value stored as an attribute.  +An attribute type indicates the attribute format of the value stored as an attribute. It is a model for an attribute. -====== Attribute Format +===== Attribute Format An enumeration of attribute formats are available in the catalog. Only these attribute formats may be used. @@ -197,13 +199,13 @@ Only these attribute formats may be used. |=== -====== Attribute Naming Conventions +===== Attribute Naming Conventions Catalog taxonomy elements follow the naming convention of `group-or-namespace.specific-term`, except for extension fields outside of the core taxonomy. These follow the naming convention of `ext.group-or-namespace.specific-term` and must be namespaced. Nesting is not permitted. -===== Result +==== Result A single "hit" included in a query response. @@ -213,30 +215,30 @@ A result object consists of the following: * a relevance score if included. * distance in meters if included. -==== Creating Metacards +=== Creating Metacards -The quickest way to create a `Metacard` is to extend or construct the `MetacardImpl` object.  -`MetacardImpl` is the most commonly used and extended `Metacard` implementation in the system because it provides a convenient way for developers to retrieve and set `Attributes` without having to create a new `MetacardType` (see below). -`MetacardImpl` uses `BASIC_METACARD` as its `MetacardType`.   +The quickest way to create a `Metacard` is to extend or construct the `MetacardImpl` object. +`MetacardImpl` is the most commonly used and extended `Metacard` implementation in the system because it provides a convenient way for developers to retrieve and set `Attributes` without having to create a new `MetacardType` (see below). +`MetacardImpl` uses `BASIC_METACARD` as its `MetacardType`. -===== Limitations +==== Limitations -A given developer does not have all the information necessary to programmatically interact with any arbitrary source.  -Developers hoping to query custom fields from extensible `Metacards` of other sources cannot easily accomplish that task with the current API. -A developer cannot question a source for all its _queryable_ fields. -A developer only knows about the `MetacardTypes` which that individual developer has used or created previously.  +A given developer does not have all the information necessary to programmatically interact with any arbitrary source. +Developers hoping to query custom fields from extensible `Metacards` of other sources cannot easily accomplish that task with the current API. +A developer cannot question a source for all its _queryable_ fields. +A developer only knows about the `MetacardTypes` which that individual developer has used or created previously. -The only exception to this limitation is the `Metacard.ID` field, which is required in every `Metacard` that is stored in a source. -A developer can always request `Metacards` from a source for which that developer has the `Metacard.ID` value.  -The developer could also perform a wildcard search on the `Metacard.ID` field if the source allows. +The only exception to this limitation is the `Metacard.ID` field, which is required in every `Metacard` that is stored in a source. +A developer can always request `Metacards` from a source for which that developer has the `Metacard.ID` value. +The developer could also perform a wildcard search on the `Metacard.ID` field if the source allows. -===== Processing Metacards +==== Processing Metacards -As `Metacard` objects are created, updated, and read throughout the Catalog, care should be taken by all catalog components to interrogate the `MetacardType` to ensure that additional `Attributes` are processed accordingly. +As `Metacard` objects are created, updated, and read throughout the Catalog, care should be taken by all catalog components to interrogate the `MetacardType` to ensure that additional `Attributes` are processed accordingly. -===== Basic Types +==== Basic Types -The Catalog includes definitions of several basic types all found in the `ddf.catalog.data.BasicTypes` class. +The Catalog includes definitions of several basic types all found in the `ddf.catalog.data.BasicTypes` class. .Basic Types [cols="3*", options="header"] @@ -252,50 +254,50 @@ The Catalog includes definitions of several basic types all found in the `ddf.c |`BINARY_TYPE` |AttributeType -|A Constant for an `AttributeType` with `AttributeType.AttributeFormat.BINARY`. +|A Constant for an `AttributeType` with `AttributeType.AttributeFormat.BINARY`. |`BOOLEAN_TYPE` |AttributeType -|A Constant for an `AttributeType` with `AttributeType.AttributeFormat.BOOLEAN`. +|A Constant for an `AttributeType` with `AttributeType.AttributeFormat.BOOLEAN`. |`DATE_TYPE` |AttributeType -|A Constant for an `AttributeType` with `AttributeType.AttributeFormat.DATE`. +|A Constant for an `AttributeType` with `AttributeType.AttributeFormat.DATE`. |`DOUBLE_TYPE` |AttributeType -|A Constant for an `AttributeType` with `AttributeType.AttributeFormat.DOUBLE`. +|A Constant for an `AttributeType` with `AttributeType.AttributeFormat.DOUBLE`. |`FLOAT_TYPE` |AttributeType -|A Constant for an `AttributeType` with `AttributeType.AttributeFormat.FLOAT`. +|A Constant for an `AttributeType` with `AttributeType.AttributeFormat.FLOAT`. |`GEO_TYPE` |AttributeType -|A Constant for an `AttributeType` with `AttributeType.AttributeFormat.GEOMETRY`. +|A Constant for an `AttributeType` with `AttributeType.AttributeFormat.GEOMETRY`. |`INTEGER_TYPE` |AttributeType -|A Constant for an `AttributeType` with `AttributeType.AttributeFormat.INTEGER`. +|A Constant for an `AttributeType` with `AttributeType.AttributeFormat.INTEGER`. |`LONG_TYPE` |AttributeType -|A Constant for an `AttributeType` with `AttributeType.AttributeFormat.LONG`. +|A Constant for an `AttributeType` with `AttributeType.AttributeFormat.LONG`. |`OBJECT_TYPE` |AttributeType -|A Constant for an `AttributeType` with `AttributeType.AttributeFormat.OBJECT`. +|A Constant for an `AttributeType` with `AttributeType.AttributeFormat.OBJECT`. |`SHORT_TYPE` |AttributeType -|A Constant for an `AttributeType` with `AttributeType.AttributeFormat.SHORT`. +|A Constant for an `AttributeType` with `AttributeType.AttributeFormat.SHORT`. |`STRING_TYPE` |AttributeType -|A Constant for an `AttributeType` with `AttributeType.AttributeFormat.STRING`. +|A Constant for an `AttributeType` with `AttributeType.AttributeFormat.STRING`. |`XML_TYPE` |AttributeType -|A Constant for an `AttributeType` with `AttributeType.AttributeFormat.XML`. +|A Constant for an `AttributeType` with `AttributeType.AttributeFormat.XML`. |=== diff --git a/distribution/docs/src/main/resources/content/_architectures/_eventing/eventing-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_eventing/eventing-intro.adoc index c382bcfb2d06..22c69563554e 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_eventing/eventing-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_eventing/eventing-intro.adoc @@ -31,16 +31,16 @@ +------------------------------------------------------------+ .... -The Eventing capability of the Catalog allows endpoints (and thus external users) to create a "standing query" and be notified when a matching metacard is created, updated, or deleted. +The ((Eventing)) capability of the Catalog allows endpoints (and thus external users) to create a "standing query" and be notified when a matching metacard is created, updated, or deleted. Notably, the Catalog allows event evaluation on both the previous value (if available) and new value of a Metacard when an update occurs. -Eventing allows ${branding}s to receive events on operations (e.g. create, update, delete) based on particular queries or actions. -Once subscribed, users will receive notifications of events such as update or create on any source. +Eventing allows ${branding}s to receive events on operations (such as create, update, delete) based on particular queries or actions. +Once subscribed, users receive notifications of events such as update or create on any source. -=== Eventing Components +== Eventing Components -The key components of ${branding} Eventing include: +The key components of ${branding} Eventing include: * <<{developing-prefix}developing_subscriptions,Subscription>> * <<{developing-prefix}delivery_method,Delivery Method>> diff --git a/distribution/docs/src/main/resources/content/_architectures/_operations/operations-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_operations/operations-intro.adoc index a6b486a00ec3..ae71dc0c18c1 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_operations/operations-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_operations/operations-intro.adoc @@ -30,12 +30,12 @@ +------------------------------------------------------------+ .... -The Catalog provides the capability to query, create, update, and delete metacards; retrieve resources; and retrieve information about the sources in the enterprise. +The Catalog provides the capability to query, create, update, and delete metacards; retrieve resources; and retrieve information about the sources in the enterprise. Each of these operations follow a request/response paradigm. -The request is the input to the operation and contains all of the input parameters needed by the Catalog Framework's operation to communicate with the Sources. +The request is the input to the operation and contains all of the input parameters needed by the Catalog Framework's operation to communicate with the Sources. The response is the output from the execution of the operation that is returned to the client, which contains all of the data returned by the sources. -For each operation there is an associated request/response pair, e.g., the `QueryRequest` and `QueryResponse` pair for the Catalog Framework's query operation. +For each operation there is an associated request/response pair. For example, the `QueryRequest` and `QueryResponse` pair for the Catalog Framework's query operation. All of the request and response objects are extensible in that they can contain additional key/value properties on each request/response. This allows additional capability to be added without changing the Catalog API, helping to maintain backwards compatibility. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/_plugin-template.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/_plugin-template.adoc deleted file mode 100644 index 71c10ee00f41..000000000000 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/_plugin-template.adoc +++ /dev/null @@ -1,35 +0,0 @@ -:type: plugin -:status: unpublished -:title: {plugin-name} -:link: {link} -:plugintypes: {plugintypes} -:summary: {summary} - -{description} - -===== Related Components to {plugin-name} - -Replace this sentence with links to any related components, required or optional, that affect the operation of this plugin. - -===== Installing the {plugin-name} - -The {plugin-name} {is || is not} installed by default with a standard installation in the ${app-name} application. - -If installed by default, delete this section. - -If not installed, update this section: -To install the {plugin-name} from the ${admin-console}: - -. Navigate to the *${admin-console}*. -. Select the *${ddf-catalog}* application. -. Select the *Configuration* tab. -. Select the *{plugin-name}*. - -===== Configuring the {plugin-name} - -{configuration} - -===== Usage Limitations of the {plugin-name} - -Delete header if none. - diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/access-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/access-intro.adoc index 9c4256c75760..1ec86866651a 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/access-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/access-intro.adoc @@ -6,5 +6,5 @@ :plugintypes: access :order: 03 -Access plugins are invoked directly after the <<_policy_plugins,Policy plugins>> have been successfully executed.  +((Access plugins)) are invoked directly after the <<_policy_plugins,Policy plugins>> have been successfully executed. This is an opportunity to either stop processing or modify the request/response based on policy information. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/catalog-backup-plugin.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/catalog-backup-plugin.adoc index 46b1c88cb3da..ebfcc6a5c555 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/catalog-backup-plugin.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/catalog-backup-plugin.adoc @@ -5,7 +5,7 @@ :plugintypes: postingest :summary: Enables backup of the catalog and its metacards. -The Catalog Backup Plugin is used to enable data backup of the catalog and the metacards it contains. +The ((Catalog Backup Plugin)) is used to enable data backup of the catalog and the metacards it contains. .Catalog Backup Plugin Considerations [WARNING] @@ -13,11 +13,11 @@ The Catalog Backup Plugin is used to enable data backup of the catalog and the m Using this plugin may impact performance negatively. ==== -===== Installing the Catalog Backup Plugin +== Installing the Catalog Backup Plugin The Catalog Backup Plugin is installed by default with a standard installation in the ${ddf-catalog} application. -===== Configuring the Catalog Backup Plugin +== Configuring the Catalog Backup Plugin To configure the Catalog Backup Plugin: @@ -28,7 +28,7 @@ To configure the Catalog Backup Plugin: See <<{reference-prefix}ddf.catalog.backup.CatalogBackupPlugin,Catalog Backup Plugin configurations>> for all possible configurations. -===== Usage Limitations of the Catalog Backup Plugin +== Usage Limitations of the Catalog Backup Plugin * May affect performance. * Must be installed prior to ingesting any content. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/catalog-policy-plugin.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/catalog-policy-plugin.adoc index 6d5d901a4799..072ea0a64ec7 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/catalog-policy-plugin.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/catalog-policy-plugin.adoc @@ -5,13 +5,13 @@ :plugintypes: policy :summary: Configures user attributes required for catalog operations. -The Catalog Policy Plugin configures the attributes required for users to perform Create, Read, Update, and Delete operations on the catalog. +The ((Catalog Policy Plugin)) configures the attributes required for users to perform Create, Read, Update, and Delete operations on the catalog. -===== Installing the Catalog Policy Plugin +== Installing the Catalog Policy Plugin The Catalog Policy Plugin is installed by default with a standard installation in the ${ddf-catalog} application. -===== Configuring the Catalog Policy Plugin +== Configuring the Catalog Policy Plugin To configure the Catalog Policy Plugin: diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/checksum-plugin.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/checksum-plugin.adoc index eebce2ed3bac..c80a80eafd70 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/checksum-plugin.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/checksum-plugin.adoc @@ -5,12 +5,12 @@ :plugintypes: precreatestorage,preupdatestorage :summary: Creates a unique checksum for ingested resources. -The Checksum plugin creates a unique checksum for resources input into the system to identify updated content. +The ((Checksum plugin)) creates a unique checksum for resources input into the system to identify updated content. -===== Installing the Checksum Plugin +== Installing the Checksum Plugin The Checksum is installed by default with a standard installation in the ${ddf-catalog} application. -===== Configuring the Checksum Plugin +== Configuring the Checksum Plugin The Checksum Plugin has no configurable properties. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/client-info-plugin.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/client-info-plugin.adoc index 42cd6b08c3a5..c88471728306 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/client-info-plugin.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/client-info-plugin.adoc @@ -5,17 +5,17 @@ :plugintypes: preauthorization :summary: Injects request-specific network information into a request. -The client info plugin injects request-specific network information into request properties, such as Remote IP Address, Remote Host Name, Servlet Scheme, and Servlet Context. +The ((Client Info plugin)) injects request-specific network information into request properties, such as Remote IP Address, Remote Host Name, Servlet Scheme, and Servlet Context. -===== Related Components to the Client Info Plugin +== Related Components to the Client Info Plugin * Client info filter * <<{architecture-prefix}metacard_ingest_network_plugin,Metacard Ingest Network Plugin>> -===== Installing the Client Info Plugin +== Installing the Client Info Plugin The Client Info Plugin is installed by default with a standard installation in the ${ddf-catalog} application. -===== Configuring the Client Info Plugin +== Configuring the Client Info Plugin The Client Info Plugin has no configurable properties. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/content-uri-access-plugin.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/content-uri-access-plugin.adoc index 8be332d7d77e..83ccd5b8f957 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/content-uri-access-plugin.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/content-uri-access-plugin.adoc @@ -5,12 +5,12 @@ :plugintypes: access :summary: Prevents a Metacard's resource URI from being overridden by an incoming UpdateRequest. -The Content URI Access Plugin prevents a Metacard's resource URI from being overridden by an incoming UpdateRequest. +The (((Content URI Access plugin))) prevents a Metacard's resource URI from being overridden by an incoming UpdateRequest. -===== Installing the Content URI Access Plugin +== Installing the Content URI Access Plugin The Content URI Access Plugin is installed by default with a standard installation in the ${ddf-catalog} application. -===== Configuring the Content URI Access Plugin +== Configuring the Content URI Access Plugin The Content URI Access Plugin has no configurable properties. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/event-processor.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/event-processor.adoc index 78a5559f6d2c..a7d5f905afce 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/event-processor.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/event-processor.adoc @@ -5,23 +5,23 @@ :plugintypes: postingest :summary: Creates, updates, and deletes subscriptions. -The Event Processor creates, updates, and deletes subscriptions for event notification. -These subscriptions optionally specify a filter criteria so that only events of interest to the subscriber are posted for notification. +The ((Event Processor)) creates, updates, and deletes subscriptions for event notification. +These subscriptions optionally specify a filter criteria so that only events of interest to the subscriber are posted for notification. As metacards are created, updated, and deleted, the Catalog's Event Processor is invoked (as a post-ingest plugin) for each of these events. -The Event Processor applies the filter criteria for each registered subscription to each of these ingest events to determine if they match the criteria. +The Event Processor applies the filter criteria for each registered subscription to each of these ingest events to determine if they match the criteria. For more information on creating subscriptions, see <<{integrating-prefix}creating_a_subscription,Creating a Subscription>>. -===== Installing the Event Processor +== Installing the Event Processor The Event Processor is installed by default with a standard installation in the ${ddf-catalog} application. -===== Configuring the Event Processor +== Configuring the Event Processor The Event Processor has no configurable properties. -===== Usage Limitations of the Event Processor +== Usage Limitations of the Event Processor The Standard Event processor currently broadcasts federated events and should not. It should only broadcast events that were generated locally, all other events should be dropped. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/expiration-date-plugin.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/expiration-date-plugin.adoc index 2b7d23bda25e..f782cc37e6e1 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/expiration-date-plugin.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/expiration-date-plugin.adoc @@ -5,9 +5,9 @@ :plugintypes: preingest :summary: Adds or updates expiration dates for the resource. -The Expiration Date plugin adds or updates expiration dates which can be used later for archiving old data. +The ((Expiration Date plugin)) adds or updates expiration dates which can be used later for archiving old data. -===== Installing the Expiration Date Pre-Ingest Plugin +== Installing the Expiration Date Pre-Ingest Plugin The Expiration Date Pre-Ingest Plugin is not installed by default with a standard installation. To install: @@ -17,7 +17,7 @@ To install: . Select the *Configuration* tab. . Select the *Expiration Data Pre-Ingest Plugin*. -===== Configuring the Expiration Date Pre-Ingest Plugin +== Configuring the Expiration Date Pre-Ingest Plugin To configure the Expiration Date Pre-Ingest Plugin: diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/filter-plugin.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/filter-plugin.adoc index 370b5b19f9da..567f36dfa4d1 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/filter-plugin.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/filter-plugin.adoc @@ -5,17 +5,17 @@ :plugintypes: access :summary: Performs filtering on query responses as they pass through the framework. -The Filter Plugin performs filtering on query responses as they pass through the framework. +The ((Filter Plugin)) performs filtering on query responses as they pass through the framework. Each metacard result can contain security attributes that are pulled from the metadata record after being processed by a `PolicyPlugin` that populates this attribute. The security attribute is a Map containing a set of keys that map to lists of values. The metacard is then processed by a filter plugin that creates a `KeyValueCollectionPermission` from the metacard's security attribute. This permission is then checked against the user subject to determine if the subject has the correct claims to view that metacard. The decision to filter the metacard eventually relies on the installed <<_security_pdp,Policy Decision Point>> (PDP). -The PDP that is being used returns a decision, and the metacard will either be filtered or allowed to pass through. +The PDP that is being used returns a decision, and the metacard is either filtered or allowed to pass through. How a metacard gets filtered is left up to any number of FilterStrategy implementations that might be installed. -Each FilterStrategy will return a result to the filter plugin that says whether or not it was able to process the metacard, along with the metacard or response itself. +Each `FilterStrategy` returns a result to the filter plugin that says whether or not it was able to process the metacard, along with the metacard or response itself. This allows a metacard or entire response to be partially filtered to allow some data to pass back to the requester. This could also include filtering any resources sent back to a requester. @@ -58,14 +58,14 @@ Each type of metacard must have its own `PolicyPlugin` that reads the metadata b ---- In the above example, the user's claims are represented very simply and are similar to how they would actually appear in a SAML 2 assertion. -Each of these user (or subject) claims will be converted to a `KeyValuePermission` object. -These permission objects will be implied against the permission object generated from the metacard record. +Each of these user (or subject) claims is converted to a `KeyValuePermission` object. +These permission objects are implied against the permission object generated from the metacard record. In this particular case, the metacard might be allowed if the policy is configured appropriately because all of the permissions line up correctly. -===== Installing the Filter Plugin +== Installing the Filter Plugin The Filter Plugin is installed by default with a standard installation in the ${ddf-catalog} application. -===== Configuring the Filter Plugin +== Configuring the Filter Plugin The Filter Plugin has no configurable properties. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/geocoder-plugin.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/geocoder-plugin.adoc index 0f3266b2a2d5..eebd7ec574fa 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/geocoder-plugin.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/geocoder-plugin.adoc @@ -5,9 +5,9 @@ :plugintypes: preingest :summary: Populates the `Location.COUNTRY_CODE` attribute if the Metacard has an associated location. -The GeoCoder Plugin is a pre-ingest plugin that is responsible for populating the Metacard's `Location.COUNTRY_CODE` attribute if the Metacard has an associated location. -If there is a valid country code for the Metacard, it will be in ISO 3166-1 alpha-3 format. -If the metacard's country code is already populated, the plugin will *not* override it. +The ((GeoCoder plugin)) is a pre-ingest plugin that is responsible for populating the Metacard's `Location.COUNTRY_CODE` attribute if the Metacard has an associated location. +If there is a valid country code for the Metacard, it is in ISO 3166-1 alpha-3 format. +If the metacard's country code is already populated, the plugin does *not* override it. The GeoCoder relies on either the WebService or <<{reference-prefix}offline_gazetteer_service,Offline Gazetteer>> to retrieve country code information. [WARNING] @@ -15,11 +15,11 @@ The GeoCoder relies on either the WebService or <<{reference-prefix}offline_gaze For a polygon or polygons, this plugin takes the center point of the bounding box to assign the country code. ==== -===== Installing the GeoCoder Plugin +== Installing the GeoCoder Plugin The GeoCoder Plugin is installed by default with the ${ddf-spatial} application, when the WebService or Offline Gazetteer is started. -===== Configuring the GeoCoder Plugin +== Configuring the GeoCoder Plugin To configure the GeoCoder Plugin: diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/historian-plugin.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/historian-plugin.adoc index 8ffd284e03cd..257fa26bf5e4 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/historian-plugin.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/historian-plugin.adoc @@ -5,12 +5,12 @@ :plugintypes: policy :summary: Protects metacard history from being edited by users without the history role. -The Historian Policy Plugin protects metacard history from being edited or deleted by users without the history role (a `http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role` of `system-history`). +The ((Historian Policy Plugin)) protects metacard history from being edited or deleted by users without the history role (a `http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role` of `system-history`). -===== Installing the Historian Policy Plugin +== Installing the Historian Policy Plugin The Historian is installed by default with a standard installation in the ${ddf-catalog} application. -===== Configuring the Historian Policy Plugin +== Configuring the Historian Policy Plugin The Historian Policy Plugin has no configurable properties. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/jpeg2000-thumbnail-converter.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/jpeg2000-thumbnail-converter.adoc index a181d48abfb6..bc857ecf9d60 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/jpeg2000-thumbnail-converter.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/jpeg2000-thumbnail-converter.adoc @@ -5,12 +5,12 @@ :plugintypes: postquery :summary: Creates thumbnails for jpeg2000 images. -The JPEG2000 Thumbnail converter creates thumbnails from images ingested in jpeg2000 format. +The ((JPEG2000 Thumbnail converter)) creates thumbnails from images ingested in jpeg2000 format. -===== Installing the JPEG2000 Thumbnail Converter +== Installing the JPEG2000 Thumbnail Converter The JPEG2000 Thumbnail Converter is installed by default with a standard installation in the ${ddf-catalog} application. -===== Configuring the JPEG2000 Thumbnail Converter +== Configuring the JPEG2000 Thumbnail Converter The JPEG2000 Thumbnail Converter has no configurable properties. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/metacard-attribute-plugin.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/metacard-attribute-plugin.adoc index 72b72d54e684..78ba090ba82c 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/metacard-attribute-plugin.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/metacard-attribute-plugin.adoc @@ -5,7 +5,7 @@ :plugintypes: policy :summary: Collects attributes into a security field for the metacard. -The Metacard Attribute Security Policy Plugin combines existing metacard attributes to make new attributes and adds them to the metacard. +The ((Metacard Attribute Security Policy Plugin)) combines existing metacard attributes to make new attributes and adds them to the metacard. For example, if a metacard has two attributes, `sourceattribute1` and `sourceattribute2`, the values of the two attributes could be combined into a new attribute, `destinationattribute1`. The `sourceattribute1` and `sourceattribute2` are the _source attributes_ @@ -25,7 +25,7 @@ For example, if the source attributes `sourceattribute1` and `sourceattribute2` `destinationattribute1 = MASK, VESSEL, WIRE, SACK` The other way to combine attributes is use the values common to all of the attributes. -This is called the intersection. Using our previous example, the **intersection** of +This is called the intersection. Using the previous example, the **intersection** of `sourceattribute1` and `sourceattribute2` would create the new attribute `destinationattribute1` `destinationattribute1 = MASK` @@ -36,7 +36,7 @@ The policy plugin could also be used to rename attributes. If there is only one and the combination policy is union, then the attribute's values are effectively renamed to the destination attribute. -===== Installing the Metacard Attribute Security Policy Plugin +== Installing the Metacard Attribute Security Policy Plugin The Metacard Attribute Security Policy Plugin is installed by default with a standard installation in the ${ddf-catalog} application. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/metacard-backup-filestorage.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/metacard-backup-filestorage.adoc index b52850de23c3..0c2bb4211d6e 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/metacard-backup-filestorage.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/metacard-backup-filestorage.adoc @@ -5,9 +5,9 @@ :plugintypes: postingest :summary: Stores backed-up metacards. -The Metacard Backup File Storage Provider is a storage provider that will store backed-up metacards in a specified file system location. +The ((Metacard Backup File Storage Provider)) is a storage provider that stores backed-up metacards in a specified file system location. -===== Installing the Metacard Backup File Storage Provider +== Installing the Metacard Backup File Storage Provider To install the Metacard Backup File Storage Provider @@ -16,7 +16,7 @@ To install the Metacard Backup File Storage Provider . Select the *Features* tab. . Install the `catalog-metacard-backup-filestorage` feature. -===== Configuring the Metacard Backup File Storage Provider +== Configuring the Metacard Backup File Storage Provider To configure the Metacard Backup File Storage Provider diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/metacard-backup-s3-storage.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/metacard-backup-s3-storage.adoc index b7c78dbc3c32..3d4b929bf2c7 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/metacard-backup-s3-storage.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/metacard-backup-s3-storage.adoc @@ -5,9 +5,9 @@ :plugintypes: postingest :summary: Stores backed-up metacards in a specified S3 bucket and key. -The Metacard Backup S3 Storage Provider is a storage provider that will store backed up metacards in the specified S3 bucket and key. +The ((Metacard Backup S3 Storage Provider)) is a storage provider that stores backed up metacards in the specified ((S3)) bucket and key. -===== Installing the Metacard S3 File Storage Provider +== Installing the Metacard S3 File Storage Provider To install the Metacard Backup File Storage Provider @@ -15,7 +15,7 @@ To install the Metacard Backup File Storage Provider . Select the *Features* tab. . Install the `catalog-metacard-backup-s3storage` feature. -===== Configuring the Metacard S3 File Storage Provider +== Configuring the Metacard S3 File Storage Provider To configure the Metacard Backup S3 Storage Provider: diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/metacard-groomer.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/metacard-groomer.adoc index cda425a8949d..f4aa5d03ba6c 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/metacard-groomer.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/metacard-groomer.adoc @@ -5,9 +5,9 @@ :plugintypes: preingest :summary: Modifies metacards when created or updated. -The Metacard Groomer Pre-Ingest plugin makes modifications to `CreateRequest` and `UpdateRequest` metacards. +The ((Metacard Groomer Pre-Ingest plugin)) makes modifications to `CreateRequest` and `UpdateRequest` metacards. -Use this pre-ingest plugin as a convenience to apply basic rules for your metacards.  +Use this pre-ingest plugin as a convenience to apply basic rules for your metacards. This plugin makes the following modifications when metacards are in a `CreateRequest`: @@ -19,12 +19,12 @@ This plugin makes the following modifications when metacards are in a `CreateReq In an `UpdateRequest`, the same operations are performed as a `CreateRequest`, except: -* If no value is provided for `Metacard.ID` in the new metacard, it will be set using the `UpdateRequest` ID if applicable. +* If no value is provided for `Metacard.ID` in the new metacard, it is set using the `UpdateRequest` ID if applicable. -===== Installing the Metacard Groomer +== Installing the Metacard Groomer The Metacard Groomer is included in the `catalog-core-plugins` feature. It is not recommended to uninstall this feature. -===== Configuring the Metacard Groomer +== Configuring the Metacard Groomer The Metacard Groomer has no configurable properties. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/metacard-resource-size-plugin.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/metacard-resource-size-plugin.adoc index 495dddeb2217..b2be641054f6 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/metacard-resource-size-plugin.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/metacard-resource-size-plugin.adoc @@ -5,14 +5,14 @@ :plugintypes: postquery :summary: Updates the resource size attribute of a metacard. -This post-query plugin updates the resource size attribute of each metacard in the query results if there is a cached file for the resource and it has a size greater than zero; otherwise, the resource size is unmodified and the original result is returned. +The ((Metacard Resource Size post-query plugin)) updates the resource size attribute of each metacard in the query results if there is a cached file for the resource and it has a size greater than zero; otherwise, the resource size is unmodified and the original result is returned. Use this post-query plugin as a convenience to return query results with accurate resource sizes for cached products.  -===== Installing the Metacard Resource Size Plugin +== Installing the Metacard Resource Size Plugin The Metacard Resource Size Plugin is installed by default with a standard installation. -===== Configuring the Metacard Resource Size Plugin +== Configuring the Metacard Resource Size Plugin The Metacard Resource Size Plugin has no configurable properties. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/metacard-validity-filter.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/metacard-validity-filter.adoc index 439f41493f9a..0b476de62ced 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/metacard-validity-filter.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/metacard-validity-filter.adoc @@ -5,12 +5,12 @@ :plugintypes: policy :summary: Determines whether to filter metacards with validation errors or warnings. -The Metacard Validity Filter Plugin determines whether metacards with validation errors or warnings are filtered from query results. +The ((Metacard Validity Filter Plugin)) determines whether metacards with validation errors or warnings are filtered from query results. -===== Related Components to the Metacard Validity Filter Plugin +== Related Components to the Metacard Validity Filter Plugin * <<_metacard_validity_marker,Metacard Validity Marker>>. -===== Installing the Metacard Validity Filter Plugin +== Installing the Metacard Validity Filter Plugin The Metacard Validity Filter Plugin is installed by default with a standard installation in the ${ddf-catalog} application. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/metacard-validity-marker.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/metacard-validity-marker.adoc index cbc92279978b..37ec5f9cc159 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/metacard-validity-marker.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/metacard-validity-marker.adoc @@ -5,7 +5,7 @@ :plugintypes: preingest :summary: Modifies metacards when created or ingested according to metacard validator services. -The Metacard Validity Marker Pre-Ingest plugin modifies the metacards contained in create and update requests. +The ((Metacard Validity Marker Pre-Ingest plugin)) modifies the metacards contained in create and update requests. The plugin runs each metacard in the `CreateRequest` and `UpdateRequest` against each registered `MetacardValidator` service. @@ -16,18 +16,18 @@ If an ingest did not fail, there are no errors in the ingest log, but the expect verify either that the ingested data is valid or that the <<_metacard_validity_filter_plugin,Metacard Validity Filter Plugin>> is configured to show warnings and/or errors. ==== -===== Related Components to the Metacard Validity Marker +== Related Components to the Metacard Validity Marker * <<_metacard_validity_filter_plugin,Metacard Validity Filter Plugin>>. -===== Installing Metacard Validity Marker +== Installing Metacard Validity Marker This plugin is installed by default with a standard installation in the ${ddf-catalog} application. -===== Configuring Metacard Validity Marker +== Configuring Metacard Validity Marker See <<{reference-prefix}ddf.catalog.metacard.validation.MetacardValidityMarkerPlugin,Metacard Validity Marker Plugin configurations>> for all possible configurations. -===== Using Metacard Validity Marker +== Using Metacard Validity Marker Use this pre-ingest plugin to validate metacards against metacard validators, which can check schemas, schematron, or any other logic.  diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/metacardingest-network.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/metacardingest-network.adoc index 895e65e9be2b..f7fb33cfe1f2 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/metacardingest-network.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/metacardingest-network.adoc @@ -5,19 +5,19 @@ :plugintypes: preauthorization :summary: Adds attributes for network info from ingest request. -The Metacard Ingest Network Plugin allows the conditional insertion of new attributes on metacards during ingest based on network information from the ingest request; including IP address and hostname. +The ((Metacard Ingest Network Plugin)) allows the conditional insertion of new attributes on metacards during ingest based on network information from the ingest request; including IP address and hostname. -For the extent of this section, a 'rule' will refer to a configured, single instance of this plugin. +For the extent of this section, a 'rule' refers to a configured, single instance of this plugin. -===== Related Components to the Metacard Ingest Network Plugin +== Related Components to the Metacard Ingest Network Plugin * <<_client_info_plugin,Client Info Plugin>> -===== Installing the Metacard Ingest Network Plugin +== Installing the Metacard Ingest Network Plugin The Metacard Ingest Network Plugin is installed by default during a standard installation in the ${ddf-catalog} application. -===== Configuring the Metacard Ingest Network Plugin +== Configuring the Metacard Ingest Network Plugin To configure the Metacard Ingest Network Plugin: @@ -30,10 +30,10 @@ See <<{reference-prefix}org.codice.ddf.catalog.plugin.metacard.MetacardIngestNet Multiple instances of the plugin can be configured by clicking on its configuration title within the configuration tab of the ${ddf-catalog} app. Each instance represents a conditional statement, or a 'rule', that gets evaluated for each ingest request. -For any request that meets the configured criteria of a rule, that rule will attempt to transform its list of key-value pairs to become new attributes on all metacards in that request. +For any request that meets the configured criteria of a rule, that rule attempts to transform its list of key-value pairs to become new attributes on all metacards in that request. -The rule is divided into two fields: "Criteria" and "Expected Value". -The "Criteria" field features a drop-down list containing the four elements for which equality can be tested: +The rule is divided into two fields: `"Criteria"` and `"Expected Value"`. +The `"Criteria"` field features a drop-down list containing the four elements for which equality can be tested: * IP Address of where the ingest request came from * Host Name of where the ingest request came from @@ -41,7 +41,7 @@ The "Criteria" field features a drop-down list containing the four elements for * Context Path that the ingest request arrived on, for example, _/services/catalog_ In order for a rule to evaluate to true and the attributes be applied, the value in the "Expected Value" field must be an exact match to the actual value of the selected criteria. -For example, if the selected criteria is "IP Address" with an expected value of "192.168.0.1", the rule only evaluates to true for ingest requests coming from "192.168.0.1" and nowhere else. +For example, if the selected criteria is `"IP Address"` with an expected value of `"192.168.0.1"`, the rule only evaluates to true for ingest requests coming from `"192.168.0.1"` and nowhere else. .Check for IPv6 IMPORTANT: Verify your system's IP configuration. Rules using "IP Address" may need to be written in IPv6 format. @@ -58,7 +58,7 @@ security.access-groups = SJ202, SR 101, JS2201 ---- -====== Useful Attributes +=== Useful Attributes The following table provides some useful attributes that may commonly be set by this plugin: @@ -91,8 +91,8 @@ The following table provides some useful attributes that may commonly be set by |yes |=== -===== Usage Limitations of the Metacard Ingest Network Plugin +== Usage Limitations of the Metacard Ingest Network Plugin * This plugin only works for ingest (create requests) performed over a network; data ingested via command line does not get processed by this plugin. -* Any attribute that is already set on the metacard will not be overwritten by the plugin. -* The order of execution is not guaranteed. For any rule configuration where two or more rules add different values for the same attribute, it is undefined what the final value for that attribute will be in the case where more than one of those rules evaluates to true. +* Any attribute that is already set on the metacard is not overwritten by the plugin. +* The order of execution is not guaranteed. For any rule configuration where two or more rules add different values for the same attribute, it is undetermined which provides the final value for that attribute. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/operation-plugin.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/operation-plugin.adoc index 7c098b690d0e..2d0f0a73da6c 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/operation-plugin.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/operation-plugin.adoc @@ -5,12 +5,12 @@ :plugintypes: access :summary: Validates a user or subject's security attributes. -The operation plugin validates the subject's security attributes to ensure they are adequate to perform the operation. +The ((Operation plugin)) validates the subject's security attributes to ensure they are adequate to perform the operation. -===== Installing the Operation Plugin +== Installing the Operation Plugin The Operation Plugin is installed by default with a standard installation in the ${ddf-catalog} application. -===== Configuring the Operation Plugin +== Configuring the Operation Plugin The Operation Plugin has no configurable properties. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/plugins-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/plugins-intro.adoc index d43b59e8ecba..922a9093874d 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/plugins-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/plugins-intro.adoc @@ -4,7 +4,7 @@ :plugintypes: general :order: 00 -.Catalog Architecture: Catalog Plugins +.Catalog Architecture Catalog Plugins [ditaa, catalog_architecture_plugins, png,${image-width}] .... +------------------------------------------------------------+ @@ -30,11 +30,11 @@ +------------------------------------------------------------+ .... -Plugins are additional tools to use to add additional business logic at certain points, depending on the type of plugin. +((Catalog Plugins))(((Plugins))) are additional tools to use to add additional business logic at certain points, depending on the type of plugin. -The Catalog Framework calls Catalog Plugins to process requests and responses as they enter and leave the Framework.  +The Catalog Framework calls Catalog Plugins to process requests and responses as they enter and leave the Framework. -=== Types of Plugins +== Types of Plugins Plugins can be designed to run before or after certain processes. They are often used for validation, optimization, or logging. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/point-of-contact-plugin.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/point-of-contact-plugin.adoc index 7a53ca250d1c..1a9b6b20ff9e 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/point-of-contact-plugin.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/point-of-contact-plugin.adoc @@ -5,18 +5,18 @@ :plugintypes: policy :summary: Adds a policy if Point of Contact is updated. -The Point of Contact Policy Plugin is a PreUpdate plugin that will check if the point-of-contact attribute has changed. +The ((Point of Contact Policy Plugin)) is a PreUpdate plugin that checks if the point-of-contact attribute has changed. If it does, then it adds a policy to that metacard’s policy map that cannot be implied. -This will deny such an update request, which essentially makes the point-of-contact attribute read-only. +This denies such an update request, which essentially makes the point-of-contact attribute read-only. -===== Related Components to Point of Contact Policy Plugin +== Related Components to Point of Contact Policy Plugin <<_point_of_contact_policy_plugin,Point of Contact Update Plugin>> -===== Installing the Point of Contact Policy Plugin +== Installing the Point of Contact Policy Plugin The Point of Contact Policy Plugin is installed by default with a standard installation in the ${ddf-catalog} application. -===== Configuring the Point of Contact Policy Plugin +== Configuring the Point of Contact Policy Plugin The Point of Contact Policy Plugin has no configurable properties. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/policy-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/policy-intro.adoc index 145a82bfc9f4..7811aa3f9557 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/policy-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/policy-intro.adoc @@ -6,7 +6,7 @@ :plugintypes: policy :order: 02 -Policy plugins are invoked to set up the policy for a request/response.  +((Policy plugins)) are invoked to set up the policy for a request/response. This provides an opportunity to attach custom requirements on operations or individual metacards. -All the 'requirements' from each Policy plugin will be combined into a single policy that will be included in the request/response. -Access plugins will be used to act on this combined policy. +All the 'requirements' from each Policy plugin are combined into a single policy that is included in the request/response. +Access plugins are used to act on this combined policy. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/post-federated-query-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/post-federated-query-intro.adoc index b29fcc144f8e..00bc4b9f3af4 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/post-federated-query-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/post-federated-query-intro.adoc @@ -6,7 +6,7 @@ :plugintypes: postfederatedquery :order: 0801 -Post-federated-query plugins are invoked after a federated query has been executed successfully, but before the response is returned to the endpoint.  +((Post-federated-query plugins)) are invoked after a federated query has been executed successfully, but before the response is returned to the endpoint. This is an opportunity to take any action on the query response, including but not limited to: * logging. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/post-ingest-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/post-ingest-intro.adoc index a7abd689aec3..64e0f5662778 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/post-ingest-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/post-ingest-intro.adoc @@ -6,4 +6,4 @@ :plugintypes: postingest :order: 05 -Post-ingest plugins are invoked after data has been created, updated, or deleted in a Catalog Provider. +((Post-ingest plugins)) are invoked after data has been created, updated, or deleted in a Catalog Provider. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/post-process-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/post-process-intro.adoc index eb193318a342..e3a7a88a8ee6 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/post-process-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/post-process-intro.adoc @@ -11,7 +11,7 @@ This code is experimental. While this interface is functional and tested, it may change or be removed in a future version of the library. ==== -*Post-Process Plugins* are invoked after a metacard has been created, updated, or deleted and committed to the Catalog. +((Post-Process Plugins)) are invoked after a metacard has been created, updated, or deleted and committed to the Catalog. They are the last plugins to run and are triggered by a *Post-Ingest Plugin*. Post-Process plugins are well-suited for asynchronous tasks. See the <<_asynchronous_processing_framework, Asynchronous Processing Framework>> for more information about how *Post-Process Plugins* are used. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/post-query-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/post-query-intro.adoc index 06adc8305178..b31152390139 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/post-query-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/post-query-intro.adoc @@ -6,7 +6,7 @@ :plugintypes: postquery :order: 08 -Post-query plugins are invoked after a query has been executed successfully, but before the response is returned to the endpoint.  +((Post-query plugins)) are invoked after a query has been executed successfully, but before the response is returned to the endpoint.  This is an opportunity to take any action on the query response, including but not limited to: * logging. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/post-resource-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/post-resource-intro.adoc index 8b9f2de507dc..c313af990307 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/post-resource-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/post-resource-intro.adoc @@ -6,7 +6,7 @@ :plugintypes: postresource :order: 10 -Post-resource plugins are invoked after a resource has been retrieved, but before it is returned to the endpoint.  +((Post-resource plugins)) are invoked after a resource has been retrieved, but before it is returned to the endpoint. This is an opportunity to take any action on the response, including but not limited to: * logging. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/post-update-storage-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/post-update-storage-intro.adoc index 82fa9915b3ae..62694d80c960 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/post-update-storage-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/post-update-storage-intro.adoc @@ -6,4 +6,4 @@ :plugintypes: postupdatestorage :order: 14 -Post-Update storage plugins are invoked immediately after an item is updated in the content repository. +((Post-Update storage plugins)) are invoked immediately after an item is updated in the content repository. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/postcreatestorage-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/postcreatestorage-intro.adoc index b1454a62650b..b81f1eb6b7c4 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/postcreatestorage-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/postcreatestorage-intro.adoc @@ -6,5 +6,5 @@ :plugintypes: postcreatestorage :order: 12 -Post-Create storage plugins are invoked immediately after an item is created in the content repository. +((Post-Create storage plugins)) are invoked immediately after an item is created in the content repository. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/pre-authorization-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/pre-authorization-intro.adoc index 3e0fa2631926..04d05830362f 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/pre-authorization-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/pre-authorization-intro.adoc @@ -6,7 +6,7 @@ :plugintypes: preauthorization :order: 01 -Pre-delivery plugins are invoked before any security rules are applied.  +((Pre-delivery plugins)) are invoked before any security rules are applied.  This is an opportunity to take any action before authorization, including but not limited to: * logging. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/pre-create-storage-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/pre-create-storage-intro.adoc index 681e99559a0c..1b354fb9c2ad 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/pre-create-storage-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/pre-create-storage-intro.adoc @@ -6,4 +6,4 @@ :plugintypes: precreatestorage :order: 11 -Pre-Create storage plugins are invoked immediately before an item is created in the content repository. +((Pre-Create storage plugins)) are invoked immediately before an item is created in the content repository. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/pre-delivery-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/pre-delivery-intro.adoc index a90462be292c..27b67dcfc014 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/pre-delivery-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/pre-delivery-intro.adoc @@ -6,7 +6,7 @@ :plugintypes: predelivery :order: 16 -Pre-delivery plugins are invoked before a Delivery Method is invoked on a Subscription.  +((Pre-delivery plugins)) are invoked before a Delivery Method is invoked on a Subscription. This is an opportunity to take any action before event delivery, including but not limited to: * logging. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/pre-federated-query-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/pre-federated-query-intro.adoc index 692863c23adf..899c748150ef 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/pre-federated-query-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/pre-federated-query-intro.adoc @@ -6,7 +6,7 @@ :plugintypes: prefederatedquery :order: 0701 -Pre-federated-query plugins are invoked before a federated query operation is sent to any of the Sources.  +((Pre-federated-query plugins)) are invoked before a federated query operation is sent to any of the Sources. This is an opportunity to take any action on the query, including but not limited to: * validation. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/pre-ingest-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/pre-ingest-intro.adoc index 3abb6b453c37..0dec30e7446a 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/pre-ingest-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/pre-ingest-intro.adoc @@ -6,7 +6,7 @@ :plugintypes: preingest :order: 04 -Pre-ingest plugins are invoked before an ingest operation is sent to the catalog. +((Pre-ingest plugins)) are invoked before an ingest operation is sent to the catalog. They are not run on a query. This is an opportunity to take any action on the ingest request, including but not limited to: diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/pre-query-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/pre-query-intro.adoc index 57dbd43decd9..556a99521f2e 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/pre-query-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/pre-query-intro.adoc @@ -6,7 +6,7 @@ :plugintypes: prequery :order: 07 -Pre-query plugins are invoked before a query operation is sent to any of the Sources.  +((Pre-query plugins)) are invoked before a query operation is sent to any of the Sources. This is an opportunity to take any action on the query, including but not limited to: * validation. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/pre-resource-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/pre-resource-intro.adoc index 4d8b1822cb3e..fd64abf94dae 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/pre-resource-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/pre-resource-intro.adoc @@ -6,7 +6,7 @@ :plugintypes: preresource :order: 09 -Pre-Resource plugins are invoked before a request to retrieve a resource is sent to a Source.  +((Pre-Resource plugins)) are invoked before a request to retrieve a resource is sent to a Source. This is an opportunity to take any action on the request, including but not limited to: * validation. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/pre-subscription-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/pre-subscription-intro.adoc index bbad6a9d4b2b..7810cbad5186 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/pre-subscription-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/pre-subscription-intro.adoc @@ -6,8 +6,8 @@ :plugintypes: presubscription :order: 15 -Pre-subscription plugins are invoked before a Subscription is activated by an Event Processor.  -This is an opportunity to take any action on the Subscription, including but not limited to: +((Pre-subscription plugins)) are invoked before a Subscription is activated by an Event Processor. +This is an opportunity to take any action on the Subscription, including but not limited to: * validation. * logging. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/pre-update-storage-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/pre-update-storage-intro.adoc index 97dce62732f1..f6e37dcb5a54 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/pre-update-storage-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/pre-update-storage-intro.adoc @@ -6,5 +6,5 @@ :plugintypes: preupdatestorage :order: 13 -Pre-Update storage plugins are invoked immediately before an item is updated in the content repository. +((Pre-Update storage plugins)) are invoked immediately before an item is updated in the content repository. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/processing-post-ingest-plugin.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/processing-post-ingest-plugin.adoc index 40236305e1e6..46da7cda6037 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/processing-post-ingest-plugin.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/processing-post-ingest-plugin.adoc @@ -5,16 +5,16 @@ :plugintypes: postingest :summary: Submits catalog Create, Update, or Delete requests to the Processing Framework. -The Processing Post Ingest Plugin is responsible for submitting catalog Create, Update, and Delete (CUD) requests to the <<_asynchronous_processing_framework,Processing Framework>>. +The ((Processing Post Ingest Plugin)) is responsible for submitting catalog Create, Update, and Delete (CUD) requests to the <<_asynchronous_processing_framework,Processing Framework>>. -===== Related Components to Processing Post-Ingest Plugin +== Related Components to Processing Post-Ingest Plugin None. -===== Installing the Processing Post-Ingest Plugin +== Installing the Processing Post-Ingest Plugin The Processing Post-Ingest Plugin is not installed by default with a standard installation, but is installed by default when the in-memory Processing Framework is installed. -===== Configuring the Processing Post-Ingest Plugin +== Configuring the Processing Post-Ingest Plugin The Processing Post-Ingest Plugin has no configurable properties. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/resource-uri-policy-plugin.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/resource-uri-policy-plugin.adoc index 6376961e41c8..d475a6c33340 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/resource-uri-policy-plugin.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/resource-uri-policy-plugin.adoc @@ -5,13 +5,13 @@ :plugintypes: policy :summary: Configures required user attributes for setting or altering a resource URI. -The Resource URI Policy Plugin configures the attributes required for users to set the resource URI when creating a metacard or alter the resource URI when updating an existing metacard in the catalog. +The ((Resource URI Policy Plugin)) configures the attributes required for users to set the resource URI when creating a metacard or alter the resource URI when updating an existing metacard in the catalog. -===== Installing the Resource URI Policy Plugin +== Installing the Resource URI Policy Plugin The Resource URI Policy Plugin is installed by default with a standard installation in the ${ddf-catalog} application. -===== Configuring the Resource URI Policy Plugin +== Configuring the Resource URI Policy Plugin To configure the Resource URI Policy Plugin: diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/security-audit-plugin.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/security-audit-plugin.adoc index 54f8f994c2fb..3ad3d71a79a6 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/security-audit-plugin.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/security-audit-plugin.adoc @@ -5,9 +5,9 @@ :plugintypes: access :summary: Audits specific metacard attributes. -The Security Audit Plugin is used to allow the auditing of specific metacard attributes. -Any time a metacard attribute listed in the configuration is updated, a log will be generated in the security log. +The ((Security Audit Plugin)) is used to allow the auditing of specific metacard attributes. +Any time a metacard attribute listed in the configuration is updated, a log entry is generated in the security log. -===== Installing the Security Audit Plugin +== Installing the Security Audit Plugin The Security Audit Plugin is installed by default with a standard installation in the ${ddf-catalog} application. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/security-logging-plugin.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/security-logging-plugin.adoc index 8fb256d15360..7df3fe89ecc3 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/security-logging-plugin.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/security-logging-plugin.adoc @@ -5,12 +5,12 @@ :plugintypes: preingest, postingest, prequery, postquery, prefederatedquery, postfederatedquery, preresource, postresource, precreatestorage, preupdatestorage, postcreatestorage, postupdatestorage :summary: Logs operations to the security log. -The Security Logging Plugin logs operations to the security log. +The ((Security Logging Plugin)) logs operations to the security log. -===== Installing Security Logging Plugin +== Installing Security Logging Plugin The Security Logging Plugin is installed by default in a standard installation in the ${ddf-security} application. -===== Enhancing the Security Log +== Enhancing the Security Log The security log contains attributes related to the subject acting on the system. To add additional attributes related to the subject to the logs, append the attribute's key to the comma separated values assigned to `security.logger.extra_attributes` in `/etc/custom.system.properties`. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/security-plugin.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/security-plugin.adoc index 50f70f054c56..4a134ed0d8de 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/security-plugin.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/security-plugin.adoc @@ -5,12 +5,12 @@ :plugintypes: access :summary: Identifies the subject for an operation. -The Security Plugin identifies the subject for an operation. +The ((Security Plugin)) identifies the subject for an operation. -===== Installing the Security Plugin +== Installing the Security Plugin The Security Plugin is installed by default with a standard installation in the ${ddf-catalog} application. -===== Configuring the Security Plugin +== Configuring the Security Plugin The Security Plugin has no configurable properties. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/tags-filter-plugin.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/tags-filter-plugin.adoc index 369dc52e002a..1975f6146b0d 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/tags-filter-plugin.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/tags-filter-plugin.adoc @@ -5,18 +5,18 @@ :plugintypes: prefederatedquery :summary: Updates queries without filters. -The Tags Filter Plugin updates queries without filters for tags, and adds a default tag of `resource`. -For backwards compatibility, a filter will also be added to include metacards without any tags attribute. +The ((Tags Filter Plugin)) updates queries without filters for tags, and adds a default tag of `resource`. +For backwards compatibility, a filter is also added to include metacards without any tags attribute. -===== Related Components to Tags Filter Plugin +== Related Components to Tags Filter Plugin None. -===== Installing the Tags Filter Plugin +== Installing the Tags Filter Plugin The Tags Filter Plugin is installed by default with a standard installation in the ${ddf-catalog} application. -===== Configuring the Tags Filter Plugin +== Configuring the Tags Filter Plugin The Tags Filter Plugin has no configurable properties. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/video-thumbnail-plugin.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/video-thumbnail-plugin.adoc index fcced101fb70..572d5a6b9b95 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/video-thumbnail-plugin.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/video-thumbnail-plugin.adoc @@ -5,7 +5,7 @@ :plugintypes: postcreatestorage, postupdatestorage :summary: Generates thumbnails for video files. -The Video Thumbnail Plugin provides the ability to generate thumbnails for video files stored in the Content Repository. +The ((Video Thumbnail Plugin)) provides the ability to generate thumbnails for video files stored in the Content Repository. It is an implementation of both the `PostCreateStoragePlugin` and `PostUpdateStoragePlugin` interfaces. When installed, it is invoked by the Catalog Framework immediately after a content item has been created or updated by the Storage Provider. @@ -16,11 +16,11 @@ This plugin uses a custom 32-bit LGPL build of https://ffmpeg.org/[FFmpeg] (a vi Prebuilt FFmpeg binaries are provided for Linux, Mac, and Windows only. ==== -===== Installing the Video Thumbnail Plugin +== Installing the Video Thumbnail Plugin The Video Thumbnail Plugin is installed by default with a standard installation in the ${ddf-catalog} application. -===== Configuring the Video Thumbnail Plugin +== Configuring the Video Thumbnail Plugin To configure the Video Thumbnail Plugin: diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/workspace-access-plugin.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/workspace-access-plugin.adoc index 43da20a2976d..45d9c42f188b 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/workspace-access-plugin.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/workspace-access-plugin.adoc @@ -5,18 +5,18 @@ :plugintypes: access :summary: Prevents non-owner users from changing workspace permissions. -The Workspace Access Plugin prevents non-owner users from changing workspace permissions. +The ((Workspace Access Plugin)) prevents non-owner users from changing workspace permissions. -===== Related Components to The Workspace Access Plugin +== Related Components to The Workspace Access Plugin * <<_workspace_sharing_policy_plugin,Workspace Sharing Policy Plugin>>. * <<_workspace_pre_ingest_plugin,Workspace Pre-Ingest Plugin>>. * Workspace Extension. -===== Installing the Workspace Access Plugin +== Installing the Workspace Access Plugin The Workspace Access Plugin is installed by default with a standard installation in the ${ddf-catalog} application. -===== Configuring the Workspace Access Plugin +== Configuring the Workspace Access Plugin The Workspace Access Plugin has no configurable properties. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/workspace-pre-ingest-plugin.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/workspace-pre-ingest-plugin.adoc index 8c746f66f968..7d7035de9420 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/workspace-pre-ingest-plugin.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/workspace-pre-ingest-plugin.adoc @@ -5,18 +5,18 @@ :plugintypes: preingest :summary: Verifies that a workspace has an associated email to enable sharing. -The Workspace Pre-Ingest Plugin verifies that a workspace has an associated email to enable sharing and assigns that email as "owner". +The ((Workspace Pre-Ingest Plugin)) verifies that a workspace has an associated email to enable sharing and assigns that email as `"owner"`. -===== Related Components to The Workspace Pre-Ingest Plugin +== Related Components to The Workspace Pre-Ingest Plugin * <<_workspace_sharing_policy_plugin,Workspace Sharing Policy Plugin>>. * <<_workspace_access_plugin,Workspace Access Plugin>>. * Workspace Extension. -===== Installing the Workspace Pre-Ingest Plugin +== Installing the Workspace Pre-Ingest Plugin The Workspace Pre-Ingest Plugin is installed by default with a standard installation in the ${ddf-catalog} application. -===== Configuring the Workspace Pre-Ingest Plugin +== Configuring the Workspace Pre-Ingest Plugin The Workspace Pre-Ingest Plugin has no configurable properties. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/workspace-sharing-plugin.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/workspace-sharing-plugin.adoc index 0dce04ae563f..fd0412247970 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/workspace-sharing-plugin.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/workspace-sharing-plugin.adoc @@ -5,18 +5,18 @@ :plugintypes: policy :summary: Collects attributes for a workspace to identify the appropriate policy to allow sharing. -The Workspace Sharing Policy Plugin collects attributes for a workspace to identify the appropriate policy to apply to allow sharing. +The ((Workspace Sharing Policy Plugin)) collects attributes for a workspace to identify the appropriate policy to apply to allow sharing. -===== Related Components to The Workspace Sharing Policy Plugin +== Related Components to The Workspace Sharing Policy Plugin * <<_workspace_access_plugin,Workspace Access Plugin>>. * <<_workspace_pre_ingest_plugin,Workspace Pre-Ingest Plugin>>. * Workspace Extension. -===== Installing the Workspace Sharing Policy Plugin +== Installing the Workspace Sharing Policy Plugin The Workspace Sharing Policy Plugin is installed by default with a standard installation in the ${ddf-catalog} application. -===== Configuring the Workspace Sharing Policy Plugin +== Configuring the Workspace Sharing Policy Plugin The Workspace Sharing Policy Plugin has no configurable properties. diff --git a/distribution/docs/src/main/resources/content/_architectures/_plugins/xml-attribute-plugin.adoc b/distribution/docs/src/main/resources/content/_architectures/_plugins/xml-attribute-plugin.adoc index 265000463a00..ce9f03ff106f 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_plugins/xml-attribute-plugin.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_plugins/xml-attribute-plugin.adoc @@ -5,11 +5,11 @@ :plugintypes: policy :summary: Finds security attributes contained in a metacard's metadata. -The XML Attribute Security Policy Plugin parses XML metadata contained within a metacard for security attributes on any number of XML elements in the metadata. -The configuration for the plugin contains one field for setting the XML elements that will be parsed for security attributes and the other two configurations contain the XML attributes that will be pulled off of those elements. -The *Security Attributes (union)* field will compute the union of values for each attribute defined and the *Security Attributes (intersection)* field will compute the intersection of values for each attribute defined. +The ((XML Attribute Security Policy Plugin)) parses XML metadata contained within a metacard for security attributes on any number of XML elements in the metadata. +The configuration for the plugin contains one field for setting the XML elements that are parsed for security attributes and the other two configurations contain the XML attributes that are pulled off of those elements. +The *Security Attributes (union)* field computes the union of values for each attribute defined and the *Security Attributes (intersection)* field computes the intersection of values for each attribute defined. -===== Installing the XML Attribute Security Policy Plugin +== Installing the XML Attribute Security Policy Plugin The XML Attribute Security Policy Plugin is installed by default with a standard installation in the ${ddf-security} application. diff --git a/distribution/docs/src/main/resources/content/_architectures/_queries/filter-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_queries/filter-intro.adoc index c59ec202880c..612a2ccc172c 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_queries/filter-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_queries/filter-intro.adoc @@ -6,17 +6,18 @@ :order: 00 :summary: Filters. -An OGC Filter is a http://www.opengeospatial.org/standards/filter[Open Geospatial Consortium (OGC) standard] {external-link} that describes a query expression in terms of Extensible Markup Language (XML) and key-value pairs (KVP).  +((({title}))) +An ((OGC Filter)) is a http://www.opengeospatial.org/standards/filter[Open Geospatial Consortium (OGC) standard] {external-link} that describes a query expression in terms of Extensible Markup Language (XML) and key-value pairs (KVP). The OGC Filter is used to represent a query to be sent to sources and the Catalog Provider, as well as to represent a Subscription. The OGC Filter provides support for expression processing, such as adding or dividing expressions in a query, but that is not the intended use for ${branding}. The ${ddf-catalog} Framework does not use the XML representation of the OGC Filter standard. ${branding} instead uses the Java implementation provided by http://geotools.org/[GeoTools] {external-link}. GeoTools provides Java equivalent classes for OGC Filter XML elements. -GeoTools originally provided the standard Java classes for the OGC Filter Encoding 1.0 under the package name `org.opengis.filter`. -The same package name is used today and is currently used by ${branding}.  -Java developers do not parse or view the XML representation of a Filter in ${branding}. Instead, developers use only the Java objects to complete query tasks. +GeoTools originally provided the standard Java classes for the OGC Filter Encoding 1.0 under the package name `org.opengis.filter`. +The same package name is used today and is currently used by ${branding}. +Java developers do not parse or view the XML representation of a Filter in ${branding}. Instead, developers use only the Java objects to complete query tasks. -Note that the `ddf.catalog.operation.Query` interface extends the `org.opengis.filter.Filter` interface, which means that a Query object is an OGC Java Filter with Query Options. +Note that the `ddf.catalog.operation.Query` interface extends the `org.opengis.filter.Filter` interface, which means that a Query object is an OGC Java Filter with Query Options. .A Query is an OGC Filter [source,java] diff --git a/distribution/docs/src/main/resources/content/_architectures/_queries/filterbuilder-api.adoc b/distribution/docs/src/main/resources/content/_architectures/_queries/filterbuilder-api.adoc index 45d98ac3eda0..4f8ca0913a8c 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_queries/filterbuilder-api.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_queries/filterbuilder-api.adoc @@ -5,10 +5,11 @@ :order: 00 :summary: FilterBuilder API. +((({title}))) To avoid the complexities of working with the Filter interface directly and implementing the ${branding} Profile of the Filter specification, the ${ddf-catalog} includes an API, primarily in `${ddf-branding}.filter`, to build Filters using a fluent API. To use the `FilterBuilder` API, an instance of `${ddf-branding}.filter.FilterBuilder` should be used via the OSGi registry. -Typically, this will be injected via a dependency injection framework. +Typically, this is injected via a dependency injection framework. Once an instance of `FilterBuilder` is available, methods can be called to create and combine Filters. [TIP] @@ -17,7 +18,7 @@ The fluent API is best accessed using an IDE that supports code-completion. For additional details, refer to the [Catalog API Javadoc]. ==== -==== Boolean Operators +== Boolean Operators Filters use a number of boolean operators. @@ -27,8 +28,8 @@ Filters use a number of boolean operators. `FilterBuilder.not(Filter filter)`:: creates a new Filter that requires the provided Filter must not match (Boolean NOT). -==== Attribute +== Attribute Filters can be based on specific attributes. -`FilterBuilder.attribute(String attributeName)`:: begins a fluent API for creating an Attribute-based Filter, i.e., a Filter that matches on Metacards with Attributes of a particular value. +`FilterBuilder.attribute(String attributeName)`:: begins a fluent API for creating an Attribute-based Filter, which is a Filter that matches on Metacards with Attributes of a particular value. diff --git a/distribution/docs/src/main/resources/content/_architectures/_queries/queries-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_queries/queries-intro.adoc index 0b9fd1c6e5f9..b0487d201825 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_queries/queries-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_queries/queries-intro.adoc @@ -5,14 +5,15 @@ :order: 03 :summary: Introduction to Queries. -Clients use `ddf.catalog.operation.Query` objects to describe which metacards are needed from <<{introduction-prefix}introduction_to_federation_and_sources,Sources>>.  +((({title}))) +Clients use `ddf.catalog.operation.Query` objects to describe which metacards are needed from <<{introduction-prefix}introduction_to_federation_and_sources,Sources>>. -Query objects have two major components: +Query objects have two major components: * <<{architecture-prefix}filters,Filters>> * <<{developing-prefix}query_options,Query Options>> -A Source uses the Filter criteria constraints to find the requested set of metacards within its domain of metacards. -The Query Options are used to further restrict the Filter's set of requested metacards. +A Source uses the Filter criteria constraints to find the requested set of metacards within its domain of metacards. +The Query Options are used to further restrict the Filter's set of requested metacards. diff --git a/distribution/docs/src/main/resources/content/_architectures/_resources/content-item.adoc b/distribution/docs/src/main/resources/content/_architectures/_resources/content-item.adoc index 30216006a33a..f8cb6770cd21 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_resources/content-item.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_resources/content-item.adoc @@ -6,6 +6,6 @@ :order: 00 :summary: Content Item. -ContentItem is the domain object populated by the Storage Provider that represents the information about the content to be stored or content that has been stored in the Storage Provider. -A ContentItem encapsulates the content's globally unique ID, mime type, and input stream (i.e., the actual content). -The unique ID of a ContentItem will always correspond to a Metacard ID. +((Content Item)) is the domain object populated by the Storage Provider that represents the information about the content to be stored or content that has been stored in the Storage Provider. +A `ContentItem` encapsulates the content's globally unique ID, mime type, and input stream (that is, the actual content). +The unique ID of a `ContentItem` always corresponds to a Metacard ID. diff --git a/distribution/docs/src/main/resources/content/_architectures/_resources/resource-components-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_resources/resource-components-intro.adoc index 11600fa0ca53..ebc3b721071c 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_resources/resource-components-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_resources/resource-components-intro.adoc @@ -6,7 +6,7 @@ :order: 01 :summary: Resource components. -Resource components are used when working with resources +((Resource components)) are used when working with resources A resource is a URI-addressable entity that is represented by a metacard. diff --git a/distribution/docs/src/main/resources/content/_architectures/_resources/resource-readers-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_resources/resource-readers-intro.adoc index f811ae10f180..ead097aef0fc 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_resources/resource-readers-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_resources/resource-readers-intro.adoc @@ -6,10 +6,10 @@ :order: 02 :summary: Resource Readers. -A resource reader retrieves resources associated with metacards via URIs. +A ((Resource Reader)) retrieves resources associated with metacards via URIs. Each resource reader must know how to interpret the resource's URI and how to interact with the data store to retrieve the resource. -There can be multiple resource readers in a Catalog instance. -The `Catalog Framework` selects the appropriate resource reader based on the scheme of the resource's URI.  +There can be multiple resource readers in a Catalog instance. +The `Catalog Framework` selects the appropriate resource reader based on the scheme of the resource's URI. -In order to make a resource reader available to the Catalog Framework, it must be exported to the OSGi Service Registry as a `${ddf-branding}.catalog.resource.ResourceReader`.  +In order to make a resource reader available to the Catalog Framework, it must be exported to the OSGi Service Registry as a `${ddf-branding}.catalog.resource.ResourceReader`. diff --git a/distribution/docs/src/main/resources/content/_architectures/_resources/resource-writers-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_resources/resource-writers-intro.adoc index f832eaaa1fe0..ee038ad090c9 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_resources/resource-writers-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_resources/resource-writers-intro.adoc @@ -6,7 +6,7 @@ :order: 03 :summary: Resource Writers. -A resource writer stores a resource and produces a URI that can be used for retrieval. +A ((Resource Writer)) stores a resource and produces a URI that can be used for retrieval. The resource URI uniquely locates and identifies the resource. Resource writers can interact with an underlying data store and store the resource in the proper place. Each implementation can do this differently, providing flexibility in the data stores used to persist the resources. diff --git a/distribution/docs/src/main/resources/content/_architectures/_resources/resources-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_resources/resources-intro.adoc index 5e732de754f8..a65ae0a66510 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_resources/resources-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_resources/resources-intro.adoc @@ -33,9 +33,9 @@ Resources are the data that is represented by the cataloged metadata in ${branding}. -Metacards are used to describe those resources through metadata.  -This metadata includes the time the resource was created, the location where the resource was created, etc.  -A ${branding} `Metacard` contains the `getResourceUri` method, which is used to locate and retrieve its corresponding resource. +Metacards are used to describe those resources through metadata. +This metadata includes the time the resource was created, the location where the resource was created, etc. +A ${branding} `Metacard` contains the `getResourceUri` method, which is used to locate and retrieve its corresponding resource. .Content Data Component Architecture [ditaa, content_data_components, png,${image.width}] diff --git a/distribution/docs/src/main/resources/content/_architectures/_resources/retrieving-resources-options.adoc b/distribution/docs/src/main/resources/content/_architectures/_resources/retrieving-resources-options.adoc index b5cb4fda4bcc..a32b00e9b515 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_resources/retrieving-resources-options.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_resources/retrieving-resources-options.adoc @@ -5,10 +5,10 @@ :order: 01 :summary: Retrieving Resource Options. -Options can be specified on a retrieve resource request made through any of the supporting endpoint.  -To specify an option for a retrieve resource request, the endpoint needs to first instantiate a `ResourceRequestByProductUri` or a `ResourceRequestById`.  -Both of these `ResourceRequest` implementations allow a `Map` of properties to be specified.  -Put the specified option into the `Map` under the key `RESOURCE_OPTION`.   +Options can be specified on a retrieve resource request made through any of the supporting endpoint. +To specify an option for a retrieve resource request, the endpoint needs to first instantiate a `ResourceRequestByProductUri` or a `ResourceRequestById`. +Both of these `ResourceRequest` implementations allow a `Map` of properties to be specified. +Put the specified option into the `Map` under the key `RESOURCE_OPTION`. .Retrieve Resource with Options [source,java,linenums] @@ -18,9 +18,9 @@ properties.put("RESOURCE_OPTION", "OptionA"); ResourceRequestById resourceRequest = new ResourceRequestById("0123456789abcdef0123456789abcdef", properties); ---- -Depending on the support that the `ResourceReader` or `Source` provides for options, the `properties` `Map` will be checked for the `RESOURCE_OPTION` entry.  -If that entry is found, the option will be handled.  -If the `ResourceReader` or `Source` does not support options, that entry will be ignored. +Depending on the support that the `ResourceReader` or `Source` provides for options, the `properties` `Map` is checked for the `RESOURCE_OPTION` entry. +If that entry is found, the option is handled. +If the `ResourceReader` or `Source` does not support options, that entry is ignored. -A new `ResourceReader` or `Source` implementation can be created to support options in a way that is most appropriate.  -Since the option is passed through the catalog framework as a property, the `ResourceReader` or `Source` will have access to that option as long as the endpoint supports options. +A new `ResourceReader` or `Source` implementation can be created to support options in a way that is most appropriate. +Since the option is passed through the catalog framework as a property, the `ResourceReader` or `Source` has access to that option as long as the endpoint supports options. diff --git a/distribution/docs/src/main/resources/content/_architectures/_resources/retrieving-resources.adoc b/distribution/docs/src/main/resources/content/_architectures/_resources/retrieving-resources.adoc index 4822c3d07fca..1a8de0d35d39 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_resources/retrieving-resources.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_resources/retrieving-resources.adoc @@ -39,7 +39,7 @@ As an example, one `ResourceReader` may know how to handle file-based URIs wit The `ResourceReader` or `Source` is responsible for locating the resource, reading its bytes, adding the binary data to a `Resource` implementation, then returning that `Resource` in a `ResourceResponse`.  The `ResourceReader` or `Source` is also responsible for determining the ``Resource``'s name and mime type, which it sends back in the `Resource` implementation. -===== BinaryContent +== BinaryContent `BinaryContent` is an object used as a container to store translated or transformed ${branding} components.  `Resource` extends `BinaryContent` and includes a `getName` method.  diff --git a/distribution/docs/src/main/resources/content/_architectures/_resources/storing-resources.adoc b/distribution/docs/src/main/resources/content/_architectures/_resources/storing-resources.adoc index 368adee79d6f..3dd69482fd75 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_resources/storing-resources.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_resources/storing-resources.adoc @@ -5,7 +5,7 @@ :order: 02 :summary: Storing Resources. -Resources are saved using a `ResourceWriter`.  +((Resources)) are saved using a `ResourceWriter`.  `${ddf-branding}.catalog.resource.ResourceWriter` instances can be discovered via the OSGi Service Registry. Once retrieved, the `ResourceWriter` instance provides clients with a way to store resources and get a corresponding URI that can be used to subsequently retrieve the resource via a `ResourceReader`.  Simply invoke either of the `storeResource` methods with a resource and any potential arguments. diff --git a/distribution/docs/src/main/resources/content/_architectures/_resources/url-resource-reader.adoc b/distribution/docs/src/main/resources/content/_architectures/_resources/url-resource-reader.adoc index 6ce406b839a4..f116ab0806cc 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_resources/url-resource-reader.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_resources/url-resource-reader.adoc @@ -5,22 +5,23 @@ :order: 00 :summary: URL Resource Reader. -The `URLResourceReader` is an implementation of `ResourceReader` which is included in the ${branding} Catalog.  -It obtains a resource given an http, https, or file-based URL.  -The `URLResourceReader` will connect to the provided Resource URL and read the resource's bytes into an `InputStream`.   +((({title}))) +The `URLResourceReader` is an implementation of `ResourceReader` which is included in the ${branding} Catalog. +It obtains a resource given an http, https, or file-based URL. +The `URLResourceReader` connects to the provided Resource URL and reads the resource's bytes into an `InputStream`. [WARNING] ==== When a resource linked using a file-based URL is in the product cache, the ``URLResourceReader``'s `rootResourceDirectories` is not checked when downloading. It is downloaded from the product cache which bypasses the `URLResourceReader`. -For example, if path `/my/valid/path` is configured in the ``URLResourceReader``'s `rootResourceDirectories` and one downloads the product with resource-uri `file:///my/valid/path/product.txt` and then one removes `/my/valid/path` from the ``URLResourceReader``'s `rootResourceDirectories` configuration, the product will still be accessible via the product cache. +For example, if path `/my/valid/path` is configured in the ``URLResourceReader``'s `rootResourceDirectories` and one downloads the product with resource-uri `file:///my/valid/path/product.txt` and then one removes `/my/valid/path` from the ``URLResourceReader``'s `rootResourceDirectories` configuration, the product is still accessible via the product cache. ==== -===== Installing the URL Resource Reader +== Installing the URL Resource Reader -The `URLResourceReader` is installed by default with a standard installation in the ${ddf-catalog} application. +The `URLResourceReader` is installed by default with a standard installation in the ${ddf-catalog} application. -===== Configuring Permissions for the URL Resource Reader +== Configuring Permissions for the URL Resource Reader Configuring the URL Resource Reader to retrieve files requires adding Security Manager read permission entries for the directory containing the resources. To add the correct permission entries, edit the file ${home_directory}/security/configurations.policy. In the URL Resource Reader section of the file, add two new permission for each top-level directory that the Resource Reader needs to access. The Resource Reader needs one permission to read the directory and another to read its contents. @@ -30,15 +31,17 @@ Configuring the URL Resource Reader to retrieve files requires adding Security M After adding permission entries, a system restart is required for them to take effect. ==== +---- grant codeBase "file:/org.apache.tika.core/catalog-core-urlresourcereader" { //# Add permissions here permission java.io.FilePermission "", "read"; permission java.io.FilePermission "", "read"; } +---- -Trailing slashes after have no effect on the permissions granted. For example, adding a permission for "${/}test${/}path" and "${/}test${/}path${/}" are equivalent. The recursive forms "${/}test${/}path${/}-", and "${/}test${/}path${/}${/}-" are also equivalent. +Trailing slashes after `` have no effect on the permissions granted. For example, adding a permission for `"${/}test${/}path"` and `"${/}test${/}path${/}"` are equivalent. The recursive forms `"${/}test${/}path${/}-"`, and `"${/}test${/}path${/}${/}-"` are also equivalent. -===== Configuring the URL Resource Reader +== Configuring the URL Resource Reader Configure the URL Resource Reader from the ${admin-console}. @@ -49,12 +52,12 @@ Configure the URL Resource Reader from the ${admin-console}. See <<{reference-prefix}ddf.catalog.resource.impl.URLResourceReader,URL Resource Reader configurations>> for all possible configurations. -==== Using the URL Resource Reader +== Using the URL Resource Reader -`URLResourceReader` will be used by the Catalog Framework to obtain a resource whose metacard is cataloged in the local data store. -This particular `ResourceReader` will be chosen by the `CatalogFramework` if the requested resource's URL has a protocol of `http`, `https`, or `file`.   +`URLResourceReader` is used by the Catalog Framework to obtain a resource whose metacard is cataloged in the local data store. +This particular `ResourceReader` is chosen by the `CatalogFramework` if the requested resource's URL has a protocol of `http`, `https`, or `file`. -For example, requesting a resource with the following URL will make the Catalog Framework invoke the `URLResourceReader` for retrieval. +For example, requesting a resource with the following URL makes the Catalog Framework invoke the `URLResourceReader` for retrieval. .Example [source,http] @@ -62,7 +65,7 @@ For example, requesting a resource with the following URL will make the Catalog file:///home/users/${ddf-branding}_user/data/example.txt ---- -If a resource was requested with the URL `udp://123.45.67.89:80/SampleResourceStream`, the `URLResourceReader` would _not_ be invoked. +If a resource was requested with the URL `udp://123.45.67.89:80/SampleResourceStream`, the `URLResourceReader` would _not_ be invoked. .Supported Schemes: * http diff --git a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/external-ws-s-sts-support.adoc b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/external-ws-s-sts-support.adoc index d75dcd5160ea..7502fe357ec4 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/external-ws-s-sts-support.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/external-ws-s-sts-support.adoc @@ -6,13 +6,14 @@ :order: 02 == {title} +((({title}))) This configuration works just like the STS Client Config for the internal STS, but produces standard requests instead of the custom ${branding} ones. -It supports two new auth types for the context policy manager, WSSBASIC and WSSPKI. +It supports two new auth types for the context policy manager, `WSSBASIC` and `WSSPKI`. Use these auth types when connecting to a non-${branding} STS or if ignoring realms. === Security STS Address Provider +(((Security STS Address Provider))) -This allows one to select which STS address will be used (e.g. in SOAP sources) for clients of this service. +This allows one to select which STS address is used (for example, in SOAP sources) for clients of this service. Default is off (internal). - diff --git a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/federated-identity.adoc b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/federated-identity.adoc index c9c68d453e3a..fc9eeaec2e13 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/federated-identity.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/federated-identity.adoc @@ -6,6 +6,7 @@ :summary: How a user's identity is shared with federated Sources during queries == {title} +((({title}))) Each instance of {branding} may be configured with its own security policy that determines the resources a user may access and the actions they may perform. To decide whether a given request is @@ -22,7 +23,7 @@ Sources still need to make authorization decisions. To solve this problem, {branding} uses federated identity. When performing any federated request (query, resource retrival, etc), {branding} attaches the requestor's SAML assertion to the outgoing request. The federated Source extracts the assertion and validates its signature to make sure it -was generated by a trusted entity. If so, the federated Source will construct a Subject for the +was generated by a trusted entity. If so, the federated Source constructs a Subject for the requestor and perform the request using that Subject. The Source can then make authorization decisions using the process already described. @@ -72,6 +73,6 @@ NOTE: With federated identity, results are filtered both by the federated Source {branding}. This is important as each may have different authorization policies. WARNING: Support for federated identity was added in DDF 2.8.x. Federated Sources older than this -will not perform any filtering. Instead, they will return all available results and leave filtering +do not perform any filtering. Instead, they return all available results and leave filtering up to the client. diff --git a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/guest-interceptor.adoc b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/guest-interceptor.adoc index 773a6b59140f..d52c37dba261 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/guest-interceptor.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/guest-interceptor.adoc @@ -6,8 +6,9 @@ :summary: Guest Interceptor. == {title} +((({title}))) -The goal of the `GuestInterceptor` is to allow non-secure clients (such as SOAP requests without security headers) to access secure service endpoints.  +The goal of the `GuestInterceptor` is to allow non-secure clients (such as SOAP requests without security headers) to access secure service endpoints. All requests to secure endpoints must satisfy the WS-SecurityPolicy that is included in the WSDL. @@ -27,8 +28,8 @@ Configure the Guest Interceptor from the ${admin-console}: . Select the *Configuration* tab. . Select the *Guest Claims Configuration* configuration. . Select the `+` next to Attributes to add a new attribute. -. Add any additional attributes that will apply to every user. +. Add any additional attributes that apply to every user. . Select *Save changes*. Once these configurations have been added, the GuestInterceptor is ready for use. -Both secure and non-secure requests will be accepted by all secure ${branding} service endpoints. +Both secure and non-secure requests are accepted by all secure ${branding} service endpoints. diff --git a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/realms.adoc b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/realms.adoc index b975110a2f4b..fb9d9cce409e 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/realms.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/realms.adoc @@ -6,6 +6,7 @@ :summary: Shiro realms. == {title} +((({title})))(((Apache Shiro))) ${branding} uses https://shiro.org[Apache Shiro] {external-link} for the concept of https://shiro.apache.org/realm.html[Realms] {external-link} for Authentication and Authorization. Realms are components that access security data such as such as users or permissions. @@ -63,7 +64,7 @@ If no credentials are found, it supports the acquisition of basic credentials on |org.codice.ddf.security.handler.pki.PKIHandler |Handler for PKI based authentication. -X509 chain will be extracted from the HTTP request. +X509 chain is extracted from the HTTP request. |org.codice.security.idp.client.IdpHandler |Handler for IdP/SAML based authentication. @@ -91,7 +92,7 @@ Does not support the acquisition of credentials. |ddf.security.pdp.realm.AuthZRealm |This realm performs the authorization decision and may or may not delegate out to the external XACML processing engine. It uses the incoming permissions to create a decision. -However, it is possible to extend this realm using the ddf.security.policy.extension.PolicyExtension interface. +However, it is possible to extend this realm using the `ddf.security.policy.extension.PolicyExtension interface`. This interface allows an integrator to add additional policy information to the PDP that can't be covered via its generic matching policies. This approach is often easier to configure for those that are not familiar with XACML. @@ -104,5 +105,5 @@ This approach is often easier to configure for those that are not familiar with ==== An update was made to the IdpHandler to pass SAML assertions through the Authorization HTTP header. Cookies _are_ still accepted and processed to maintain legacy federation compatibility, but assertions are sent in the header on outbound requests. -While a machine's identity will still federate between versions, a user's identity will ONLY be federated when a ${branding} version 2.7.x server communicates with a ${branding} version 2.8.x+ server, or between two servers whose versions are 2.8.x or higher. +While a machine's identity still federates between versions, a user's identity is ONLY federated when a ${branding} version 2.7.x server communicates with a ${branding} version 2.8.x+ server, or between two servers whose versions are 2.8.x or higher. ==== diff --git a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-core-api.adoc b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-core-api.adoc index 64933afc0a6c..7b3d21b9e7e7 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-core-api.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-core-api.adoc @@ -6,6 +6,7 @@ :summary: Security Core API. == {title} +((({title}))) The Security Core API contains all of the ${branding} APIs that are used to perform security operations within ${branding}. diff --git a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-core-commons.adoc b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-core-commons.adoc index 85489b720717..94c470623ba4 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-core-commons.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-core-commons.adoc @@ -6,8 +6,9 @@ :summary: Security Core commons. == {title} +((({title}))) -The Security Core Services bundle contains services that are used within ${branding} to help with performing common security operations. +The ((Security Core Services)) bundle contains services that are used within ${branding} to help with performing common security operations. Most notably, this bundle contains the `ddf.security.audit.SecurityLogger` class that performs the security audit logging within ${branding}. === Configuring the Security Core Commons diff --git a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-core-implementation.adoc b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-core-implementation.adoc index 9ccf46e4516c..0e093b383e3d 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-core-implementation.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-core-implementation.adoc @@ -7,12 +7,12 @@ == {title} -The Security Core Implementation contains the reference implementations for the Security Core API interfaces that come with the ${branding} distribution. +The Security Core Implementation contains the reference implementations for the Security Core API interfaces that come with the ${branding} distribution. === Installing the Security Core Implementation The Security Core app installs this bundle by default. -It is recommended to use this bundle as it contains the reference implementations for many classes used within the ${ddf-security} Framework. +It is *recommended* to use this bundle as it contains the reference implementations for many classes used within the ${ddf-security} Framework. === Configuring the Security Core Implementation diff --git a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-core-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-core-intro.adoc index e5d5af78d312..fd0614aeb918 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-core-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-core-intro.adoc @@ -7,4 +7,4 @@ == {title} -The Security Core application contains all of the necessary components that are used to perform security operations (authentication, authorization, and auditing) required in the framework. +The (((Security Core application))) contains all of the necessary components that are used to perform security operations (authentication, authorization, and auditing) required in the framework. diff --git a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-encryption-api.adoc b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-encryption-api.adoc index 40928392d700..955b2cbef9d7 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-encryption-api.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-encryption-api.adoc @@ -6,6 +6,7 @@ :summary: Security Encryption API. == {title} +((({title}))) The Security Encryption API bundle provides the framework for the encryption service. Applications that use the encryption service should use the interfaces defined within it instead of calling an implementation directly. diff --git a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-encryption-commands.adoc b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-encryption-commands.adoc index 81146a703fa3..c1e406395cd7 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-encryption-commands.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-encryption-commands.adoc @@ -6,6 +6,7 @@ :summary: Security Encryption commands. == {title} +((({title}))) The Security Encryption Commands bundle enhances the ${branding} system console by allowing administrators and integrators to encrypt and decrypt values directly from the console. @@ -13,7 +14,7 @@ The `security:encrypt` command allows plain text to be encrypted using AES for e It uses randomly generated keys and associated data that are created when the system is installed, and can be found in the `${home_directory}/etc/keysets` directory. This is useful when displaying password fields in a GUI. -Below is an example of the security:encrypt command used to encrypt the plain text "myPasswordToEncrypt". +Below is an example of the `security:encrypt` command used to encrypt the plain text `"myPasswordToEncrypt"`. The output, `bR9mJpDVo8bTRwqGwIFxHJ5yFJzatKwjXjIo/8USWm8=`, is the encrypted value. [source%nowrap.java] @@ -27,7 +28,7 @@ bR9mJpDVo8bTRwqGwIFxHJ5yFJzatKwjXjIo/8USWm8= This bundle is installed by default with the `security-encryption` feature. This bundle is tied specifically to the ${branding} console and can be uninstalled if not needed. -When uninstalled, however, administrators will not be able to encrypt and decrypt data from the console. +When uninstalled, however, administrators are not able to encrypt and decrypt data from the console. === Configuring the Security Encryption Commands diff --git a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-encryption-impl.adoc b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-encryption-impl.adoc index 94c0259f7296..990b1dffe6cc 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-encryption-impl.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-encryption-impl.adoc @@ -6,6 +6,7 @@ :summary: Security Encryption implementation. == {title} +((({title}))) The Security Encryption Implementation bundle contains all of the service implementations for the Encryption Framework and exports those implementations as services to the OSGi service registry. diff --git a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-encryption-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-encryption-intro.adoc index bc2dbde2271c..18951963a5ec 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-encryption-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-encryption-intro.adoc @@ -8,7 +8,7 @@ == {title} -The ${ddf-security} Encryption application offers an encryption framework and service implementation for other applications to use. +The ((${ddf-security} Encryption application)) offers an encryption framework and service implementation for other applications to use. This service is commonly used to encrypt and decrypt default passwords that are located within the metatype and ${admin-console}. The encryption service and encryption command, which are based on https://github.com/google/tink/wiki[tink] {external-link}, provide an easy way for developers to add encryption capabilities to ${branding}. diff --git a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-expansion-service.adoc b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-expansion-service.adoc index 50ec239a7e26..cd9e86e9a06c 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-expansion-service.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-expansion-service.adoc @@ -7,7 +7,7 @@ == {title} -The Expansion Service and its corresponding expansion-related commands provide an easy way for developers to add expansion capabilities to ${branding} during user attribute and metadata card processing. +The ((Expansion Service)) and its corresponding expansion-related commands provide an easy way for developers to add expansion capabilities to ${branding} during user attribute and metadata card processing. In addition to these two defined uses of the expansion service, developers are free to utilize the service in their own implementations. .Expansion Service Rulesets @@ -45,7 +45,7 @@ The result is returned to the caller. |=== .Included Expansions -Note that the rules listed for each key are processed in order, so they may build upon each other, i.e., a new value from the new replacement string may be expanded by a subsequent rule. +Note that the rules listed for each key are processed in order, so they may build upon each other. That is, a new value from the new replacement string may be expanded by a subsequent rule. In the example `Location:Goodyear` would expand to `Goodyear AZ USA` and `Title:VP-Sales` would expand to `VP-Sales VP Sales`. To use the expansion service, modify the following two files within the `${home_directory}/etc/pdp` directory: @@ -81,7 +81,7 @@ The examples below use the following collection of rulesets: |=== -It is expected that multiple instances of the expansion service will be running at the same time. +It is expected that multiple instances of the expansion service are running at the same time. Each instance of the service defines a unique property that is useful for retrieving specific instances of the expansion service. There are two pre-defined instances used by ${ddf-branding}: one for expanding user attributes and one for metacard attributes. diff --git a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-filtering.adoc b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-filtering.adoc index f87242cbba5c..a15c9b60178d 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-filtering.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-filtering.adoc @@ -8,18 +8,19 @@ == {title} -Metacard filtering is performed by the <<{developing-prefix}filter_plugin,Filter Plugin>> after a query has been performed, but before the results are returned to the requestor. +((Metacard filtering)) is performed by the <<{developing-prefix}filter_plugin,Filter Plugin>> after a query has been performed, but before the results are returned to the requestor. -Each metacard result will contain security attributes that are populated by the CatalogFramework based on the PolicyPlugins (Not provided! You must create your own plugin for your specific metadata!) that populates this attribute. +Each metacard result contains security attributes that are populated by the +CatalogFramework based on the PolicyPlugins that populates this attribute. (These plugins are NOT provided by default. You must create your own plugin for your specific metadata) The security attribute is a HashMap containing a set of keys that map to lists of values. The metacard is then processed by a filter plugin that creates a `KeyValueCollectionPermission` from the metacard's security attribute. This permission is then checked against the user subject to determine if the subject has the correct claims to view that metacard. The decision to filter the metacard eventually relies on the PDP (`feature:install security-pdp-authz`). -The PDP returns a decision, and the metacard will either be filtered or allowed to pass through. +The PDP returns a decision, and the metacard is either filtered or allowed to pass through. The security attributes populated on the metacard are completely dependent on the type of the metacard. Each type of metacard must have its own PolicyPlugin that reads the metadata being returned and returns the metacard's security attribute. -If the subject permissions are missing during filtering, all resources will be filtered. +If the subject permissions are missing during filtering, all resources are filtered. .Example (represented as simple XML for ease of understanding): [source,xml,linenums] @@ -57,8 +58,8 @@ If the subject permissions are missing during filtering, all resources will be f ---- In the above example, the user's claims are represented very simply and are similar to how they would actually appear in a SAML 2 assertion. -Each of these user (or subject) claims will be converted to a KeyValuePermission object. -These permission objects will be implied against the permission object generated from the metacard record. +Each of these user (or subject) claims are converted to a `KeyValuePermission` object. +These permission objects are implied against the permission object generated from the metacard record. In this particular case, the metacard might be allowed if the policy is configured appropriately because all of the permissions line up correctly. To enable filtering on a new type of record, implement a PolicyPlugin that is able to read the string metadata contained within the metacard record. diff --git a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-framework-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-framework-intro.adoc index 22df69bcbafc..0d732fbd95ea 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-framework-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-framework-intro.adoc @@ -5,6 +5,7 @@ :summary: Introduction to Security Framework. == {title} +((({title}))) The ${branding} Security Framework utilizes http://shiro.apache.org/[Apache Shiro] as the underlying security framework. -The classes mentioned in this section will have their full package name listed, to make it easy to tell which classes come with the core Shiro framework and which are added by ${branding}. +The classes mentioned in this section have their full package name listed, to make it easy to tell which classes come with the core Shiro framework and which are added by ${branding}. diff --git a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-ldap-embedded-server.adoc b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-ldap-embedded-server.adoc index 0e6831b2c2a4..be79f65b4b03 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-ldap-embedded-server.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-ldap-embedded-server.adoc @@ -6,6 +6,7 @@ :summary: Embedded LDAP server. == {title} +((({title}))) ${branding} includes an embedded LDAP server (OpenDJ) for testing and demonstration purposes. @@ -39,17 +40,17 @@ Configure the Embedded LDAP from the ${admin-console}: |Description |LDAP Port -|Sets the port for LDAP (plaintext and startTLS). 0 will disable the port. +|Sets the port for LDAP (plaintext and startTLS). 0 disables the port. |LDAPS Port -|Sets the port for LDAPS. 0 will disable the port. +|Sets the port for LDAPS. 0 disables the port. |Base LDIF File |Location on the server for a LDIF file. -This file will be loaded into the LDAP and overwrite any existing entries. +This file is loaded into the LDAP and overwrites any existing entries. This option should be used when updating the default groups/users with a new LDIF file for testing. The LDIF file being loaded may contain any LDAP entries (schemas, users, groups, etc.). -If the location is left blank, the default base LDIF file will be used that comes with ${branding}. +If the location is left blank, the default base LDIF file included with ${branding} is used. |=== @@ -98,7 +99,7 @@ The Embedded LDAP application contains an LDAP server (OpenDJ version 2.6.2) tha |`testuser2` |`password2` -|  +| |General test user for authentication |`nromanova` @@ -228,19 +229,19 @@ The default schemas loaded into the LDAP instance are the same defaults that com === Starting and Stopping the Embedded LDAP -The embedded LDAP application installs a feature with the name `ldap-embedded`. -Installing and uninstalling this feature will start and stop the embedded LDAP server. -This will also install a fresh instance of the server each time. +The embedded LDAP application installs a feature with the name `ldap-embedded`. +Installing and uninstalling this feature starts and stops the embedded LDAP server. +This also installs a fresh instance of the server each time. If changes need to persist, stop then start the `embedded-ldap-opendj` bundle (rather than installing/uninstalling the feature). All settings, configurations, and changes made to the embedded LDAP instances are persisted across ${branding} restarts. -If ${branding} is stopped while the LDAP feature is installed and started, it will automatically restart with the saved settings on the next ${branding} start. +If ${branding} is stopped while the LDAP feature is installed and started, it automatically restarts with the saved settings on the next ${branding} start. === Limitations of the Embedded LDAP Current limitations for the embedded LDAP instances include: -* Inability to store the LDAP files/storage outside of the ${branding} installation directory. This results in any LDAP data (i.e., LDAP user information) being lost when the `ldap-embedded` feature is uninstalled. +* Inability to store the LDAP files/storage outside of the ${branding} installation directory. This results in any LDAP data (that is, LDAP user information) being lost when the `ldap-embedded` feature is uninstalled. * Cannot be run standalone from ${branding}. In order to run `embedded-ldap`, the ${branding} must be started. === External Links for the Embedded LDAP @@ -259,11 +260,11 @@ Download https://backstage.forgerock.com/downloads/OpenDJ/OpenDJ%20Enterprise/2. === Using the Admin Tools -The admin tools are located in `/bat` for Windows and `/bin` for `*nix`.  +The admin tools are located in `/bat` for Windows and `/bin` for `*nix`. These tools can be used to administer both local and remote LDAP servers by setting the *host* and *port* parameters appropriately. -In this example, the user *Bruce Banner (uid=bbanner)* is disabled using the *manage-account* command on Windows. +In this example, the user *Bruce Banner (uid=bbanner)* is disabled using the *manage-account* command on Windows. Run *manage-account --help* for usage instructions. .Example Commands for Disabling/Enabling a User's Account @@ -328,7 +329,7 @@ Account Is Disabled: false ---- -Notice `Account Is Disabled: false` in the listing. +Notice `Account Is Disabled: false` in the listing. .Verifying an Account is Enabled ---- diff --git a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-ldap-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-ldap-intro.adoc index 6f54261c73a4..743d44b9b190 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-ldap-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-ldap-intro.adoc @@ -7,6 +7,7 @@ :summary: Security LDAP application. == {title} +((({title}))) -The ${ddf-branding} LDAP application allows the user to configure either an embedded or a standalone LDAP server. +The ${ddf-security} LDAP application allows the user to configure either an embedded or a standalone LDAP server. The provided features contain a default set of schemas and users loaded to help facilitate authentication and authorization testing. diff --git a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-manager.adoc b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-manager.adoc index 3528863640ca..09d40038a987 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-manager.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-manager.adoc @@ -6,6 +6,7 @@ :summary: Security Manager. == {title} +((({title}))) `ddf.security.service.SecurityManager` diff --git a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-pdp-authz-realm.adoc b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-pdp-authz-realm.adoc index 8fb097353a91..0394a06d8787 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-pdp-authz-realm.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-pdp-authz-realm.adoc @@ -6,17 +6,18 @@ :summary: Security PDP AuthZ Realm. == {title} +((({title}))) The ${ddf-security} PDP AuthZ Realm exposes a realm service that makes decisions on authorization requests using the attributes stored within the metacard to determine if access should be granted. -This realm can use XACML and will delegate decisions to an external processing engine if internal processing fails. +This realm can use XACML and delegates decisions to an external processing engine if internal processing fails. Decisions are first made based on the "match-all" and "match-one" logic. -Any attributes listed in the "match-all" or "match-one" sections will not be passed to the XACML processing engine and they will be matched internally. +Any attributes listed in the "match-all" or "match-one" sections are not passed to the XACML processing engine and they are matched internally. It is recommended to list as many attributes as possible in these sections to avoid going out to the XACML processing engine for performance reasons. If it is desired that all decisions be passed to the XACML processing engine, remove all of the "match-all" and "match-one" configurations. The configuration below provides the mapping between user attributes and the attributes being asserted - one map exists for each type of mapping (each map may contain multiple values). -Match-All Mapping:: This mapping is used to guarantee that all values present in the specified metacard attribute exist in the corresponding user attribute. -Match-One Mapping:: This mapping is used to guarantee that at least one of the values present in the specified metacard attribute exists in the corresponding user attribute. +((Match-All Mapping)):: This mapping is used to guarantee that all values present in the specified metacard attribute exist in the corresponding user attribute. +((Match-One Mapping)):: This mapping is used to guarantee that at least one of the values present in the specified metacard attribute exists in the corresponding user attribute. === Configuring the Security PDP AuthZ Realm diff --git a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-pdp-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-pdp-intro.adoc index 4d611244c07e..5f8360d07826 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-pdp-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-pdp-intro.adoc @@ -7,7 +7,8 @@ :summary: Security PDP application. == {title} +((({title}))) -The ${ddf-security} Policy Decision Point (PDP) module contains services that are able to perform authorization decisions based on configurations and policies. +The ((${ddf-security} Policy Decision Point))(((PDP))) (PDP) module contains services that are able to perform authorization decisions based on configurations and policies. In the ${ddf-security} Framework, these components are called realms, and they implement the `org.apache.shiro.realm.Realm` and `org.apache.shiro.authz.Authorizer` interfaces. -Although these components perform decisions on access control, enforcement of this decision is performed by components within the notional PEP application. +Although these components perform decisions on access control, enforcement of this decision is performed by components within the notional PEP application. diff --git a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-pep-interceptor.adoc b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-pep-interceptor.adoc index 1b49164658dd..2ecdc0694028 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-pep-interceptor.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-pep-interceptor.adoc @@ -7,7 +7,7 @@ == {title} -The Security PEP Interceptor bundle contains the `ddf.security.pep.interceptor.PEPAuthorizingInterceptor` class. +The ((Security PEP Interceptor)) bundle contains the `ddf.security.pep.interceptor.PEPAuthorizingInterceptor` class. This class uses CXF to intercept incoming SOAP messages and enforces service authorization policies by sending the service request to the security framework. === Installing the Security PEP Interceptor diff --git a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-pep-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-pep-intro.adoc index 9bf4baf1d68f..57d168cbe5f5 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-pep-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-pep-intro.adoc @@ -7,5 +7,6 @@ :summary: Security PEP. == {title} +((({title}))) -The ${ddf-security} Policy Enforcement Point (PEP) application contains bundles that allow for policies to be enforced at various parts of the system, for example: to reach contexts, view metacards, access catalog operations, and others. +The ((${ddf-security} Policy Enforcement Point))(((PEP))) (PEP) application contains bundles that allow for policies to be enforced at various parts of the system, for example: to reach contexts, view metacards, access catalog operations, and others. diff --git a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-rest-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-rest-intro.adoc index dcf86e3fedf2..8920dae5a8fb 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-rest-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-rest-intro.adoc @@ -58,22 +58,22 @@ +---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ .... -The Jetty Authenticator is the topmost handler of all requests. +The ((Jetty Authenticator)) is the topmost handler of all requests. It initializes all Security Filters and runs them in order according to service ranking: . The *Web SSO Filter* reads from the web context policy manager and functions as the first decision point. If the request is from a whitelisted context, no further authentication is needed and the request skips through the rest of the security filters to the desired endpoint. -If the context is not on the whitelist, the filter will first attempt to pull authentication information off of the session. -If authentication information cannot be found on the session, the filter will then attempt to get an authentication handler for the context. +If the context is not on the whitelist, the filter first attempts to pull authentication information off of the session. +If authentication information cannot be found on the session, the filter then attempts to get an authentication handler for the context. The filter loops through all configured context handlers until one signals that it has found authentication information that it can use to build a token. This configuration can be changed by modifying the web context policy manager configuration. -If unable to resolve the context, the filter will return an authentication error and the process stops. +If unable to resolve the context, the filter returns an authentication error and the process stops. If a handler is successfully found, an auth token is assigned and the request continues to the login filter. . The *Login Filter* receives an authentication token and returns a subject. To retrieve the subject, the authentication token is sent through Shiro to the configured authenticating realms. -The realms will take the authentication token and attempt to return authentication info to the Shiro framework in order to put together a subject. +The realms takes the authentication token and attempts to return authentication info to the Shiro framework in order to put together a subject. . If the Subject is returned, the request moves to the *AuthZ Filter* to check permissions on the user. If the user has the correct permissions to access that web context, the request can hit the endpoint. @@ -117,14 +117,14 @@ SAML IdP Architecture .... -The SAML Handler is a configured handler on the Web SSO Filter just like the other handlers in the previous diagram. -The SAML Handler and the Assertion Consumer Service are both part of the IdP client that can be used to interface with any compliant SAML 2.0 Web SSO Identity Provider. +The ((SAML Handler)) is a configured handler on the Web SSO Filter just like the other handlers in the previous diagram. +The SAML Handler and the ((Assertion Consumer Service)) are both part of the IdP client that can be used to interface with any compliant SAML 2.0 Web SSO Identity Provider. -The Metadata Exchange happens asynchronously from any login event. +The ((Metadata Exchange)) happens asynchronously from any login event. The exchange can happen via HTTP or File, or the metadata XML itself can be pasted into the configuration for the SAML client. The metadata contains information about what bindings are accepted by the client or server and whether or not either expects messages to be signed, etc. -The redirect from the Assertion Consumer Service to the Endpoint will cause the client to pass back through the entire filter chain, which will get caught at the `Has Session` point of the `WebSsoFilter`. -The request will proceed through the rest of the filters as any other connection would in the previous diagram. +The redirect from the Assertion Consumer Service to the Endpoint causes the client to pass back through the entire filter chain, which gets caught at the `Has Session` point of the `WebSsoFilter`. +The request proceeds through the rest of the filters as any other connection would in the previous diagram. Unauthenticated non-browser clients that pass the HTTP headers signaling that they understand SAML ECP can authenticate via that mechanism as explained below. @@ -179,13 +179,13 @@ Unauthenticated non-browser clients that pass the HTTP headers signaling that th +---------------------------------------------------------------------------------------------------------------------+ .... -SAML ECP can be used to authenticate a non-browser client or non-person entity (NPE). +((SAML ECP)) can be used to authenticate a non-browser client or non-person entity (NPE). This method of authentication is useful when there is no human in the loop, but authentication with an IdP is still desired. -The SAML Handler will send a PAOS (Reverse SOAP) request as an initial response back to the Secure Client, assuming the client has sent the necessary HTTP headers to declare that it supports this function. +The SAML Handler sends a PAOS (Reverse SOAP) request as an initial response back to the Secure Client, assuming the client has sent the necessary HTTP headers to declare that it supports this function. That response does not complete the request/response loop, but is instead caught by a SOAP intermediary, which is implemented through a CXF interceptor. The PAOS response contains an `` request message, which is intended to be rerouted to a SAML IdP via SOAP. -The SOAP intermediary will then contact an IdP (selection of the IdP is not covered by the spec). -The IdP will either reject the login attempt, or issue a Signed `` that is to be delivered to the Assertion Consumer Service by the intermediary. +The SOAP intermediary then contacts an IdP (selection of the IdP is not covered by the spec). +The IdP either rejects the login attempt, or issues a Signed `` that is to be delivered to the Assertion Consumer Service by the intermediary. The method of logging into the IdP is not covered by the spec and is up to the implementation. The SP is then signaled to supply the originally requested resource, assuming the signed Response message is valid and the user has permission to view the resource. diff --git a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-sts-claims-handler.adoc b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-sts-claims-handler.adoc index d0df89b6219d..4e62272af44c 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-sts-claims-handler.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-sts-claims-handler.adoc @@ -7,7 +7,7 @@ == {title} -Claims handlers are classes that convert the incoming user credentials into a set of attribute claims that will be populated in the user Subject object. -An example in action would be the LDAPClaimsHandler that takes in the user's credentials and retrieves the user's attributes from a backend LDAP server. +((Claims handlers)) are classes that convert the incoming user credentials into a set of attribute claims that are populated in the user Subject object. +For example, the `LDAPClaimsHandler` takes in the user's credentials and retrieves the user's attributes from a backend LDAP server. These attributes are then mapped and added to the Subject being created. Integrators and developers can add more claims handlers that can handle other types of external services that store user attributes. diff --git a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-wss-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-wss-intro.adoc index 4f190bd61b2a..f91c895ba2d5 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-wss-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/security-wss-intro.adoc @@ -8,8 +8,8 @@ == {title} -The Web Service Security (WSS) functionality that comes with ${branding} is integrated throughout the system. +The ((Web Service Security))(((WSS))) (WSS) functionality that comes with ${branding} is integrated throughout the system. This is a central resource describing how all of the pieces work together and where they are located within the system. ${branding} comes with a *Security Framework* and *Security Services*. -The Security Framework is the set of APIs that define the integration with the ${branding} framework and the Security Services are the reference implementations of those APIs built for a realistic end-to-end use case. +The ((Security Framework)) is the set of APIs that define the integration with the ${branding} framework and the ((Security Services)) are the reference implementations of those APIs built for a realistic end-to-end use case. diff --git a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/sts-ldap-claims-handler.adoc b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/sts-ldap-claims-handler.adoc index b07e177e00ce..cf7f6636f256 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/sts-ldap-claims-handler.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/sts-ldap-claims-handler.adoc @@ -7,12 +7,12 @@ == {title} -The ${ddf-security} LDAP Claims Handler bundle adds functionality that allows retrieval of claims from an LDAP server. +The ((${ddf-security} LDAP Claims Handler)) bundle adds functionality that allows retrieval of claims from an LDAP server. [NOTE] ==== All claims handlers are queried for user attributes regardless of realm. -This means that two different users with the same username in different LDAP servers will end up with both of their claims in each of their individual assertions. +This means that two different users with the same username in different LDAP servers end up with both of their claims in each of their individual assertions. ==== === Installing Security LDAP Claims Handler diff --git a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/sts-ldap-login.adoc b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/sts-ldap-login.adoc index 0d8562d7742d..735b9ba133b6 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/sts-ldap-login.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/sts-ldap-login.adoc @@ -6,6 +6,7 @@ :order: 03 == {title} +((({title}))) The ${ddf-security} JAAS LDAP Login bundle enables authentication via an LDAP server when passed a username and password. diff --git a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/subject.adoc b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/subject.adoc index eb1c7f8c4a55..d6e14713bac3 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_securityFramework/subject.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_securityFramework/subject.adoc @@ -9,14 +9,14 @@ `ddf.security.Subject org.apache.shiro.subject.Subject` -The Subject is the key object in the security framework. +The ((Subject)) is the key object in the security framework. Most of the workflow and implementations revolve around creating and using a Subject. The Subject object in ${branding} is a class that encapsulates all information about the user performing the current operation. -The Subject can also be used to perform permission checks to see if the calling user has acceptable permission to perform a certain action (e.g., calling a service or returning a metacard). +The Subject can also be used to perform permission checks to see if the calling user has acceptable permission to perform a certain action (for example, calling a service or returning a metacard). This class was made ${branding}-specific because the Shiro interface cannot be added to the Query Request property map. .Implementations of Subject: -[cols="2" options="header"] +[cols="1m,1" options="header"] |=== |Classname diff --git a/distribution/docs/src/main/resources/content/_architectures/_transformers/atom-queryresp-xformer.adoc b/distribution/docs/src/main/resources/content/_architectures/_transformers/atom-queryresp-xformer.adoc index 142478fc9d62..6d2e5ff48219 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_transformers/atom-queryresp-xformer.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_transformers/atom-queryresp-xformer.adoc @@ -5,18 +5,18 @@ :link: _atom_query_response_transformer :summary: Transforms a query response into an http://tools.ietf.org/html/rfc4287[Atom 1.0] feed. -The Atom Query Response Transformer transforms a query response into an http://tools.ietf.org/html/rfc4287[Atom 1.0] feed. +The ((Atom Query Response Transformer)) transforms a query response into an http://tools.ietf.org/html/rfc4287[Atom 1.0] feed. The Atom transformer maps a `QueryResponse` object as described in the Query Result Mapping. -===== Installing the Atom Query Response Transformer +== Installing the Atom Query Response Transformer The Atom Query Response Transformer is installed by default with a standard installation. -===== Configuring the Atom Query Response Transformer +== Configuring the Atom Query Response Transformer The Atom Query Response Transformer has no configurable properties. -===== Using the Atom Query Response Transformer +== Using the Atom Query Response Transformer Use this transformer when Atom is the preferred medium of communicating information, such as for feed readers or federation. An integrator could use this with an endpoint to transform query responses into an Atom feed. @@ -165,7 +165,7 @@ Developers could use this transformer to programmatically transform `QueryRespon |`/feed/entry/content` |Metacard XML generated by `${branding}.catalog.transform.MetacardTransformer` with `shortname=xml`. -If no transformer found, `/feed/entry/content/@type` will be text and `Metacard.ID` is displayed +If no transformer found, `/feed/entry/content/@type` is text and `Metacard.ID` is displayed `4e1f38d1913b4e93ac622e6c1b258f89` |=== diff --git a/distribution/docs/src/main/resources/content/_architectures/_transformers/csw-queryresp-xformer.adoc b/distribution/docs/src/main/resources/content/_architectures/_transformers/csw-queryresp-xformer.adoc index 795b7e7c8d19..c7e5ebae096e 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_transformers/csw-queryresp-xformer.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_transformers/csw-queryresp-xformer.adoc @@ -5,13 +5,13 @@ :link: _csw_query_response_transformer :summary: Transforms a query response into a http://www.opengeospatial.org/standards/cat[CSW-formatted] document. -The CSW Query Response Transformer transforms a query response into a http://www.opengeospatial.org/standards/cat[CSW-formatted] document. +The (((CSW Query Response Transformer))) transforms a query response into a http://www.opengeospatial.org/standards/cat[CSW-formatted] document. -===== Installing the CSW Query Response Transformer +== Installing the CSW Query Response Transformer The CSW Query Response Transformer is installed by default with a standard installation in the ${ddf-spatial} application. -===== Configuring the CSW Query Response Transformer +== Configuring the CSW Query Response Transformer The CSW Query Response Transformer has no configurable properties. diff --git a/distribution/docs/src/main/resources/content/_architectures/_transformers/custom-mime-type-resolver.adoc b/distribution/docs/src/main/resources/content/_architectures/_transformers/custom-mime-type-resolver.adoc index 6ccd1123a0c5..d5c8c1924408 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_transformers/custom-mime-type-resolver.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_transformers/custom-mime-type-resolver.adoc @@ -4,6 +4,7 @@ :link: _custom_mime_type_resolver :summary: The Custom Mime Type Resolver is a `MimeTypeResolver` that defines the custom mime types that ${branding} will support. +((({title}))) These are mime types not supported by the default `TikaMimeTypeResolver`. .Custom Mime Type Resolver Default Supported Mime Types @@ -24,16 +25,16 @@ These are mime types not supported by the default `TikaMimeTypeResolver`. |=== -As a `MimeTypeResolver`, the Custom Mime Type Resolver will provide methods to map the file extension to the corresponding mime type, and vice versa. +As a `MimeTypeResolver`, the Custom Mime Type Resolver provides methods to map the file extension to the corresponding mime type, and vice versa. -===== Installing the Custom Mime Type Resolver +== Installing the Custom Mime Type Resolver One Custom Mime Type Resolver is configured and installed for the `image/nitf` mime type. This custom resolver is bundled in the `mime-core-app` application and is part of the `mime-core` feature. Additional Custom Mime Type Resolvers can be added for other custom mime types. -====== Configuring the Custom Mime Type Resolver +== Configuring the Custom Mime Type Resolver The configurable properties for the Custom Mime Type Resolver are accessed from the *MIME Custom Types* configuration in the ${admin-console}. diff --git a/distribution/docs/src/main/resources/content/_architectures/_transformers/ddf-mime-type-mapper.adoc b/distribution/docs/src/main/resources/content/_architectures/_transformers/ddf-mime-type-mapper.adoc index 368fbb80465b..6c52ba65f230 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_transformers/ddf-mime-type-mapper.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_transformers/ddf-mime-type-mapper.adoc @@ -4,14 +4,14 @@ :link: _ddf_mime_type_mapper :summary: Core implementation of the ${ddf-branding} Mime API. -The ${ddf-branding} Mime Type Mapper is the core implementation of the ${ddf-branding} Mime API. +The ((${ddf-branding} Mime Type Mapper)) is the core implementation of the ${ddf-branding} Mime API. It provides access to all `MimeTypeResolvers` within ${branding}, which provide mapping of mime types to file extensions and file extensions to mime types. -===== Installing the ${ddf-branding} Mime Type Mapper +== Installing the ${ddf-branding} Mime Type Mapper The ${ddf-branding} Mime Type Mapper is installed by default with a standard installation in the ${ddf-platform} application. -===== Configuring ${ddf-branding} Mime Type Mapper +== Configuring ${ddf-branding} Mime Type Mapper The ${ddf-branding} Mime Type Mapper has no configurable properties. diff --git a/distribution/docs/src/main/resources/content/_architectures/_transformers/geojson-input-xformer.adoc b/distribution/docs/src/main/resources/content/_architectures/_transformers/geojson-input-xformer.adoc index b1bbd778f88a..2b22b8039dfd 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_transformers/geojson-input-xformer.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_transformers/geojson-input-xformer.adoc @@ -5,7 +5,7 @@ :link: _geojson_input_transformer :summary: Translates GeoJSON into a Catalog metacard. -The GeoJSON input transformer is responsible for translating GeoJSON into a Catalog metacard. +The ((GeoJSON input transformer)) is responsible for translating GeoJSON into a Catalog metacard. .{title} Usage @@ -18,15 +18,15 @@ The GeoJSON input transformer is responsible for translating GeoJSON into a Cata |application/json |=== -===== Installing the GeoJSON Input Transformer +== Installing the GeoJSON Input Transformer The GeoJSON Input Transformer is installed by default with a standard installation. -===== Configuring the GeoJSON Input Transformer +== Configuring the GeoJSON Input Transformer The GeoJSON Input Transformer has no configurable properties. -===== Using the GeoJSON Input Transformer +== Using the GeoJSON Input Transformer Using the REST Endpoint, for example, HTTP POST a GeoJSON metacard to the Catalog. Once the REST Endpoint receives the GeoJSON Metacard, it is converted to a Catalog metacard. @@ -36,7 +36,7 @@ Once the REST Endpoint receives the GeoJSON Metacard, it is converted to a Catal curl -X POST -i -H "Content-Type: application/json" -d "${at-symbol}metacard.json" ${secure_url}/services/catalog ---- -===== Conversion to a Metacard +== Conversion to a Metacard A http://geojson.org/geojson-spec.html#geojson-objects[GeoJSON object] consists of a single JSON object. This can be a geometry, a feature, or a `FeatureCollection`. @@ -56,7 +56,7 @@ Additionally, the input transformer currently does not handle ``FeatureCollectio ---- ==== -The following sample _will_ create a valid metacard: +The following sample _does_ create a valid metacard: .Sample Parseable GeoJson (Point) [source,JSON,linenums] @@ -92,7 +92,7 @@ XML must be properly escaped, such as what is proper for normal JSON. Currently, only *Required Attributes* are recognized in the properties. -====== Metacard Extensibility +=== Metacard Extensibility GeoJSON supports custom, extensible properties on the incoming GeoJSON using ${branding}'s extensible metacard support. To have those customized attributes understood by the system, a corresponding `MetacardType` must be registered with the `MetacardTypeRegistry`. @@ -127,11 +127,11 @@ If a `MetacardType` is specified on the GeoJSON input, the customized properties } ---- -When the GeoJSON Input Transformer gets GeoJSON with the `MetacardType` specified, it will perform a lookup in the `MetacardTypeRegistry` to obtain the specified `MetacardType` in order to understand how to parse the GeoJSON. -If no `MetacardType` is specified, the GeoJSON Input Transformer will assume the default `MetacardType`. -If an unregistered `MetacardType` is specified, an exception will be returned to the client indicating that the `MetacardType` was not found. +When the GeoJSON Input Transformer gets GeoJSON with the `MetacardType` specified, it performs a lookup in the `MetacardTypeRegistry` to obtain the specified `MetacardType` in order to understand how to parse the GeoJSON. +If no `MetacardType` is specified, the GeoJSON Input Transformer assumes the default `MetacardType`. +If an unregistered `MetacardType` is specified, an exception is returned to the client indicating that the `MetacardType` was not found. -===== Usage Limitations of the GeoJSON Input Transformer +== Usage Limitations of the GeoJSON Input Transformer The GeoJSON Input Transformer does not handle multiple geometries. diff --git a/distribution/docs/src/main/resources/content/_architectures/_transformers/geojson-metacard-xformer.adoc b/distribution/docs/src/main/resources/content/_architectures/_transformers/geojson-metacard-xformer.adoc index acad8d082f4a..d9aa5a3c50a7 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_transformers/geojson-metacard-xformer.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_transformers/geojson-metacard-xformer.adoc @@ -5,9 +5,9 @@ :link: _geojson_metacard_transformer :summary: Translates a metacard into GeoJSON. -GeoJSON Metacard Transformer translates a metacard into GeoJSON. +((GeoJSON Metacard Transformer)) translates a metacard into GeoJSON. -===== Installing the GeoJSON Metacard Transformer +== Installing the GeoJSON Metacard Transformer The GeoJSON Metacard Transformer is not installed by default with a standard installation. @@ -18,11 +18,11 @@ To install: . Select the *Features* tab. . Install the `catalog-transformer-json` feature. -===== Configuring the GeoJSON Metacard Transformer +== Configuring the GeoJSON Metacard Transformer The GeoJSON Metacard Transformer has no configurable properties. -===== Using the GeoJSON Metacard Transformer +== Using the GeoJSON Metacard Transformer The GeoJSON Metacard Transformer can be used programmatically by requesting a `MetacardTransformer` with the id `geojson`. It can also be used within the REST Endpoint by providing the transform option as `geojson`. diff --git a/distribution/docs/src/main/resources/content/_architectures/_transformers/geojson-queryresp-xformer.adoc b/distribution/docs/src/main/resources/content/_architectures/_transformers/geojson-queryresp-xformer.adoc index 4a36724a59f3..6876ef8b79a9 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_transformers/geojson-queryresp-xformer.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_transformers/geojson-queryresp-xformer.adoc @@ -5,13 +5,13 @@ :summary: Translates a query response into a GeoJSON-formatted document. :subtype: queryResponse -The GeoJSON Query Response Transformer translates a query response into a GeoJSON-formatted document. +The ((GeoJSON Query Response Transformer)) translates a query response into a GeoJSON-formatted document. -===== Installing the GeoJSON Query Response Transformer +== Installing the GeoJSON Query Response Transformer The GeoJSON Query Response Transformer is installed by default with a standard installation in the ${ddf-catalog} application. -===== Configuring the GeoJSON Query Response Transformer +== Configuring the GeoJSON Query Response Transformer The GeoJSON Query Response Transformer has no configurable properties. diff --git a/distribution/docs/src/main/resources/content/_architectures/_transformers/kml-metacard-xformer.adoc b/distribution/docs/src/main/resources/content/_architectures/_transformers/kml-metacard-xformer.adoc index d1c42f85a1f0..d4ce3c4a5410 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_transformers/kml-metacard-xformer.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_transformers/kml-metacard-xformer.adoc @@ -5,19 +5,19 @@ :link: _kml_metacard_transformer :summary: Translates a metacard into a KML-formatted document. -The KML Metacard Transformer is responsible for translating a metacard into a KML-formatted document. -The KML will contain an HTML description that will display in the pop-up bubble in Google Earth. +The ((KML Metacard Transformer)) is responsible for translating a metacard into a KML-formatted document. +The KML contains an HTML description that displays in the pop-up bubble in Google Earth. The HTML contains links to the full metadata view as well as the resource. -===== Installing the KML Metacard Transformer +== Installing the KML Metacard Transformer The KML Metacard Transformer is installed by default with a standard installation in the ${ddf-spatial} Application. -===== Configuring the KML Metacard Transformer +== Configuring the KML Metacard Transformer The KML Metacard Transformer has no configurable properties. -===== Using the KML Metacard Transformer +== Using the KML Metacard Transformer Using the REST Endpoint for example, request a metacard with the transform option set to the KML shortname. diff --git a/distribution/docs/src/main/resources/content/_architectures/_transformers/kml-queryresp-xformer.adoc b/distribution/docs/src/main/resources/content/_architectures/_transformers/kml-queryresp-xformer.adoc index 3dad86e0430c..f326843827a4 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_transformers/kml-queryresp-xformer.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_transformers/kml-queryresp-xformer.adoc @@ -5,19 +5,19 @@ :link: _kml_query_response_transformer :summary: Translates a query response into a KML-formatted document. -The KML Query Response Transformer translates a query response into a KML-formatted document. -The KML will contain an HTML description for each metacard that will display in the pop-up bubble in Google Earth. +The ((KML Query Response Transformer)) translates a query response into a KML-formatted document. +The KML contains an HTML description for each metacard that displays in the pop-up bubble in Google Earth. The HTML contains links to the full metadata view as well as the resource. -===== Installing the KML Query Response Transformer +== Installing the KML Query Response Transformer The `spatial-kml-transformer` feature is installed by default in the ${ddf-spatial} Application. -===== Configuring the KML Query Response Transformer +== Configuring the KML Query Response Transformer The KML Query Response Transformer has no configurable properties. -===== Using the KML Query Response Transformer +== Using the KML Query Response Transformer Using the OpenSearch Endpoint, for example, query with the format option set to the KML shortname: `kml`. diff --git a/distribution/docs/src/main/resources/content/_architectures/_transformers/kml-style-mapper.adoc b/distribution/docs/src/main/resources/content/_architectures/_transformers/kml-style-mapper.adoc index 2f56386550b3..0ec2a308e82c 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_transformers/kml-style-mapper.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_transformers/kml-style-mapper.adoc @@ -5,7 +5,7 @@ :link: _kml_style_mapper :summary: Maps a KML Style URL to a metacard based on that metacard's attributes. -The KML Style Mapper provides the ability for the `KMLTransformer` to map a KML Style URL to a metacard based on that metacard's attributes. +The ((KML Style Mapper)) provides the ability for the `KMLTransformer` to map a KML Style URL to a metacard based on that metacard's attributes. For example, if a user wanted all JPEGs to be blue, the KML Style Mapper provides the ability to do so. This would also allow an administrator to configure metacards from each source to be different colors. @@ -15,11 +15,11 @@ For more information on style URL's, refer to the https://developers.google.com/ The KML Style Mapper supports all basic and extended metacard attributes. When a style mapping is configured, the resulting transformed KML contain a `` tag pointing to that style, rather than the default KML style supplied by the `KMLTransformer`. -===== Installing the KML Style Mapper +== Installing the KML Style Mapper The KML Style Mapper is installed by default with a standard installation in the <<{reference-prefix}spatial_application_reference,${ddf-spatial} Application>> in the `spatial-kml-transformer` feature. -===== Configuring the KML Style Mapper +== Configuring the KML Style Mapper The properties below describe how to configure a style mapping. The configuration name is `Spatial KML Style Map Entry`. diff --git a/distribution/docs/src/main/resources/content/_architectures/_transformers/metadata-metacard-xformer.adoc b/distribution/docs/src/main/resources/content/_architectures/_transformers/metadata-metacard-xformer.adoc index 7a228f21290b..b0c6b97d2041 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_transformers/metadata-metacard-xformer.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_transformers/metadata-metacard-xformer.adoc @@ -5,18 +5,18 @@ :link: _metadata_metacard_transformer :summary: returns the `Metacard.METADATA` attribute when given a metacard. -The Metadata Metacard Transformer returns the `Metacard.METADATA` attribute when given a metacard. +The ((Metadata Metacard Transformer)) returns the `Metacard.METADATA` attribute when given a metacard. The MIME Type returned is `text/xml`. -===== Installing the Metadata Metacard Transformer +== Installing the Metadata Metacard Transformer The Metadata Metacard Transformer is installed by default in a standard installation with the ${ddf-catalog} application. -===== Configuring the Metadata Metacard Transformer +== Configuring the Metadata Metacard Transformer The Metadata Metacard Transformer has no configurable properties. -===== Using the Metadata Metacard Transformer +== Using the Metadata Metacard Transformer The Metadata Metacard Transformer can be used programmatically by requesting a metacard transformer with the id `metadata`. It can also be used within the REST Endpoint by providing the transform option as `metadata`. diff --git a/distribution/docs/src/main/resources/content/_architectures/_transformers/mime-type-mapper-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_transformers/mime-type-mapper-intro.adoc index 279e0caf584e..88dce9232699 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_transformers/mime-type-mapper-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_transformers/mime-type-mapper-intro.adoc @@ -4,7 +4,7 @@ :link: _mime_type_mapper_intro :summary: Resolves file extensions to mime types and vice versa. -The MimeTypeMapper is the entry point in ${branding} for resolving file extensions to mime types, and vice versa. +The ((Mime Type Mapper)) is the entry point in ${branding} for resolving file extensions to mime types, and vice versa. `MimeTypeMappers` are used by the `ResourceReader` to determine the file extension for a given mime type in aid of retrieving a resource. `MimeTypeMappers` are also used by the `FileSystemProvider` in the Catalog Framework to read a file from the content file repository. @@ -16,5 +16,5 @@ If no mapping is found for the file extension, `null` is returned for the mime t Similarly, the `MimeTypeMapper` accesses each `MimeTypeResolver` according to its priority until the provided mime type is successfully mapped to its corresponding file extension. If no mapping is found for the mime type, `null` is returned for the file extension. -For files with no file extension, the MimeTypeMapper will attempt to determine the mime type from the contents of the file. -If it is unsuccessful, the file will be ingested as a binary file. \ No newline at end of file +For files with no file extension, the MimeTypeMapper attempts to determine the mime type from the contents of the file. +If it is unsuccessful, the file is ingested as a binary file. diff --git a/distribution/docs/src/main/resources/content/_architectures/_transformers/mime-type-resolver-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_transformers/mime-type-resolver-intro.adoc index e8eed8a50fc5..fed13f712342 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_transformers/mime-type-resolver-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_transformers/mime-type-resolver-intro.adoc @@ -4,7 +4,7 @@ :link: _mime_type_resolver_intro :summary: Introduction to mime type resolvers. -A `MimeTypeResolver` is a ${branding} service that can map a file extension to its corresponding mime type and, conversely, can map a mime type to its file extension. +A ((Mime Type Resolver)) is a ${branding} service that can map a file extension to its corresponding mime type and, conversely, can map a mime type to its file extension. `MimeTypeResolvers` are assigned a priority (0-100, with the higher the number indicating the higher priority). This priority is used to sort all of the `MimeTypeResolvers` in the order they should be checked to map a file extension to a mime type (or vice versa). diff --git a/distribution/docs/src/main/resources/content/_architectures/_transformers/pdf-input-xformer.adoc b/distribution/docs/src/main/resources/content/_architectures/_transformers/pdf-input-xformer.adoc index 54667f8b0412..9a85bd484272 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_transformers/pdf-input-xformer.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_transformers/pdf-input-xformer.adoc @@ -5,7 +5,7 @@ :link: _pdf_input_transformer :summary: Translates a PDF document into a Catalog Metacard. -The PDF Input Transformer is responsible for translating a PDF document into a Catalog Metacard. +The ((PDF Input Transformer)) is responsible for translating a PDF document into a Catalog Metacard. .{title} Usage [cols="1,2m" options="header"] @@ -18,11 +18,11 @@ The PDF Input Transformer is responsible for translating a PDF document into a C |=== -===== Installing the PDF Input Transformer +== Installing the PDF Input Transformer The PDF Transformer is installed by default with a standard installation in the ${ddf-catalog} application. -===== Configuring the PDF Input Transformer +== Configuring the PDF Input Transformer To configure the PDF Input Transformer: diff --git a/distribution/docs/src/main/resources/content/_architectures/_transformers/pptx-input-xformer.adoc b/distribution/docs/src/main/resources/content/_architectures/_transformers/pptx-input-xformer.adoc index 3e7e47b697a2..92333a22895e 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_transformers/pptx-input-xformer.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_transformers/pptx-input-xformer.adoc @@ -5,10 +5,10 @@ :link: _pptx_input_transformer :summary: Translates Microsoft PowerPoint (OOXML only) documents into Catalog Metacards. -The PPTX Input Transformer translates Microsoft PowerPoint (OOXML only) documents into Catalog Metacards, using https://tika.apache.org/[Apache Tika] for basic metadata and https://poi.apache.org/[Apache POI] for thumbnail creation. +The ((PPTX Input Transformer)) translates ((Microsoft PowerPoint)) (OOXML only) documents into Catalog Metacards, using https://tika.apache.org/[Apache Tika] for basic metadata and https://poi.apache.org/[Apache POI] for thumbnail creation. The PPTX Input Transformer ingests PPTX documents into the ${branding} Content Repository and the Metadata Catalog, and adds a thumbnail of the first page in the PPTX document. -The PPTX Input Transformer will take precedence over the Tika Input Transformer for PPTX documents. +The PPTX Input Transformer takes precedence over the Tika Input Transformer for PPTX documents. .{title} Usage [cols="1,2m" options="header"] @@ -20,11 +20,11 @@ The PPTX Input Transformer will take precedence over the Tika Input Transformer |application/vnd.openxmlformats-officedocument.presentationml.presentation |=== -===== Installing the PPTX Input Transformer +== Installing the PPTX Input Transformer This transformer is installed by default with a standard installation in the ${ddf-catalog} application. -===== Configuring the PPTX Input Transformer +== Configuring the PPTX Input Transformer The PPTX Input Transformer has no configurable properties. ''' diff --git a/distribution/docs/src/main/resources/content/_architectures/_transformers/queryresp-xformer-consumer.adoc b/distribution/docs/src/main/resources/content/_architectures/_transformers/queryresp-xformer-consumer.adoc index ada1c51f7c4c..236c328e4fbf 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_transformers/queryresp-xformer-consumer.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_transformers/queryresp-xformer-consumer.adoc @@ -5,12 +5,12 @@ :link: _query_response_transformer_consumer :summary: Translates a query response into a Catalog Metacard. -The Query Response Transformer Consumer is responsible for translating a query response into a Catalog Metacard. +The ((Query Response Transformer Consumer)) is responsible for translating a query response into a Catalog Metacard. -===== Installing the Query Response Transformer Consumer +== Installing the Query Response Transformer Consumer The Query Response Transformer Consumer is installed by default with a standard installation in the ${ddf-catalog} application. -===== Configuring the Query Response Transformer Consumer +== Configuring the Query Response Transformer Consumer The Query Response Transformer Consumer has no configurable properties. diff --git a/distribution/docs/src/main/resources/content/_architectures/_transformers/resource-metacard-xformer.adoc b/distribution/docs/src/main/resources/content/_architectures/_transformers/resource-metacard-xformer.adoc index 5e4e682b79fe..3480e9fe2893 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_transformers/resource-metacard-xformer.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_transformers/resource-metacard-xformer.adoc @@ -5,17 +5,17 @@ :link: _resource_metacard_transformer :summary: Retrieves the resource bytes of a metacard by returning the resource associated with the metacard. -The Resource Metacard Transformer retrieves a resource associated with a metacard. +The ((Resource Metacard Transformer)) retrieves a resource associated with a metacard. -===== Installing the Resource Metacard Transformer +== Installing the Resource Metacard Transformer The Resource Metacard Transformer is installed by default in a standard installation with the ${ddf-catalog} application as the feature `catalog-transformer-resource`. -===== Configuring the Resource Metacard Transformer +== Configuring the Resource Metacard Transformer The Resource Metacard Transformer has no configurable properties. -===== Using the Resource Metacard Transformer +== Using the Resource Metacard Transformer Endpoints or other components can retrieve an instance of the Resource Metacard Transformer using its `id` resource. diff --git a/distribution/docs/src/main/resources/content/_architectures/_transformers/thumbnail-metacard-xformer.adoc b/distribution/docs/src/main/resources/content/_architectures/_transformers/thumbnail-metacard-xformer.adoc index 8b8b31da86cd..f70a103e3ed5 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_transformers/thumbnail-metacard-xformer.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_transformers/thumbnail-metacard-xformer.adoc @@ -5,17 +5,17 @@ :link: _thumbnail_metacard_transformer :summary: Retrieves the thumbnail bytes of a Metacard by returning the `Metacard.THUMBNAIL` attribute value. -The Thumbnail Metacard Transformer retrieves the thumbnail bytes of a Metacard by returning the `Metacard.THUMBNAIL` attribute value. +The ((Thumbnail Metacard Transformer)) retrieves the thumbnail bytes of a Metacard by returning the `Metacard.THUMBNAIL` attribute value. -===== Installing the Thumbnail Metacard Transformer +== Installing the Thumbnail Metacard Transformer This transformer is installed by default with a standard installation in the ${ddf-catalog} application. -===== Configuring the Thumbnail Metacard Transformer +== Configuring the Thumbnail Metacard Transformer The Thumbnail Metacard Transformer has no configurable properties. -===== Using the Thumbnail Metacard Transformer +== Using the Thumbnail Metacard Transformer Endpoints or other components can retrieve an instance of the Thumbnail Metacard Transformer using its id `thumbnail`. diff --git a/distribution/docs/src/main/resources/content/_architectures/_transformers/tika-input-xformer.adoc b/distribution/docs/src/main/resources/content/_architectures/_transformers/tika-input-xformer.adoc index 47cb28660770..afb37e27683b 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_transformers/tika-input-xformer.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_transformers/tika-input-xformer.adoc @@ -5,9 +5,9 @@ :link: _tika_input_transformer :summary: Translates Microsoft Word, Microsoft Excel, Microsoft PowerPoint, OpenOffice Writer, and PDF documents into Catalog records. -The Tika Input Transformer is the default input transformer responsible for translating Microsoft Word, Microsoft Excel, Microsoft PowerPoint, OpenOffice Writer, and PDF documents into Catalog records. +The ((Tika Input Transformer)) is the default input transformer responsible for translating Microsoft Word, Microsoft Excel, Microsoft PowerPoint, OpenOffice Writer, and PDF documents into Catalog records. This input transformer utilizes https://tika.apache.org[Apache Tika] to provide basic support for these mime types. -The metadata common to all these document types, e.g., creation date, author, last modified date, etc., is extracted and used to create the catalog record. +The metadata common to all these document types, such as creation date, author, last modified date, etc., is extracted and used to create the catalog record. The Tika Input Transformer's main purpose is to ingest these types of content into the Metadata Catalog. The Tika input transformer is most basic input transformer and the last to be invoked. @@ -23,11 +23,11 @@ This allows any registered input transformers that are more specific to a docume |This basic transformer can ingest many file types. See <<{metadata-prefix}all_file_formats_supported,All Formats Supported>>. |=== -===== Installing the Tika Input Transformer +== Installing the Tika Input Transformer This transformer is installed by default with a standard installation in the ${ddf-catalog}. -===== Configuring the Tika Input Transformer +== Configuring the Tika Input Transformer The properties below describe how to configure the Tika input transformer. diff --git a/distribution/docs/src/main/resources/content/_architectures/_transformers/tika-mime-type-resolver.adoc b/distribution/docs/src/main/resources/content/_architectures/_transformers/tika-mime-type-resolver.adoc index 8f86e5ac82d5..535777fb1298 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_transformers/tika-mime-type-resolver.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_transformers/tika-mime-type-resolver.adoc @@ -4,22 +4,23 @@ :link: _tika_mime_type_resolver :summary: Provides support for resolving over 1300 mime types. +((({title}))) The `TikaMimeTypeResolver` is a `MimeTypeResolver` that is implemented using the https://tika.apache.org[Apache Tika] open source product. Using the Apache Tika content analysis toolkit, the `TikaMimeTypeResolver` provides support for resolving over 1300 mime types, but not all mime types yield the same quality metadata. The `TikaMimeTypeResolver` is assigned a default priority of `-1` to insure that it is always invoked last by the `MimeTypeMapper`. -This insures that any custom `MimeTypeResolvers` that may be installed will be invoked before the `TikaMimeTypeResolver`. +This insures that any custom `MimeTypeResolvers` that may be installed is invoked before the `TikaMimeTypeResolver`. The `TikaMimeTypeResolver` provides the bulk of the default mime type support for ${branding}. -===== Installing the Tika Mime Type Resolver +== Installing the Tika Mime Type Resolver The `TikaMimeTypeResolver` is bundled as the `mime-tika-resolver` feature in the `mime-tika-app` application. This feature is installed by default. -====== Configuring the Tika Mime Type Resolver +== Configuring the Tika Mime Type Resolver The Tika Mime Type Resolver has no configurable properties. diff --git a/distribution/docs/src/main/resources/content/_architectures/_transformers/video-input-xformer.adoc b/distribution/docs/src/main/resources/content/_architectures/_transformers/video-input-xformer.adoc index 77d825f6e23a..16f23fcc4229 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_transformers/video-input-xformer.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_transformers/video-input-xformer.adoc @@ -5,7 +5,7 @@ :link: _video_input_transformer :summary: Creates Catalog metacards from certain video file types. -The video input transformer Creates Catalog metacards from certain video file types. +The ((Video Input transformer)) Creates Catalog metacards from certain video file types. Currently, it is handles MPEG-2 transport streams as well as MPEG-4, AVI, MOV, and WMV videos. This input transformer uses https://tika.apache.org[Apache Tika] to extract basic metadata from the video files and applies more sophisticated methods to extract more meaningful metadata from these types of video. @@ -29,10 +29,10 @@ a|* video/avi |=== -===== Installing the Video Input Transformer +== Installing the Video Input Transformer This transformer is installed by default with a standard installation in the ${ddf-catalog} application. -====== Configuring the Video Input Transformer +== Configuring the Video Input Transformer The Video Input Transformer has no configurable properties. diff --git a/distribution/docs/src/main/resources/content/_architectures/_transformers/xformers-intro.adoc b/distribution/docs/src/main/resources/content/_architectures/_transformers/xformers-intro.adoc index db9b08b9d2c5..1d5cac5b8e8e 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_transformers/xformers-intro.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_transformers/xformers-intro.adoc @@ -28,7 +28,7 @@ +------------------------------------------------------------+ .... -Transformers transform data to and from various formats. +((Transformers)) transform data to and from various formats. Transformers are categorized by when they are invoked and used. The <<{architecture-prefix}types_of_transformers,existing types>> are <<{architecture-prefix}available_input_transformers,Input transformers>>, <<{architecture-prefix}available_metacard_transformers,Metacard transformers>>, and <<{architecture-prefix}available_query_response_transformers,Query Response transformers>>. Additionally, XSLT transformers are provided to aid in developing custom, lightweight Metacard and Query Response transformers. diff --git a/distribution/docs/src/main/resources/content/_architectures/_transformers/xml-input-xformer.adoc b/distribution/docs/src/main/resources/content/_architectures/_transformers/xml-input-xformer.adoc index c6e34f9907cb..c86007f12764 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_transformers/xml-input-xformer.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_transformers/xml-input-xformer.adoc @@ -5,7 +5,7 @@ :link: {developing-prefix}xml_input_transformer :summary: Translates an XML document into a Catalog Metacard. -The XML Input Transformer is responsible for translating an XML document into a Catalog Metacard. +The ((XML Input Transformer)) is responsible for translating an XML document into a Catalog Metacard. .{title} Usage [cols="1,2m" options="header"] @@ -17,10 +17,10 @@ The XML Input Transformer is responsible for translating an XML document into a |text/xml |=== -===== Installing the XML Input Transformer +== Installing the XML Input Transformer The XML Input Transformer is installed by default with a standard installation in the ${ddf-catalog} application. -===== Configuring the XML Input Transformer +== Configuring the XML Input Transformer The XML Input Transformer has no configurable properties. diff --git a/distribution/docs/src/main/resources/content/_architectures/_transformers/xml-metacard-xformer.adoc b/distribution/docs/src/main/resources/content/_architectures/_transformers/xml-metacard-xformer.adoc index dd3f9b65be5e..3a3b6dc966e7 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_transformers/xml-metacard-xformer.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_transformers/xml-metacard-xformer.adoc @@ -5,20 +5,20 @@ :link: _xml_metacard_transformer :summary: Translates a metacard into an XML-formatted document. -The XML metacard transformer is responsible for translating a metacard into an XML-formatted document. +The ((XML metacard transformer)) is responsible for translating a metacard into an XML-formatted document. The metacard element that is generated is an extension of `gml:AbstractFeatureType`, which makes the output of this transformer GML 3.1.1 compatible. -===== Installing the XML Metacard Transformer +== Installing the XML Metacard Transformer This transformer comes installed by default with a standard installation in the ${ddf-catalog} application. To install or uninstall manually, use the `catalog-transformer-xml` feature. -===== Configuring the XML Metacard Transformer +== Configuring the XML Metacard Transformer The XML Metacard Transformer has no configurable properties. -===== Using the XML Metacard Transformer +== Using the XML Metacard Transformer Using the REST Endpoint for example, request a metacard with the transform option set to the XML shortname. diff --git a/distribution/docs/src/main/resources/content/_architectures/_transformers/xml-queryresp-xformer.adoc b/distribution/docs/src/main/resources/content/_architectures/_transformers/xml-queryresp-xformer.adoc index a892466ff475..60d1e11c91c0 100644 --- a/distribution/docs/src/main/resources/content/_architectures/_transformers/xml-queryresp-xformer.adoc +++ b/distribution/docs/src/main/resources/content/_architectures/_transformers/xml-queryresp-xformer.adoc @@ -5,15 +5,15 @@ :link: _xml_query_response_transformer :summary: Translates a query response into an XML-formatted document. -The XML Query Response Transformer is responsible for translating a query response into an XML-formatted document. +The ((XML Query Response Transformer)) is responsible for translating a query response into an XML-formatted document. The metacard element generated is an extension of `gml:AbstractFeatureCollectionType`, which makes the output of this transformer http://www.opengeospatial.org/projects/groups/gmldwg[GML 3.1.1] compatible. -===== Installing the XML Query Response Transformer +== Installing the XML Query Response Transformer This transformer is installed by default with a standard installation in the ${ddf-catalog} application. To uninstall, uninstall the `catalog-transformer-xml` feature. -===== Configuring the XML Query Response Transformer +== Configuring the XML Query Response Transformer To configure the XML Query Response Transformer: @@ -25,7 +25,7 @@ To configure the XML Query Response Transformer: See <<{reference-prefix}ddf.catalog.transformer.xml.XmlResponseQueueTransformer,XML Query Response Transformer configurations>> for all possible configurations. -===== Using the XML Query Response Transformer +== Using the XML Query Response Transformer Using the OpenSearch Endpoint, for example, query with the format option set to the XML shortname `xml`. diff --git a/distribution/docs/src/main/resources/content/_developing/_devComponents/assuring-bundles-and-apps.adoc b/distribution/docs/src/main/resources/content/_developing/_devComponents/assuring-bundles-and-apps.adoc index 56f37575211a..a39804270d8b 100644 --- a/distribution/docs/src/main/resources/content/_developing/_devComponents/assuring-bundles-and-apps.adoc +++ b/distribution/docs/src/main/resources/content/_developing/_devComponents/assuring-bundles-and-apps.adoc @@ -7,11 +7,11 @@ ${branding} Artifacts in the JAR file format (such as bundles or KAR files) can be signed and verified using the tools included as part of the Java Runtime Environment. -==== Prerequisites +== Prerequisites To work with Java signatures, a keystore/truststore is required. For testing or trial purposes ${branding} can sign and validate using a self-signed certificate, generated with the keytool utility. -In an actuall installation, a certificate issued from a trusted Certificate Authority will be used. +In an actual installation, a certificate issued from a trusted Certificate Authority is used. Additional documentation on keytool can be found at http://docs.oracle.com/javase/6/docs/technotes/tools/windows/keytool.html[Keytool home] {external-link}. @@ -38,7 +38,7 @@ Enter key password for Re-enter new password: ---- -==== Signing a JAR/KAR +== Signing a JAR/KAR Once a keystore is available, the JAR can be signed using the `jarsigner` tool. @@ -51,7 +51,7 @@ Additional documentation on jarsigner can be found at http://docs.oracle.com/jav ~ $ jarsigner -keystore keystore.jks -keypass shield -storepass password catalog-app-2.5.1.kar selfsigned ---- -===== Verifying a JAR/KAR +=== Verifying a JAR/KAR The jarsigner utility is also used to verify a signature in a JAR-formatted file. .Using jarsigner to verify a file diff --git a/distribution/docs/src/main/resources/content/_developing/_devComponents/attribute-injection.adoc b/distribution/docs/src/main/resources/content/_developing/_devComponents/attribute-injection.adoc index 6a20bf145bd2..4ef3ac70b314 100644 --- a/distribution/docs/src/main/resources/content/_developing/_devComponents/attribute-injection.adoc +++ b/distribution/docs/src/main/resources/content/_developing/_devComponents/attribute-injection.adoc @@ -5,9 +5,9 @@ :summary: Creating a custom attribute injection. :order: 05 -Attribute injections are defined attributes that will be injected into all metacard types or into specific metacard types. This capability allows metacard types to be extended with new attributes. +((Attribute injections)) are defined attributes that are injected into all metacard types or into specific metacard types. This capability allows metacard types to be extended with new attributes. -==== Attribute Injection Definition +== Attribute Injection Definition To define attribute injections, create a JSON file in the `${home_directory}/etc/definitions` directory. The definition file must have an `inject` key in the root object. @@ -37,10 +37,10 @@ The value of `inject` is simply a list of objects where each object contains the The value corresponding to the `attribute` key is the name of the attribute to inject. The `metacardTypes` key is optional. -If it is left out, then the attribute will be injected into every metacard type. +If it is left out, then the attribute is injected into every metacard type. In that case it can be thought of as a 'global' attribute injection. If the `metacardTypes` key is included, then its value must be a list of strings where each string is the name of a metacard type. -In this case, the attribute will be injected only into metacard types that match one of the types given in the list. +In this case, the attribute is injected only into metacard types that match one of the types given in the list. .Global and Specific Inject Values [source,json] diff --git a/distribution/docs/src/main/resources/content/_developing/_devComponents/attribute-type.adoc b/distribution/docs/src/main/resources/content/_developing/_devComponents/attribute-type.adoc index 135f75c44309..89bada4b6aa5 100644 --- a/distribution/docs/src/main/resources/content/_developing/_devComponents/attribute-type.adoc +++ b/distribution/docs/src/main/resources/content/_developing/_devComponents/attribute-type.adoc @@ -7,7 +7,8 @@ Create custom attribute types with Attribute Type definition files. -==== Attribute Type Definition File +== Attribute Type Definition File +(((Attribute Type Definition File))) To define Attribute Types, the definition file must have an `attributeTypes` key in the root object. @@ -42,8 +43,8 @@ The attributes `stored`, `indexed`, `tokenized`, and `multivalued` must be inclu ==== `stored`:: If true, the value of the attribute should be stored in the underlying datastore. Some attributes may only be indexed or used in transit and do not need to be persisted. `indexed`:: If true, then the value of the attribute should be included in the datastore's index and therefore be part of query evaluation. -`tokenized`:: Only applicable to STRING_TYPE attributes, if true then stopwords and punctuation will be stripped prior to storing and/or indexing. If false, only an exact string will match. -`multi-valued`:: If true, then the attribute values will be Lists of the attribute type rather than single values. +`tokenized`:: Only applicable to STRING_TYPE attributes, if true then stopwords and punctuation are stripped prior to storing and/or indexing. If false, only an exact string matches. +`multi-valued`:: If true, then the attribute values are Lists of the attribute type rather than single values. ==== The `type` attribute must also be included and must have one of the allowed values: diff --git a/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-action-components.adoc b/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-action-components.adoc index 53946f1d732a..9c3e6aab4260 100644 --- a/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-action-components.adoc +++ b/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-action-components.adoc @@ -5,31 +5,31 @@ :order: 19 :summary: Creating a custom Action Component. -To provide a service, such as a link to a metacard, the `ActionProvider` interface should be implemented. -An `ActionProvider` essentially provides a List of `Actions` when given input that it can recognize and handle. -For instance, if a REST endpoint ActionProvider was given a metacard, it could provide a link based on the metacard's ID.  +To provide a service, such as a link to a metacard, the `ActionProvider` interface should be implemented. +An `ActionProvider` essentially provides a List of `Actions` when given input that it can recognize and handle. +For instance, if a REST endpoint ActionProvider was given a metacard, it could provide a link based on the metacard's ID. An Action Provider performs an action when given a subject that it understands. -If it does not understand the subject or does not know how to handle the given input, it will return `Collections.emptyList()`. +If it does not understand the subject or does not know how to handle the given input, it returns `Collections.emptyList()`. An Action Provider is required to have an ActionProvider id. -The Action Provider must register itself in the OSGi Service Registry with the `${ddf-branding-lowercase}.action.ActionProvider` interface and must also have a service property value for `id`.  -An action is a URL that, when invoked, provides a resource or executes intended business logic.  +The Action Provider must register itself in the OSGi Service Registry with the `${ddf-branding-lowercase}.action.ActionProvider` interface and must also have a service property value for `id`. +An action is a URL that, when invoked, provides a resource or executes intended business logic. -==== Action Component Naming Convention +== Action Component Naming Convention For each Action, a title and description should be provided to describe what the action does. The recommended naming convention is to use the verb 'Get' when retrieving a portion of a metacard, such as the metadata or thumbnail, or when downloading a resource. The verb 'Export' or the expression 'Export as' is recommended when the metacard is being exported in a different format or presented after going some transformation. -===== Action Component Taxonomy +=== Action Component Taxonomy -An Action Provider registers an `id` as a service property in the OGSi Service Registry based on the type of service or action that is provided. -Regardless of implementation, if more than one Action Provider provides the same service, such as providing a URL to a thumbnail for a given metacard, they must both register under the same `id`. -Therefore, Action Provider implementers must follow an Action Taxonomy.  +An Action Provider registers an `id` as a service property in the OGSi Service Registry based on the type of service or action that is provided. +Regardless of implementation, if more than one Action Provider provides the same service, such as providing a URL to a thumbnail for a given metacard, they must both register under the same `id`. +Therefore, Action Provider implementers must follow an Action Taxonomy. -The following is a sample taxonomy:  +The following is a sample taxonomy: -. `catalog.data.metacard` shall be the grouping that represents Actions on a Catalog metacard. +. `catalog.data.metacard` shall be the grouping that represents Actions on a Catalog metacard. .. `catalog.data.metacard.view` .. `catalog.data.metacard.thumbnail` .. `catalog.data.metacard.html` @@ -44,7 +44,7 @@ The following is a sample taxonomy:  |Naming Convention |`catalog.data.metacard.view` -|Provides a valid URL to view a metacard. Format of data is not specified; i.e. the representation can be in XML, JSON, or other. +|Provides a valid URL to view a metacard. Format of data is not specified, so the representation can be in XML, JSON, or other. |Export as ... |`catalog.data.metacard.thumbnail` diff --git a/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-applications.adoc b/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-applications.adoc index cdf9677d74da..e89ad56cbdf6 100644 --- a/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-applications.adoc +++ b/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-applications.adoc @@ -6,19 +6,18 @@ The ${branding} applications are a collection of OSGi bundles that contain configurations to be displayed in the ${admin-console}. The applications are defined in the ${etc/application-definitions} directory. -Any json file added to the ${etc/application-definitions} with name, description and bundleLocations keys will be displayed in the ${admin-console}. -The application will only display if one of the bundles listed in the bundleLocations key is running or there is at least 1 plugin associated with that application running. +Any json file added to the ${etc/application-definitions} with name, description, and bundleLocations keys is displayed in the ${admin-console}. +The application only displays if one of the bundles listed in the bundleLocations key is running or there is at least 1 plugin associated with that application running. A KAR file is a Karaf-specific archive format (*K*araf *AR*chive). It is a jar file that contains a feature descriptor file and one or more OSGi bundle jar files. The feature descriptor file identifies a set of bundles that need to be installed, and any dependencies on other features that may need to be installed. -==== Describing Application Services +== Describing Application Services Given the modular nature of OSGi, some applications perform operations on the services themselves. In order to present, identify, and manipulate the services, they need descriptive identifying information. -Any service that implements the `Describable` interface in `org.codice.ddf.platform.services.common` will -have an obligation to provide this information. +Any service that implements the `Describable` interface in `org.codice.ddf.platform.services.common` must provide this information. The relevant fields are as follows: ID:: a unique identifier for the service @@ -33,7 +32,7 @@ such as `ddf.metacards` or `ddf.platform`; while the [*component*] within a [*pr Note that `ddf` as a [*product*] is reserved for core features only and is not meant to be used during extension or integration. -==== Creating a KAR File +== Creating a KAR File The recommended method for creating a KAR file is to use the `features-maven-plugin`, which has a `create-kar` goal. This goal reads all of the features specified in the feature's descriptor file. @@ -85,22 +84,22 @@ Examples of how KAR files are created for ${branding} components can be found in The `.kar` file generated should be deployed to the application author's maven repository. The URL to the application's KAR file in this Maven repository should be the installation URL that is used. -==== Including Data Files in a KAR File +== Including Data Files in a KAR File -The developer may need to include data or configuration file(s) in a KAR file. +The developer may need to include data or configuration files in a KAR file. An example of this is a properties file for the JDBC connection properties of a catalog provider. It is recommended that: * Any `data/configuration` files be placed under the `src/main/resources` directory of the maven project. -Sub-directories under `src/main/resources` can be used, e.g., `etc/security`. +Sub-directories under `src/main/resources` can be used, for example, `etc/security`. * The Maven project's pom file should be updated to attach each `data/configuration` file as an artifact (using the `build-helper-maven-plugin`). * Add each `data/configuration` file to the KAR file using the `` tag in the KAR's `features.xml` file. -==== Installing a KAR File +== Installing a KAR File When the user downloads an application by clicking on the *Installation* link, the application's KAR file is downloaded. -To install manually, the KAR file can be placed in the `${home_directory}/deploy` directory of the running ${branding} instance. ${branding} then detects that a file with a `.kar` file extension has been placed in this monitored directory, unzips the KAR file into the `${home_directory}/system` directory, and installs the bundle(s) listed in the KAR file's feature descriptor file. +To install manually, the KAR file can be placed in the `${home_directory}/deploy` directory of the running ${branding} instance. ${branding} then detects that a file with a `.kar` file extension has been placed in this monitored directory, unzips the KAR file into the `${home_directory}/system` directory, and installs the bundles listed in the KAR file's feature descriptor file. To install via the ${admin-console}: . Navigate to the *${admin-console}*. . Select *Manage* button. @@ -109,13 +108,13 @@ To install via the ${admin-console}: . Select *Save Changes* to activate, The new application can be viewed via the ${admin-console}'s Active Applications list. -===== Developing Application Configuration Modules +=== Developing Application Configuration Modules An application within ${branding} is a collection of bundles contained in a KAR file that may or may not have configurations associated with it. Plugins are used to advertise applications. These configuration module plugins are often used to add user interface elements to make the use of the ${branding} simpler and/or more intuitive. -====== Creating an Application Configuration Module +==== Creating an Application Configuration Module This example demonstrates a plugin that allows the ${branding} to use the Admin UI. @@ -160,14 +159,14 @@ public class SourcesPlugin extends AbstractApplicationPlugin { + . Create application to use this configuration. -===== Including KAR Files +=== Including KAR Files -Sometimes a developer may need to include data or configuration file(s) in a KAR file. +Sometimes a developer may need to include data or configuration files in a KAR file. An example of this would be a properties file for the JDBC connection properties of a catalog provider. It is recommended that: * Any data/configuration files be placed under the `src/main/resources` directory of the maven project. -(Sub-directories under `src/main/resources` can also be used, e.g., `etc/security`) +(Sub-directories under `src/main/resources` can also be used, for example, `etc/security`) * The maven project's pom file should be updated to attach each data/configuration file as an artifact (using the `build-helper-maven-plugin`) * Add each data/configuration file to the KAR file by using the `` tag in the KAR's `features.xml` file diff --git a/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-catalog-frameworks.adoc b/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-catalog-frameworks.adoc index b962803a702a..d070969bab69 100644 --- a/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-catalog-frameworks.adoc +++ b/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-catalog-frameworks.adoc @@ -7,26 +7,26 @@ ${branding} and the underlying OSGi technology can serve as a robust infrastructure for developing frameworks that complement the ${ddf-catalog}. -==== Simple Catalog API Implementations +== Simple Catalog API Implementations -The Catalog API implementations, which are denoted with the suffix of `Impl` on the Java file names, have multiple purposes and uses: +The ((Catalog API implementations)), which are denoted with the suffix of `Impl` on the Java file names, have multiple purposes and uses: -* First, they provide a good starting point for other developers to extend functionality in the framework. For instance, extending the `MetacardImpl` allows developers to focus less on the inner workings of ${branding} and more on the developer's intended purposes and objectives.  +* First, they provide a good starting point for other developers to extend functionality in the framework. For instance, extending the `MetacardImpl` allows developers to focus less on the inner workings of ${branding} and more on the developer's intended purposes and objectives. -* Second, the Catalog API Implementations display the proper usage of an interface and an interface's intentions. Also, they are good code examples for future implementations. If a developer does not want to extend the simple implementations, the developer can at least have a working code reference on which to base future development. +* Second, the Catalog API Implementations display the proper usage of an interface and an interface's intentions. Also, they are good code examples for future implementations. If a developer does not want to extend the simple implementations, the developer can at least have a working code reference on which to base future development. -==== Use of the Whiteboard Design Pattern +== Use of the Whiteboard Design Pattern The ${ddf-catalog} makes extensive use of the Whiteboard Design Pattern. -Catalog Components are registered as services in the OSGi Service Registry, and the Catalog Framework or any other clients tracking the OSGi Service Registry are automatically notified by the OSGi Framework of additions and removals of relevant services. +Catalog Components are registered as services in the OSGi Service Registry, and the Catalog Framework or any other clients tracking the OSGi Service Registry are automatically notified by the OSGi Framework of additions and removals of relevant services. -The Whiteboard Design Pattern is a common OSGi technique that is derived from a technical whitepaper provided by the OSGi Alliance in 2004. +The Whiteboard Design Pattern is a common OSGi technique that is derived from a technical whitepaper provided by the OSGi Alliance in 2004. It is recommended to use the Whiteboard pattern over the Listener pattern in OSGi because it provides less complexity in code (both on the client and server sides), fewer deadlock possibilities than the Listener pattern, and closely models the intended usage of the OSGi framework. -==== Recommendations for Framework Development +== Recommendations for Framework Development * Provide extensibility similar to that of the ${ddf-catalog}. -** Provide a stable API with interfaces and simple implementations (refer to `http://www.ibm.com/developerworks/websphere/techjournal/1007_charters/1007_charters.html`). +** Provide a stable API with interfaces and simple implementations (refer to `http://www.ibm.com/developerworks/websphere/techjournal/1007_charters/1007_charters.html`). * Make use of the ${ddf-catalog} wherever possible to store, search, and transform information. * Utilize OSGi standards wherever possible. ** ConfigurationAdmin @@ -36,7 +36,7 @@ It is recommended to use the Whiteboard pattern over the Listener pattern in OSG ** CXF ** PAX Web and Jetty -==== Catalog Framework Reference +== Catalog Framework Reference The Catalog Framework can be requested from the OSGi Service Registry. @@ -46,13 +46,13 @@ The Catalog Framework can be requested from the OSGi Service Registry. ---- -===== Methods +=== Methods The `CatalogFramework` provides convenient methods to transform `Metacards` and `QueryResponses` using a reference to the `CatalogFramework`. -====== Create, Update, and Delete Methods +==== Create, Update, and Delete Methods -Create, Update, and Delete (CUD) methods add, change, or remove stored metadata in the local Catalog Provider. +Create, Update, and Delete (CUD) methods add, change, or remove stored metadata in the local Catalog Provider. .Example Create, Update, Delete Methods [source,java,linenums] @@ -62,12 +62,12 @@ public UpdateResponse update(UpdateRequest updateRequest) throws IngestException public DeleteResponse delete(DeleteRequest deleteRequest) throws IngestException, SourceUnavailableException; ---- -CUD operations process `PolicyPlugin`, `AccessPlugin`, and `PreIngestPlugin` instances before execution and `PostIngestPlugin` instances after execution. +CUD operations process `PolicyPlugin`, `AccessPlugin`, and `PreIngestPlugin` instances before execution and `PostIngestPlugin` instances after execution. -====== Query Methods +==== Query Methods -Query methods search metadata from available Sources based on the `QueryRequest` properties and Federation Strategy. -Sources could include Catalog Provider, Connected Sources, and Federated Sources. +Query methods search metadata from available Sources based on the `QueryRequest` properties and Federation Strategy. +Sources could include Catalog Provider, Connected Sources, and Federated Sources. .Example Query Methods [source,java,linenums] @@ -75,11 +75,11 @@ Sources could include Catalog Provider, Connected Sources, and Federated Sour public QueryResponse query(QueryRequest query) throws UnsupportedQueryException,SourceUnavailableException, FederationException; public QueryResponse query(QueryRequest queryRequest, FederationStrategy strategy) throws SourceUnavailableException, UnsupportedQueryException, FederationException; ---- -Query requests process  `PolicyPlugin`, `AccessPlugin`, and `PreQueryPlugin` instances before execution and  `PolicyPlugin`, `AccessPlugin`, and `PostQueryPlugin` instances after execution. +Query requests process `PolicyPlugin`, `AccessPlugin`, and `PreQueryPlugin` instances before execution and `PolicyPlugin`, `AccessPlugin`, and `PostQueryPlugin` instances after execution. -====== Resource Methods +==== Resource Methods -Resource methods retrieve data resources from Sources. +Resource methods retrieve data resources from Sources. .Example Resource Methods [source,java,linenums] @@ -88,11 +88,11 @@ public ResourceResponse getEnterpriseResource(ResourceRequest request) throwsIOE public ResourceResponse getLocalResource(ResourceRequest request) throws IOException, ResourceNotFoundException, ResourceNotSupportedException; public ResourceResponse getResource(ResourceRequest request, String resourceSiteName) throws IOException, ResourceNotFoundException, ResourceNotSupportedException; ---- -Resource requests process ``PreResourcePlugin``s before execution and ``PostResourcePlugin``s after execution. +Resource requests process ``PreResourcePlugin``s before execution and ``PostResourcePlugin``s after execution. -====== Source Methods +==== Source Methods -Source methods can get a list of Source identifiers or request descriptions about Sources. +Source methods can get a list of Source identifiers or request descriptions about Sources. .Example Source Methods [source,java,linenums] @@ -101,9 +101,9 @@ public Set getSourceIds(); public SourceInfoResponse getSourceInfo(SourceInfoRequest sourceInfoRequest) throws SourceUnavailableException; ---- -====== Transform Methods +==== Transform Methods -Transform methods provide convenience methods for using Metacard Transformers and Query Response Transformers. +Transform methods provide convenience methods for using Metacard Transformers and Query Response Transformers. .Transform Methods [source,java,linenums] @@ -115,7 +115,7 @@ public BinaryContent transform(Metacard metacard, String transformerId, Map requestProperties) throws CatalogTransformerException; ---- -===== Implementing Catalog Methods +=== Implementing Catalog Methods .Query Response Transform Example [source,java,linenums] @@ -142,7 +142,7 @@ private void convert(QueryResponse queryResponse ) { } ---- -===== Dependency Injection +=== Dependency Injection Using Blueprint or another injection framework, transformers can be injected from the OSGi Service Registry. .Blueprint Service Reference @@ -177,7 +177,7 @@ ${ddf-branding}.catalog.transform.QueryResponseTransformer queryResponseTransfor BinaryContent content = queryResponseTransformer.transform(sourceSesponse, arguments); ---- -===== OSGi Service Registry +=== OSGi Service Registry [IMPORTANT] ==== diff --git a/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-endpoints.adoc b/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-endpoints.adoc index 7c31310d2614..9078c3100cd6 100644 --- a/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-endpoints.adoc +++ b/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-endpoints.adoc @@ -6,7 +6,7 @@ :implements: https://www.w3.org/2001/sw/wiki/REST[REST specification] {external-link}. :order: 06 -Custom endpoints can be created, if necessary. +((Custom endpoints)) can be created, if necessary. See <<{integrating-prefix}endpoint_details,Endpoints>> for descriptions of provided endpoints. Complete the following procedure to create an endpoint.  diff --git a/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-filters.adoc b/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-filters.adoc index 003f7066dd8d..9d840a7d1743 100644 --- a/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-filters.adoc +++ b/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-filters.adoc @@ -5,8 +5,8 @@ :order: 17 :summary: Creating a custom Filter. -The common way to create a `Filter` is to use the GeoTools `FilterFactoryImpl` object, which provides Java implementations for the various types of filters in the Filter Specification. -Examples are the easiest way to understand how to properly create a `Filter` and a `Query`.  +The common way to create a ((Filter)) is to use the GeoTools `FilterFactoryImpl` object, which provides Java implementations for the various types of filters in the Filter Specification. +Examples are the easiest way to understand how to properly create a `Filter` and a `Query`. [NOTE] ==== @@ -19,8 +19,8 @@ Implementing the Filter interface directly is only for extremely advanced use ca Instead, use of the ${branding}-specific `FilterBuilder` API is recommended. ==== -Developers create a `Filter` object in order to filter or constrain the amount of records returned from a `Source`. -The OGC Filter Specification has several types of filters that can be combined in a tree-like structure to describe the set of metacards that should be returned.  +Developers create a `Filter` object in order to filter or constrain the amount of records returned from a `Source`. +The OGC Filter Specification has several types of filters that can be combined in a tree-like structure to describe the set of metacards that should be returned. .Categories of Filters * Comparison Operators @@ -31,23 +31,23 @@ The OGC Filter Specification has several types of filters that can be combined i * Spatial Operators * Temporal Operators -==== Units of Measure +== Units of Measure According to the http://www.opengeospatial.org/standards/filter[OGC Filter Specifications: 09-026r1] {external-link} and http://www.opengeospatial.org/standards/filter[OGC Filter Specifications: 04-095] {external-link}, units of measure can be expressed as a URI. -To fulfill that requirement, ${branding} utilizes the GeoTools class `org.geotools.styling.UomOgcMapping` for spatial filters requiring a standard for units of measure for scalar distances. -Essentially, the `UomOgcMapping` maps the http://www.opengeospatial.org/standards/symbol[OGC Symbology Encoding] {external-link} standard URIs to Java Units. -This class provides three options for units of measure:  +To fulfill that requirement, ${branding} utilizes the GeoTools class `org.geotools.styling.UomOgcMapping` for spatial filters requiring a standard for units of measure for scalar distances. +Essentially, the `UomOgcMapping` maps the http://www.opengeospatial.org/standards/symbol[OGC Symbology Encoding] {external-link} standard URIs to Java Units. +This class provides three options for units of measure: * FOOT * METRE * PIXEL -${branding} only supports FOOT and METRE since they are the most applicable to scalar distances. +${branding} only supports FOOT and METRE since they are the most applicable to scalar distances. -==== Filter Examples +== Filter Examples The example below illustrates creating a query, and thus an OGC Filter, that does a case-insensitive search for the phrase "mission" in the entire metacard's text. -Note that the OGC `PropertyIsLike` Filter is used for this simple contextual query. +Note that the OGC `PropertyIsLike` Filter is used for this simple contextual query. .Simple Contextual Search [source,java,linenums] @@ -67,7 +67,7 @@ ${ddf-branding}.catalog.operation.QueryImpl query = new QueryImpl( propertyIsLik ---- The example below illustrates creating an absolute temporal query, meaning the query is searching for Metacards whose modified timestamp occurred during a specific time range. -Note that this query uses the `During` OGC Filter for an absolute temporal query. +Note that this query uses the `During` OGC Filter for an absolute temporal query. .Absolute Temporal Search [source,java,linenums] @@ -86,9 +86,9 @@ org.opengis.filter.Filter filter = filterFactory.during( filterFactory.property( ${ddf-branding}.catalog.operation.QueryImpl query = new QueryImpl(filter) ; ---- -===== Contextual Searches +=== Contextual Searches -Most contextual searches can be expressed using the `PropertyIsLike` filter. The special characters that have meaning in a `PropertyIsLike` filter are the wildcard, single wildcard, and escape characters (see Example Creating-Filters-1). +Most contextual searches can be expressed using the `PropertyIsLike` filter. The special characters that have meaning in a `PropertyIsLike` filter are the wildcard, single wildcard, and escape characters (see Example Creating-Filters-1). .`PropertyIsLike` Special Characters [cols="2*", options="header"] @@ -106,7 +106,7 @@ Most contextual searches can be expressed using the `PropertyIsLike` filter. T |Escapes the meaning of the Wildcard, Single Wildcard, and the Escape character itself |=== -Characters and words, such as `AND`, `&`, `and`, `OR`, `|`, `or`, `NOT`, `~`, `not`, `{`, and `}`, are treated as literals in a `PropertyIsLike` filter. In order to create equivalent logical queries, a developer must instead use the Logical Operator filters {`AND`, `OR`, `NOT`}. The Logical Operator filters can be combined together with `PropertyIsLike` filters to create a tree that represents the search phrase expression.  +Characters and words, such as `AND`, `&`, `and`, `OR`, `|`, `or`, `NOT`, `~`, `not`, `{`, and `}`, are treated as literals in a `PropertyIsLike` filter. In order to create equivalent logical queries, a developer must instead use the Logical Operator filters {`AND`, `OR`, `NOT`}. The Logical Operator filters can be combined together with `PropertyIsLike` filters to create a tree that represents the search phrase expression. .Creating the search phrase "mission and planning" [source,java,linenums] @@ -130,9 +130,9 @@ wildcardChar, singleChar, escapeChar, isCaseSensitive) ${ddf-branding}.catalog.operation.QueryImpl query = new QueryImpl( filter ); ---- -====== Tree View of Creating Filters  +==== Tree View of Creating Filters -Filters used in ${branding} can always be represented in a tree diagram. +Filters used in ${branding} can always be represented in a tree diagram. .Filter Example Tree Diagram [ditaa,filter-example-tree, png,600] @@ -151,7 +151,7 @@ Filters used in ${branding} can always be represented in a tree diagram. \--------------------/ .... -====== XML View of Creating Filters +==== XML View of Creating Filters Another way to view this type of Filter is through an XML model, which is shown below. @@ -172,13 +172,13 @@ Another way to view this type of Filter is through an XML model, which is shown ---- -Using the Logical Operators and `PropertyIsLike` filters, a developer can create a whole language of search phrase expressions. +Using the Logical Operators and `PropertyIsLike` filters, a developer can create a whole language of search phrase expressions. -===== Fuzzy Operations +=== Fuzzy Operations -${branding} only supports one custom function. +${branding} only supports one custom function. The Filter specification does not include a fuzzy operator, so a Filter function was created to represent a fuzzy operation. -The function and class is called `FuzzyFunction`, which is used by clients to notify the Sources to perform a fuzzy search. +The function and class is called `FuzzyFunction`, which is used by clients to notify the Sources to perform a fuzzy search. The syntax expected by providers is similar to the Fuzzy Function. Refer to the example below. @@ -203,27 +203,27 @@ Filter fuzzyFilter = filterFactory.like( QueryImpl query = new QueryImpl(fuzzyFilter); ---- -==== Parsing Filters +== Parsing Filters According to the http://www.opengeospatial.org/standards/filter[OGC Filter Specification 04-095] {external-link}: a "(filter expression) representation can be ... parsed and then transformed into whatever target language is required to retrieve or modify object instances stored in some persistent object store." -Filters can be thought of as the `WHERE` clause for a SQL SELECT statement to "fetch data stored in a SQL-based relational database."  +Filters can be thought of as the `WHERE` clause for a SQL SELECT statement to "fetch data stored in a SQL-based relational database." -Sources can parse OGC Filters using the `FilterAdapter` and `FilterDelegate`. -See Developing a Filter Delegate for more details on implementing a new `FilterDelegate`. +Sources can parse OGC Filters using the `FilterAdapter` and `FilterDelegate`. +See Developing a Filter Delegate for more details on implementing a new `FilterDelegate`. This is the preferred way to handle OGC Filters in a consistent manner. -Alternately, `org.opengis.filter.Filter` implementations can be parsed using implementations of the interface `org.opengis.filter.FilterVisitor`.  -The `FilterVisitor` uses the http://www.oodesign.com/visitor-pattern.html[Visitor pattern] {external-link}. Essentially, `FilterVisitor` instances "visit" each part of the `Filter` tree allowing developers to implement logic to handle the filter's operations.  -GeoTools 8 includes implementations of the `FilterVisitor` interface. -The `DefaultFilterVisitor`, as an example, provides only business logic to visit every node in the `Filter` tree. -The `DefaultFilterVisitor` methods are meant to be overwritten with the correct business logic.  -The simplest approach when using `FilterVisitor` instances is to build the appropriate query syntax for a target language as each part of the `Filter` is visited. -For instance, when given an incoming `Filter` object to be evaluated against a RDBMS, a `CatalogProvider` instance could use a `FilterVisitor` to interpret each filter operation on the `Filter` object and translate those operations into SQL. -The `FilterVisitor` may be needed to support `Filter` functionality not currently handled by the `FilterAdapter` and `FilterDelegate` reference implementation. +Alternately, `org.opengis.filter.Filter` implementations can be parsed using implementations of the interface `org.opengis.filter.FilterVisitor`. +The `FilterVisitor` uses the http://www.oodesign.com/visitor-pattern.html[Visitor pattern] {external-link}. Essentially, `FilterVisitor` instances "visit" each part of the `Filter` tree allowing developers to implement logic to handle the filter's operations. +GeoTools 8 includes implementations of the `FilterVisitor` interface. +The `DefaultFilterVisitor`, as an example, provides only business logic to visit every node in the `Filter` tree. +The `DefaultFilterVisitor` methods are meant to be overwritten with the correct business logic. +The simplest approach when using `FilterVisitor` instances is to build the appropriate query syntax for a target language as each part of the `Filter` is visited. +For instance, when given an incoming `Filter` object to be evaluated against a RDBMS, a `CatalogProvider` instance could use a `FilterVisitor` to interpret each filter operation on the `Filter` object and translate those operations into SQL. +The `FilterVisitor` may be needed to support `Filter` functionality not currently handled by the `FilterAdapter` and `FilterDelegate` reference implementation. -===== Interpreting a Filter to Create SQL +=== Interpreting a Filter to Create SQL -If the `FilterAdapter` encountered or "visited" a `PropertyIsLike` filter with its property assigned as `title` and its literal expression assigned as `mission`, the `FilterDelegate` could create the proper SQL syntax similar to title `LIKE` mission. +If the `FilterAdapter` encountered or "visited" a `PropertyIsLike` filter with its property assigned as `title` and its literal expression assigned as `mission`, the `FilterDelegate` could create the proper SQL syntax similar to title `LIKE` mission. .Parsing Filters Tree Diagram [ditaa,parsing-filters,png] @@ -243,9 +243,9 @@ If the `FilterAdapter` encountered or "visited" a `PropertyIsLike` filter wi \-------------------------/ .... -===== Interpreting a Filter to Create XQuery +=== Interpreting a Filter to Create XQuery -If the `FilterAdapter` encountered an `OR` filter, such as in Figure Parsing-Filters2 and the target language was XQuery, the `FilterDelegate` could yield an expression such as  +If the `FilterAdapter` encountered an `OR` filter, such as in Figure Parsing-Filters2 and the target language was XQuery, the `FilterDelegate` could yield an expression such as [source] ---- @@ -279,29 +279,29 @@ ft:query(//inventory:book/@subject,'science'). .... -====== FilterAdapter/Delegate Process for Figure Parsing +==== FilterAdapter/Delegate Process for Figure Parsing -. `FilterAdapter` visits the `OR` filter first. -. `OR` filter visits its children in a loop.  -. The first child in the loop that is encountered is the LHS `PropertyIsLike`. -. The `FilterAdapter` will call the `FilterDelegate` `PropertyIsLike` method with the LHS property and literal. -. The LHS `PropertyIsLike` delegate method builds the XQuery syntax that makes sense for this particular underlying object store. In this case, the _subject_ property is specific to this XML database, and the business logic maps the _subject_ property to its index at `//inventory:book/@subject` Note that `ft:query` in this instance is a custom XQuery module for this specific XML database that does full text searches. -. The `FilterAdapter` then moves back to the `OR` filter, which visits its second child. -. The `FilterAdapter` will call the `FilterDelegate` `PropertyIsLike` method with the RHS property and literal. -. The RHS `PropertyIsLike` delegate method builds the XQuery syntax that makes sense for this particular underlying object store. In this case, the _subject_ property is specific to this XML database, and the business logic maps the _subject_ property to its index at `//inventory:book/@subject` Note that `ft:query` in this instance is a custom XQuery module for this specific XML database that does full text searches. -. The `FilterAdapter` then moves back to its `OR` Filter which is now done with its children. -. It then collects the output of each child and sends the list of results to the `FilterDelegate OR` method. -. The final result object will be returned from the `FilterAdapter` adapt method. +. `FilterAdapter` visits the `OR` filter first. +. `OR` filter visits its children in a loop. +. The first child in the loop that is encountered is the LHS `PropertyIsLike`. +. The `FilterAdapter` calls the `FilterDelegate` `PropertyIsLike` method with the LHS property and literal. +. The LHS `PropertyIsLike` delegate method builds the XQuery syntax that makes sense for this particular underlying object store. In this case, the _subject_ property is specific to this XML database, and the business logic maps the _subject_ property to its index at `//inventory:book/@subject` Note that `ft:query` in this instance is a custom XQuery module for this specific XML database that does full text searches. +. The `FilterAdapter` then moves back to the `OR` filter, which visits its second child. +. The `FilterAdapter` calls the `FilterDelegate` `PropertyIsLike` method with the RHS property and literal. +. The RHS `PropertyIsLike` delegate method builds the XQuery syntax that makes sense for this particular underlying object store. In this case, the _subject_ property is specific to this XML database, and the business logic maps the _subject_ property to its index at `//inventory:book/@subject` Note that `ft:query` in this instance is a custom XQuery module for this specific XML database that does full text searches. +. The `FilterAdapter` then moves back to its `OR` Filter which is now done with its children. +. It then collects the output of each child and sends the list of results to the `FilterDelegate OR` method. +. The final result object is returned from the `FilterAdapter` adapt method. -====== FilterVisitor Process for Figure Parsing +==== FilterVisitor Process for Figure Parsing -. FilterVisitor visits the `OR` filter first. -. `OR` filter visits its children in a loop.  -. The first child in the loop that is encountered is the LHS `PropertyIsLike`. -. The LHS `PropertyIsLike` builds the XQuery syntax that makes sense for this particular underlying object store. In this case, the _subject_ property is specific to this XML database, and the business logic maps the _subject_ property to its index at `//inventory:book/@subject`. Note that `ft:query` in this instance is a custom XQuery module for this specific XML database that does full text searches. -. The FilterVisitor then moves back to the `OR` filter, which visits its second child. -. The RHS `PropertyIsLike` builds the XQuery syntax that makes sense for this particular underlying object store. In this case, the _subject_ property is specific to this XML database, and the business logic maps the _subject_ property to its index at `//inventory:book/@subject`. Note that `ft:query` in this instance is a custom XQuery module for this specific XML database that does full text searches. -. The FilterVisitor then moves back to its `OR` filter, which is now done with its children. It then collects the output of each child and could potentially execute the following code to produce the above expression. +. FilterVisitor visits the `OR` filter first. +. `OR` filter visits its children in a loop. +. The first child in the loop that is encountered is the LHS `PropertyIsLike`. +. The LHS `PropertyIsLike` builds the XQuery syntax that makes sense for this particular underlying object store. In this case, the _subject_ property is specific to this XML database, and the business logic maps the _subject_ property to its index at `//inventory:book/@subject`. Note that `ft:query` in this instance is a custom XQuery module for this specific XML database that does full text searches. +. The FilterVisitor then moves back to the `OR` filter, which visits its second child. +. The RHS `PropertyIsLike` builds the XQuery syntax that makes sense for this particular underlying object store. In this case, the _subject_ property is specific to this XML database, and the business logic maps the _subject_ property to its index at `//inventory:book/@subject`. Note that `ft:query` in this instance is a custom XQuery module for this specific XML database that does full text searches. +. The FilterVisitor then moves back to its `OR` filter, which is now done with its children. It then collects the output of each child and could potentially execute the following code to produce the above expression. [source,java,linenums] ---- @@ -313,11 +313,11 @@ public visit( Or filter, Object data) { } ---- -==== Filter Profile +== Filter Profile The filter profile maps filters to metacard types. -===== Role of the OGC Filter +=== Role of the OGC Filter Both Queries and Subscriptions extend the OGC GeoAPI Filter interface. @@ -325,7 +325,7 @@ The Filter Builder and Adapter do not fully implement the OGC Filter Specificati The filter support profile contains suggested filter to metacard type mappings. For example, even though a Source could support a `PropertyIsGreaterThan` filter on `XML_TYPE`, it would not likely be useful. -===== Catalog Filter Profile +=== Catalog Filter Profile The following table displays the common metacard attributes with their respective types for reference. @@ -389,12 +389,12 @@ The following table displays the common metacard attributes with their respectiv |=== -====== Comparison Operators +==== Comparison Operators Comparison operators compare the value associated with a property name with a given Literal value. Endpoints and sources should try to use metacard types other than the object type. -The object type only supports backwards compatibility with `java.net.URI`.   -Endpoints that send other objects will not be supported by standard sources. +The object type only supports backwards compatibility with `java.net.URI`. +Endpoints that send other objects are not supported by standard sources. The following table maps the metacard types to supported comparison operators. .Metacard Types to Comparison Operators @@ -479,7 +479,7 @@ The following table maps the metacard types to supported comparison operators. |*X* |*X* -  + |GEO_TYPE | @@ -571,7 +571,7 @@ The following table maps the metacard types to supported comparison operators. |*X* | |*X* -  + |=== .Comparison Operators @@ -602,7 +602,7 @@ The following table maps the metacard types to supported comparison operators. |PropertyIsLike |Property LIKE Literal -Equivalent to SQL "like"  +Equivalent to SQL "like" |PropertyIsNotEqualTo |Property != Literal @@ -612,7 +612,7 @@ Equivalent to SQL "like"  |=== -====== Logical Operators +==== Logical Operators Logical operators apply Boolean logic to one or more child filters. @@ -632,7 +632,7 @@ Logical operators apply Boolean logic to one or more child filters. |=== -====== Temporal Operators +==== Temporal Operators Temporal operators compare a date associated with a property name to a given Literal date or date range. @@ -687,9 +687,9 @@ Literal values can be either date instants or date periods. |=== -====== Spatial Operators +==== Spatial Operators -Spatial operators compare a geometry associated with a property name to a given Literal geometry.  +Spatial operators compare a geometry associated with a property name to a given Literal geometry. .Supported Spatial Operators. [cols="11*", options="headers"] @@ -746,7 +746,7 @@ Geometries are usually represented as Well-Known Text (_WKT_). |Property geometry lies within distance to Literal geometry |Intersects -|Property geometry intersects Literal geometry; opposite to the Disjoint operator  +|Property geometry intersects Literal geometry; opposite to the Disjoint operator |Overlaps |Property geometry interior overlaps Literal geometry interior somewhere diff --git a/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-plugins.adoc b/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-plugins.adoc index c20a1b526c3f..efba63d3af05 100644 --- a/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-plugins.adoc +++ b/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-plugins.adoc @@ -5,9 +5,9 @@ :summary: Creating a custom catalog plugin. :order: 11 -Plugins extend the functionality of the Catalog Framework by performing actions at specified times during a transaction.  +((Catalog Plugins)) extend the functionality of the Catalog Framework by performing actions at specified times during a transaction. Plugin interfaces are located in the Catalog Core API. -By implementing a plugin interface, actions can be performed at the desired time.  +By implementing a plugin interface, actions can be performed at the desired time. The following types of plugins can be created: @@ -89,7 +89,7 @@ The following types of plugins can be created: |=== -==== Implementing Catalog Plugins +== Implementing Catalog Plugins The procedure for implementing any of the plugins follows a similar format: @@ -101,7 +101,7 @@ The procedure for implementing any of the plugins follows a similar format: .. Register the plugin class as a service to OSGi registry. -. Deploy to ${branding}. +. Deploy to ${branding}. .Plugin Performance Concerns [NOTE] @@ -115,17 +115,17 @@ It is usually preferable to take no action on non-local requests. Refer to the Javadoc for more information on all Requests and Responses in the `${ddf-branding-lowercase}.catalog.operation` and `${ddf-branding-lowercase}.catalog.event` packages. ==== -===== Catalog Plugin Failure Behavior +=== Catalog Plugin Failure Behavior In the event that this Catalog Plugin cannot operate but does not wish to fail the transaction, a `PluginExecutionException` should be thrown. If processing is to be explicitly stopped, a `StopProcessingException` should be thrown. For any other exceptions, the Catalog should "fail fast" and cancel the Operation. -===== Implementing Pre-Ingest Plugins +=== Implementing Pre-Ingest Plugins Develop a custom Pre-Ingest Plugin. -. Create a Java class that implements `PreIngestPlugin`. + +. Create a Java class that implements `PreIngestPlugin`. + `public class SamplePreIngestPlugin implements ddf.catalog.plugin.PreIngestPlugin` + . Implement the required methods. + @@ -133,105 +133,105 @@ Develop a custom Pre-Ingest Plugin. * `public UpdateRequest process(UpdateRequest input) throws PluginExecutionException, StopProcessingException;` * `public DeleteRequest process(DeleteRequest input) throws PluginExecutionException, StopProcessingException;` + -. Import the ${branding} interface packages to the bundle manifest (in addition to any other required packages). + +. Import the ${branding} interface packages to the bundle manifest (in addition to any other required packages). + `Import-Package: ddf.catalog,ddf.catalog.plugin` + . Export the service to the OSGi registry. + *Blueprint descriptor example* `` -===== Implementing Post-Ingest Plugins +=== Implementing Post-Ingest Plugins Develop a custom Post-Ingest Plugin. -. Create a Java class that implements `PostIngestPlugin`. + +. Create a Java class that implements `PostIngestPlugin`. + `public class SamplePostIngestPlugin implements ddf.catalog.plugin.PostIngestPlugin` . Implement the required methods. + - * `public CreateResponse process(CreateResponse input) *throws* PluginExecutionException;` - * `public UpdateResponse process(UpdateResponse input) *throws* PluginExecutionException;` - * `public DeleteResponse process(DeleteResponse input) *throws* PluginExecutionException;` + * `public CreateResponse process(CreateResponse input) throws PluginExecutionException;` + * `public UpdateResponse process(UpdateResponse input) throws PluginExecutionException;` + * `public DeleteResponse process(DeleteResponse input) throws PluginExecutionException;` -. Import the ${branding} interface packages to the bundle manifest (in addition to any other required packages). + +. Import the ${branding} interface packages to the bundle manifest (in addition to any other required packages). + `Import-Package: ddf.catalog,ddf.catalog.plugin` . Export the service to the OSGi registry. + *Blueprint descriptor example* `` -===== Implementing Pre-Query Plugins +=== Implementing Pre-Query Plugins Develop a custom Pre-Query Plugin -. Create a Java class that implements `PreQueryPlugin`. + +. Create a Java class that implements `PreQueryPlugin`. + `public class SamplePreQueryPlugin implements ddf.catalog.plugin.PreQueryPlugin` . Implement the required method. + -`public QueryRequest process(QueryRequest input) *throws* PluginExecutionException, StopProcessingException;` -. Import the ${branding} interface packages to the bundle manifest (in addition to any other required packages). + +`public QueryRequest process(QueryRequest input) throws PluginExecutionException, StopProcessingException;` +. Import the ${branding} interface packages to the bundle manifest (in addition to any other required packages). + `Import-Package: ddf.catalog,ddf.catalog.plugin` . Export the service to the OSGi registry. + `` -===== Implementing Post-Query Plugins +=== Implementing Post-Query Plugins Develop a custom Post-Query Plugin -. Create a Java class that implements `PostQueryPlugin`. + +. Create a Java class that implements `PostQueryPlugin`. + `public class SamplePostQueryPlugin implements ddf.catalog.plugin.PostQueryPlugin` . Implement the required method. + -`public QueryResponse process(QueryResponse input) *throws* PluginExecutionException, StopProcessingException;` +`public QueryResponse process(QueryResponse input) throws PluginExecutionException, StopProcessingException;` -. Import the ${branding} interface packages to the bundle manifest (in addition to any other required packages). + +. Import the ${branding} interface packages to the bundle manifest (in addition to any other required packages). + `Import-Package: ddf.catalog,ddf.catalog.plugin` . Export the service to the OSGi registry. + `` -===== Implementing Pre-Delivery Plugins +=== Implementing Pre-Delivery Plugins Develop a custom Pre-Delivery Plugin. -. Create a Java class that implements `PreDeliveryPlugin`. + -`public class SamplePreDeliveryPlugin *implements* ddf.catalog.plugin.PreDeliveryPlugin` +. Create a Java class that implements `PreDeliveryPlugin`. + +`public class SamplePreDeliveryPlugin implements ddf.catalog.plugin.PreDeliveryPlugin` . Implement the required methods. + -`public Metacard processCreate(Metacard metacard) *throws* PluginExecutionException, StopProcessingException;` -`public Update processUpdateMiss(Update update) *throws* PluginExecutionException, +`public Metacard processCreate(Metacard metacard) throws PluginExecutionException, StopProcessingException;` +`public Update processUpdateMiss(Update update) throws PluginExecutionException, StopProcessingException;` - * `public Update processUpdateHit(Update update) *throws* PluginExecutionException, StopProcessingException;` - * `public Metacard processCreate(Metacard metacard) *throws* PluginExecutionException, StopProcessingException;` + * `public Update processUpdateHit(Update update) throws PluginExecutionException, StopProcessingException;` + * `public Metacard processCreate(Metacard metacard) throws PluginExecutionException, StopProcessingException;` -. Import the ${branding} interface packages to the bundle manifest (in addition to any other required packages). + +. Import the ${branding} interface packages to the bundle manifest (in addition to any other required packages). + `Import-Package: ddf.catalog,ddf.catalog.plugin,ddf.catalog.operation,ddf.catalog.event` . Export the service to the OSGi registry. + *Blueprint descriptor example* + `` -===== Implementing Pre-Subscription Plugins +=== Implementing Pre-Subscription Plugins Develop a custom Pre-Subscription Plugin. -. Create a Java class that implements `PreSubscriptionPlugin`. + -`public class SamplePreSubscriptionPlugin *implements* ddf.catalog.plugin.PreSubscriptionPlugin` +. Create a Java class that implements `PreSubscriptionPlugin`. + +`public class SamplePreSubscriptionPlugin implements ddf.catalog.plugin.PreSubscriptionPlugin` . Implement the required method. - * `public Subscription process(Subscription input) *throws* PluginExecutionException, StopProcessingException;` + * `public Subscription process(Subscription input) throws PluginExecutionException, StopProcessingException;` -===== Implementing Pre-Resource Plugins +=== Implementing Pre-Resource Plugins Develop a custom Pre-Resource Plugin. -. Create a Java class that implements `PreResourcePlugin`. -`public class SamplePreResourcePlugin *implements* ddf.catalog.plugin.PreResourcePlugin` +. Create a Java class that implements `PreResourcePlugin`. +`public class SamplePreResourcePlugin implements ddf.catalog.plugin.PreResourcePlugin` . Implement the required method. + - * `public ResourceRequest process(ResourceRequest input) *throws* PluginExecutionException, StopProcessingException;` + * `public ResourceRequest process(ResourceRequest input) throws PluginExecutionException, StopProcessingException;` -. Import the ${branding} interface packages to the bundle manifest (in addition to any other required packages). + +. Import the ${branding} interface packages to the bundle manifest (in addition to any other required packages). + `Import-Package: ddf.catalog,ddf.catalog.plugin,ddf.catalog.operation` . Export the service to the OSGi registry. @@ -241,17 +241,17 @@ Develop a custom Pre-Resource Plugin. ---- -===== Implementing Post-Resource Plugins +=== Implementing Post-Resource Plugins Develop a custom Post-Resource Plugin. -. Create a Java class that implements `PostResourcePlugin`. + -`public class SamplePostResourcePlugin *implements* ddf.catalog.plugin.PostResourcePlugin` +. Create a Java class that implements `PostResourcePlugin`. + +`public class SamplePostResourcePlugin implements ddf.catalog.plugin.PostResourcePlugin` . Implement the required method. + - * `public ResourceResponse process(ResourceResponse input) *throws* PluginExecutionException, StopProcessingException;` + * `public ResourceResponse process(ResourceResponse input) throws PluginExecutionException, StopProcessingException;` -. Import the ${branding} interface packages to the bundle manifest (in addition to any other required packages). + +. Import the ${branding} interface packages to the bundle manifest (in addition to any other required packages). + `Import-Package: ddf.catalog,ddf.catalog.plugin,ddf.catalog.operation` . Export the service to the OSGi registry. @@ -262,42 +262,42 @@ Develop a custom Post-Resource Plugin. <]]" inter"[[SamplePostResourcePlugin" interface="ddf.catalog.plugin.PostResourcePlugin" /> ---- -===== Implementing Policy Plugins +=== Implementing Policy Plugins Develop a custom Policy Plugin. -. Create a Java class that implements `PolicyPlugin`. + -`public class SamplePolicyPlugin *implements* ddf.catalog.plugin.PolicyPlugin` +. Create a Java class that implements `PolicyPlugin`. + +`public class SamplePolicyPlugin implements ddf.catalog.plugin.PolicyPlugin` . Implement the required methods. + - * `PolicyResponse processPreCreate(Metacard input, Map properties) *throws* StopProcessingException;` - * `PolicyResponse processPreUpdate(Metacard input, Map properties) *throws* StopProcessingException;` - * `PolicyResponse processPreDelete(String attributeName, List attributeValues, Map properties) *throws* StopProcessingException;` - * `PolicyResponse processPreQuery(Query query, Map properties) *throws* StopProcessingException;` - * `PolicyResponse processPostQuery(Result input, Map properties) *throws* StopProcessingException;` + * `PolicyResponse processPreCreate(Metacard input, Map properties) throws StopProcessingException;` + * `PolicyResponse processPreUpdate(Metacard input, Map properties) throws StopProcessingException;` + * `PolicyResponse processPreDelete(String attributeName, List attributeValues, Map properties) throws StopProcessingException;` + * `PolicyResponse processPreQuery(Query query, Map properties) throws StopProcessingException;` + * `PolicyResponse processPostQuery(Result input, Map properties) throws StopProcessingException;` -. Import the DDF interface packages to the bundle manifest (in addition to any other required packages). + +. Import the DDF interface packages to the bundle manifest (in addition to any other required packages). + `Import-Package: ddf.catalog,ddf.catalog.plugin,ddf.catalog.operation` . Export the service to the OSGi registry. + *Blueprint descriptor example* + `<]]" inter"[[SamplePolicyPlugin" interface="ddf.catalog.plugin.PolicyPlugin" />` -===== Implementing Access Plugins +=== Implementing Access Plugins Develop a custom Access Plugin. -. Create a Java class that implements `AccessPlugin`. + -`public class SamplePostResourcePlugin *implements* ddf.catalog.plugin.AccessPlugin` +. Create a Java class that implements `AccessPlugin`. + +`public class SamplePostResourcePlugin implements ddf.catalog.plugin.AccessPlugin` . Implement the required methods. + - * `CreateRequest processPreCreate(CreateRequest input) *throws* StopProcessingException;` - * `UpdateRequest processPreUpdate(UpdateRequest input) *throws* StopProcessingException;` - * `DeleteRequest processPreDelete(DeleteRequest input) *throws* StopProcessingException;` - * `QueryRequest processPreQuery(QueryRequest input) *throws* StopProcessingException;` - * `QueryResponse processPostQuery(QueryResponse input) *throws* StopProcessingException;` + * `CreateRequest processPreCreate(CreateRequest input) throws StopProcessingException;` + * `UpdateRequest processPreUpdate(UpdateRequest input) throws StopProcessingException;` + * `DeleteRequest processPreDelete(DeleteRequest input) throws StopProcessingException;` + * `QueryRequest processPreQuery(QueryRequest input) throws StopProcessingException;` + * `QueryResponse processPostQuery(QueryResponse input) throws StopProcessingException;` -. Import the DDF interface packages to the bundle manifest (in addition to any other required packages). + +. Import the DDF interface packages to the bundle manifest (in addition to any other required packages). + `Import-Package: ddf.catalog,ddf.catalog.plugin,ddf.catalog.operation` . Export the service to the OSGi registry. + diff --git a/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-query-options.adoc b/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-query-options.adoc index 8da32612244b..b1acbc8df2c1 100644 --- a/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-query-options.adoc +++ b/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-query-options.adoc @@ -5,8 +5,8 @@ :order: 19 :summary: Creating a custom Query Option. -The easiest way to create a Query is to use the `ddf.catalog.operation.QueryImpl` object. -It is first necessary to create an OGC Filter object then set the Query Options after `QueryImpl` has been constructed. +The easiest way to create a ((Query)) is to use the `ddf.catalog.operation.QueryImpl` object. +It is first necessary to create an OGC Filter object then set the Query Options after `QueryImpl` has been constructed. .`QueryImpl` Example [source,java,linenums] @@ -32,15 +32,14 @@ filterFactory.literal(value))) ; query.setRequestsTotalResultsCount(true); ---- -==== Evaluating a query +== Evaluating a query -Every Source must be able to evaluate a Query object. -Nevertheless, each Source could evaluate the Query differently depending on what that Source supports as to properties and query capabilities. -For instance, a common property all Sources understand is id, but a Source could possibly store frequency values under the property name "frequency." -Some Sources may not support frequency property inquiries and will -throw an error stating it cannot interpret the property. +Every Source must be able to evaluate a Query object. +Nevertheless, each Source could evaluate the Query differently depending on what that Source supports as to properties and query capabilities. +For instance, a common property all Sources understand is id, but a Source could possibly store frequency values under the property name "frequency." +Some Sources may not support frequency property inquiries and throw an error stating it cannot interpret the property. In addition, some Sources might be able to handle spatial operations, while others might not. -A developer should consult a Source's documentation for the limitations, capabilities, and properties that a Source can support. +A developer should consult a Source's documentation for the limitations, capabilities, and properties that a Source can support. .[[_query_options]]Query Options @@ -62,20 +61,20 @@ A developer should consult a Source's documentation for the limitations, capabil |Determines whether the total number of results should be returned. |`TimeoutMillis` -|The amount of time in milliseconds before the query is to be abandoned. If a zero or negative timeout is set, the catalog framework will default to a value configurable via the Admin UI under Catalog -> Configuration -> Query Operations. +|The amount of time in milliseconds before the query is to be abandoned. If a zero or negative timeout is set, the catalog framework defaults to a value configurable via the Admin UI under Catalog -> Configuration -> Query Operations. |=== -==== Commons-DDF Utilities +== Commons-DDF Utilities -The `commons-${ddf-branding}` bundle provides utilities and functionality commonly used across other ${branding} components, such as the endpoints and providers.  +The `commons-${ddf-branding}` bundle provides utilities and functionality commonly used across other ${branding} components, such as the endpoints and providers. -===== FuzzyFunction +=== FuzzyFunction -`${ddf-branding}.catalog.impl.filter.FuzzyFunction` class is used to indicate that a `PropertyIsLike` filter should interpret the search as a fuzzy query.  +`${ddf-branding}.catalog.impl.filter.FuzzyFunction` class is used to indicate that a `PropertyIsLike` filter should interpret the search as a fuzzy query. -===== XPathHelper +=== XPathHelper `${ddf-branding}.util.XPathHelper` provides convenience methods for executing XPath operations on XML. -It also provides convenience methods for converting XML as a `String` from a `org.w3c.dom.Document` object and vice versa. +It also provides convenience methods for converting XML as a `String` from a `org.w3c.dom.Document` object and vice versa. diff --git a/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-registry-clients.adoc b/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-registry-clients.adoc index 1ecd64802ee5..5f5daea8ab1a 100644 --- a/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-registry-clients.adoc +++ b/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-registry-clients.adoc @@ -5,8 +5,8 @@ :order: 14 :summary: Creating a custom Registry Client. -Registry Clients create Federated Sources using the OSGi Configuration Admin. -Developers should reference an individual ``Source``'s (Federated, Connected, or Catalog Provider) documentation for the Configuration properties (such as a Factory PID, addresses, intervals, etc) necessary to establish that `Source` in the framework.  +((Registry Clients)) create Federated Sources using the OSGi Configuration Admin. +Developers should reference an individual ``Source``'s (Federated, Connected, or Catalog Provider) documentation for the Configuration properties (such as a Factory PID, addresses, intervals, etc) necessary to establish that `Source` in the framework. .Creating a Source Configuration [source,java,linenums] @@ -18,5 +18,5 @@ properties.put(QUERY_ADDRESS_PROPERTY,queryAddress); currentConfiguration.update( properties ); ---- -Note that the `QUERY_ADDRESS_PROPERTY` is specific to this Configuration and might not be required for every `Source`. -The properties necessary for creating a Configuration are different for every `Source`. +Note that the `QUERY_ADDRESS_PROPERTY` is specific to this Configuration and might not be required for every `Source`. +The properties necessary for creating a Configuration are different for every `Source`. diff --git a/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-resource-readers.adoc b/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-resource-readers.adoc index c0f37c9c13b8..625f3b8ec420 100644 --- a/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-resource-readers.adoc +++ b/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-resource-readers.adoc @@ -5,63 +5,63 @@ :order: 15 :summary: Creating a custom Resource Reader. -A `ResourceReader` is a class that retrieves a resource from a native/external source and returns it to ${branding}. -A simple example is that of a File `ResourceReader`. -It takes a file from the local file system and passes it back to ${branding}. -New implementations can be created in order to support obtaining Resources from various Resource data stores.  +A ((Resource Reader)) is a class that retrieves a resource from a native/external source and returns it to ${branding}. +A simple example is that of a File `ResourceReader`. +It takes a file from the local file system and passes it back to ${branding}. +New implementations can be created in order to support obtaining Resources from various Resource data stores. -==== Creating a New `ResourceReader` +== Creating a New `ResourceReader` -Complete the following procedure to create a `ResourceReader`. +Complete the following procedure to create a `ResourceReader`. -. Create a Java class that implements the `${ddf-branding}.catalog.resource.ResourceReader` interface. -. Deploy the OSGi bundled packaged service to the ${branding} run-time. +. Create a Java class that implements the `${ddf-branding}.catalog.resource.ResourceReader` interface. +. Deploy the OSGi bundled packaged service to the ${branding} run-time. -===== Implementing the `ResourceReader` Interface +=== Implementing the `ResourceReader` Interface [source,java,linenums] ---- public class TestResourceReader implements ${ddf-branding}.catalog.resource.ResourceReader ---- -`ResourceReader` has a couple of key methods where most of the work is performed. +`ResourceReader` has a couple of key methods where most of the work is performed. [NOTE] ==== *URI* + -It is recommended to become familiar with the Java API URI class in order to properly build a `ResourceReader`.  +It is recommended to become familiar with the Java API URI class in order to properly build a `ResourceReader`. Furthermore, a URI should be used according to its http://www.w3.org/Addressing/URL/uri-spec.html[specification] {external-link}. ==== -===== retrieveResource +=== retrieveResource [source,java,linenums] ---- public ResourceResponse retrieveResource( URI uri, Map arguments )throws IOException, ResourceNotFoundException, ResourceNotSupportedException; ---- -This method is the main entry to the `ResourceReader`. -It is used to retrieve a `Resource` and send it back to the caller (generally the `CatalogFramework`). -Information needed to obtain the entry is contained in the `URI` reference. -The URI Scheme will need to match a scheme specified in the `getSupportedSchemes` method. -This is how the CatalogFramework determines which `ResourceReader` implementation to use.  -If there are multiple `ResourceReaders` supporting the same scheme, these `ResourceReaders` will be invoked iteratively.  -Invocation of the `ResourceReaders` stops once one of them returns a `Resource`. +This method is the main entry to the `ResourceReader`. +It is used to retrieve a `Resource` and send it back to the caller (generally the `CatalogFramework`). +Information needed to obtain the entry is contained in the `URI` reference. +The URI Scheme needs to match a scheme specified in the `getSupportedSchemes` method. +This is how the CatalogFramework determines which `ResourceReader` implementation to use. +If there are multiple `ResourceReaders` supporting the same scheme, these `ResourceReaders` are invoked iteratively. +Invocation of the `ResourceReaders` stops once one of them returns a `Resource`. Arguments are also passed in. -These can be used by the `ResourceReader` to perform additional operations on the resource. +These can be used by the `ResourceReader` to perform additional operations on the resource. -The `URLResourceReader` is an example `ResourceReader` that reads a file from a URI. +The `URLResourceReader` is an example `ResourceReader` that reads a file from a URI. [NOTE] ==== The `Map arguments` parameter is passed in to support any options or additional information associated with retrieving the resource. ==== -===== Implement `retrieveResource()` +=== Implement `retrieveResource()` -. Define supported schemes (e.g., file, http, etc.). -. Check if the incoming URI matches a supported scheme. If it does not, throw `ResourceNotSupportedException`. +. Define supported schemes (such as file, http, etc.). +. Check if the incoming URI matches a supported scheme. If it does not, throw `ResourceNotSupportedException`. .Example: [source,java,linenums] @@ -73,7 +73,7 @@ if ( !uri.getScheme().equals("http") ) ---- . Implement the business logic. -. For example, the `URLResourceReader` will obtain the resource through a connection: +. For example, the `URLResourceReader` obtains the resource through a connection: [source,java,linenums] ---- @@ -88,12 +88,12 @@ InputStream is = conn.getInputStream(); [NOTE] ==== -The `Resource` needs to be accessible from the ${branding} installation (see the rootResourceDirectories property of the `URLResourceReader`).  -This includes being able to find a file locally or reach out to a remote URI.  +The `Resource` needs to be accessible from the ${branding} installation (see the rootResourceDirectories property of the `URLResourceReader`). +This includes being able to find a file locally or reach out to a remote URI. This may require Internet access, and ${branding} may need to be configured to use a proxy (`http.proxyHost` and `http.proxyPort` can be added to the system properties on the command line script). ==== -. Return `Resource` in `ResourceResponse`. +. Return `Resource` in `ResourceResponse`. For example: [source,java,linenums] @@ -101,19 +101,19 @@ For example: return ResourceResponseImpl( new ResourceImpl( new BufferedInputStream( is ), new MimeType( mimeType ), url.getFile() ) ); ---- -If the Resource cannot be found, throw a `ResourceNotFoundException`.   +If the Resource cannot be found, throw a `ResourceNotFoundException`. -===== `getSupportedSchemes` +=== `getSupportedSchemes` [source,java] ---- public Set getSupportedSchemes(); ---- -This method lets the `ResourceReader` inform the CatalogFramework about the type of URI scheme that it accepts and should be passed. +This method lets the `ResourceReader` inform the CatalogFramework about the type of URI scheme that it accepts and should be passed. For single-use ResourceReaders (like a URLResourceReader), there may be only one scheme that it can accept while others may understand more than one. -A ResourceReader must, at minimum, accept one qualifier.  -As mentioned before, this method is used by the `CatalogFramework` to determine which `ResourceReader` to invoke.  +A ResourceReader must, at minimum, accept one qualifier. +As mentioned before, this method is used by the `CatalogFramework` to determine which `ResourceReader` to invoke. [NOTE] ==== @@ -122,9 +122,9 @@ Additionally, there are other methods that are used to uniquely describe a `Reso The `describe` methods are straight-forward and can be implemented with guidance from the Javadoc. ==== -===== Export to OSGi Service Registry +=== Export to OSGi Service Registry -In order for the `ResourceReader` to be used by the `CatalogFramework`, it should be exported to the OSGi Service Registry as a `${ddf-branding}.catalog.resource.ResourceReader`. +In order for the `ResourceReader` to be used by the `CatalogFramework`, it should be exported to the OSGi Service Registry as a `${ddf-branding}.catalog.resource.ResourceReader`. See the XML below for an example: diff --git a/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-resource-writers.adoc b/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-resource-writers.adoc index 4f0ebc54226a..6c7b71bc743c 100644 --- a/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-resource-writers.adoc +++ b/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-resource-writers.adoc @@ -5,14 +5,14 @@ :order: 16 :summary: Creating a custom Resource Writer. -A `ResourceWriter` is an object used to store or delete a `Resource`.  -`ResourceWriter` objects should be registered within the OSGi Service Registry, so clients can retrieve an instance when they need to store a `Resource`.  +A ((Resource Writer)) is an object used to store or delete a `Resource`. +`ResourceWriter` objects should be registered within the OSGi Service Registry, so clients can retrieve an instance when they need to store a `Resource`. -==== Create a New `ResourceWriter` +== Create a New `ResourceWriter` -Complete the following procedure to create a `ResourceWriter`. +Complete the following procedure to create a `ResourceWriter`. -. Create a Java class that implements the `${ddf-branding}.catalog.resource.ResourceWriter` interface. +. Create a Java class that implements the `${ddf-branding}.catalog.resource.ResourceWriter` interface. .ResourceWriter Implementation Skeleton [source,java,linenums] @@ -56,10 +56,10 @@ public class SampleResourceWriter implements ResourceWriter { ... ---- -. Deploy the OSGi bundled packaged service to the ${branding} run-time (Refer to the <<{developing-prefix}osgi_basics,OSGi Basics>> - Bundles section.) +. Deploy the OSGi bundled packaged service to the ${branding} run-time (Refer to the <<{developing-prefix}osgi_basics,OSGi Basics>> - Bundles section.) [TIP] ==== *ResourceWriter Javadoc* + -Refer to the ${ddf-catalog} API Javadoc for more information about the methods required for implementing the interface.  +Refer to the ${ddf-catalog} API Javadoc for more information about the methods required for implementing the interface. ==== diff --git a/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-sources.adoc b/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-sources.adoc index a27fe5c2d52e..3ddc47e37727 100644 --- a/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-sources.adoc +++ b/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-sources.adoc @@ -5,7 +5,7 @@ :summary: Creating a custom source. :order: 10 -Sources are components that enable ${branding} to talk to back-end services. +((Sources)) are components that enable ${branding} to talk to back-end services. They let ${branding} perform query and ingest operations on catalog stores and query operations on federated sources. .Source Architecture @@ -41,18 +41,18 @@ They let ${branding} perform query and ingest operations on catalog stores and q +----------------------------------------------------------------------------------------------+ .... -==== Implement a Source Interface +== Implement a Source Interface There are three types of sources that can be created to perform query operations. All of these sources must also be able to return their availability and the list of content types currently stored in their back-end data stores. -Catalog Provider:: `ddf.catalog.source.CatalogProvider` _is used to communicate with back-end storage and allows for Query and Create/Update/Delete operations._ -Federated Source:: `ddf.catalog.source.FederatedSource` _is used to communicate with remote systems and only allows query operations._ -Connected Source:: `ddf.catalog.source.ConnectedSource` _is similar to a Federated Source with the following exceptions:_ +((Catalog Provider)):: `ddf.catalog.source.CatalogProvider` _is used to communicate with back-end storage and allows for Query and Create/Update/Delete operations._ +((Federated Source)):: `ddf.catalog.source.FederatedSource` _is used to communicate with remote systems and only allows query operations._ +((Connected Source)):: `ddf.catalog.source.ConnectedSource` _is similar to a Federated Source with the following exceptions:_ * _Queried on all local queries_ * ``SiteName`` _is hidden (masked with the ${branding} sourceId) in query results_ * ``SiteService`` _does not show this Source's information separate from ${branding}'s._ -Catalog Store:: `catalog.store.interface` _is used to store data._ +((Catalog Store)):: `catalog.store.interface` _is used to store data._ The procedure for implementing any of the source types follows a similar format: @@ -69,10 +69,10 @@ The `factory-pid` property of the metatype must contain one of the following in [NOTE] ==== -Remote sources currently extend the `ResourceReader` interface. However, a `RemoteSource` is not treated as a `ResourceReader`. The `getSupportedSchemes()` method should never be called on a `RemoteSource`, thus the suggested implementation for a `RemoteSource` is to return an empty set. The `retrieveResource( …​ )` and `getOptions( …​ )` methods will be called and MUST be properly implemented by a `RemoteSource`. +Remote sources currently extend the `ResourceReader` interface. However, a `RemoteSource` is not treated as a `ResourceReader`. The `getSupportedSchemes()` method should never be called on a `RemoteSource`, thus the suggested implementation for a `RemoteSource` is to return an empty set. The `retrieveResource( … )` and `getOptions( … )` methods are called and MUST be properly implemented by a `RemoteSource`. ==== -===== Developing Catalog Providers +=== Developing Catalog Providers Create a custom implementation of a catalog provider. @@ -95,7 +95,7 @@ Create a custom implementation of a catalog provider. See the <<{managing-prefix}connecting_to_sources,existing Catalog Provider list>> for examples of Catalog Providers included in ${branding}. -===== Developing Federated Sources +=== Developing Federated Sources . Create a Java class that implements `FederatedSource` and `ConfiguredService`. + `public class TestFederatedSource implements ddf.catalog.source.FederatedSource, ddf.catalog.service.ConfiguredService` @@ -110,7 +110,7 @@ See the <<{managing-prefix}connecting_to_sources,existing Catalog Provider list> ---- -===== Developing Connected Sources +=== Developing Connected Sources Create a custom implementation of a connected source. @@ -134,11 +134,11 @@ There may be intermittent failures with the creation of Providers and federated To avoid this issue, create any JAXB within the methods requiring it. ==== -===== Exception Handling +=== Exception Handling In general, sources should only send information back related to the call, not implementation details. -====== Exception Examples +==== Exception Examples Follow these guidelines for effective exception handling: @@ -146,6 +146,6 @@ Follow these guidelines for effective exception handling: * If the caller issues a malformed search request, return an error describing the right form, or specifically what was not recognized in the request. Do not return the exception and stack trace where the parsing broke. * If the caller leaves something out, do not return the null pointer exception with a stack trace, rather return a generic exception with the message "xyz was missing." -====== External Resources for Developing Sources +==== External Resources for Developing Sources * http://today.java.net/pub/a/today/2003/12/04/exceptions.html[Three Rules for Effective Exception Handling] {external-link}. diff --git a/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-sts-claims-handlers.adoc b/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-sts-claims-handlers.adoc index 966157ad79f7..0b262659682d 100644 --- a/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-sts-claims-handlers.adoc +++ b/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-sts-claims-handlers.adoc @@ -5,6 +5,7 @@ :summary: Creating a custom Claims Handler. :order: 13 +(((STS Claims Handlers))) Develop a custom claims handler to retrieve attributes from an external attribute store. A claim is an additional piece of data about a subject that can be included in a token along with basic token data. @@ -52,7 +53,7 @@ public interface ClaimsHandler { } ---- + -. Expose the new claims handler as an OSGi service under the `org.apache.cxf.sts.claims.ClaimsHandler` interface. +. Expose the new claims handler as an OSGi service under the `org.apache.cxf.sts.claims.ClaimsHandler` interface. + [source,xml,linenums] ---- @@ -310,14 +311,14 @@ This XML file is found inside of the STS bundle and is named `ws-trust-1.4-servi ---- -==== Example Requests and Responses for SAML Assertions +== Example Requests and Responses for SAML Assertions A client performs a RequestSecurityToken operation against the STS to receive a SAML assertion. The ${branding} STS offers several different ways to request a SAML assertion. For help in understanding the various request and response formats, samples have been provided. The samples are divided out into different request token types. -==== BinarySecurityToken (CAS) SAML Security Token Samples +== BinarySecurityToken (CAS) SAML Security Token Samples Most endpoints in ${branding} require the X.509 PublicKey SAML assertion. @@ -537,11 +538,11 @@ A Bearer SAML assertion is automatically trusted by the endpoint. The client doesn't have to prove it can own that SAML assertion. It is the simplest way to request a SAML assertion, but many endpoints won't accept a KeyType of Bearer. -==== UsernameToken Bearer SAML Security Token Sample +== UsernameToken Bearer SAML Security Token Sample * WS-Addressing header with Action, To, and Message ID * Valid, non-expired timestamp -* Username Token containing a username and password that the STS will authenticate +* Username Token containing a username and password that the STS authenticates * Issued over HTTPS * KeyType of http://docs.oasis-open.org/ws-sx/ws-trust/200512/Bearer * Claims (optional): Some endpoints may require that the SAML assertion include attributes of the user, such as an authenticated user's role, name identifier, email address, etc. If the SAML assertion needs those attributes, the `RequestSecurityToken` must specify which ones to include. @@ -597,7 +598,7 @@ This is the response from the STS containing the SAML assertion to be used in su The `saml2:Assertion` block contains the entire SAML assertion. The `Signature` block contains a signature from the STS's private key. -The endpoint receiving the SAML assertion will verify that it trusts the signer and ensure that the message wasn't tampered with. +The endpoint receiving the SAML assertion verifies that it trusts the signer and ensure that the message wasn't tampered with. The `AttributeStatement` block contains all the Claims requested. @@ -728,12 +729,12 @@ HM0dPfiQLQ99ElWkv/0= In order to obtain a SAML assertion to use in secure communication to ${branding}, a `RequestSecurityToken` (RST) request has to be made to the STS. -An endpoint's policy will specify the type of security token needed. +An endpoint's policy specifies the type of security token needed. Most of the endpoints that have been used with ${branding} require a SAML v2.0 assertion with a required KeyType of http://docs.oasis-open.org/ws-sx/ws-trust/200512/PublicKey. This means that the SAML assertion provided by the client to a ${branding} endpoint must contain a SubjectConfirmation block with a type of "holder-of-key" containing the client's public key. This is used to prove that the client can possess the SAML assertion returned by the STS. -==== X.509 PublicKey SAML Security Token Sample +== X.509 PublicKey SAML Security Token Sample .X.509 PublicKey SAML Security Token Request The STS that comes with ${branding} requires the following to be in the RequestSecurityToken request in order to issue a valid SAML assertion. @@ -744,8 +745,8 @@ See the request block below for an example of how these components should be pop * Issued over HTTPS * TokenType of http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0 * KeyType of http://docs.oasis-open.org/ws-sx/ws-trust/200512/PublicKey -* X509 Certificate as the Proof of Possession or POP. This needs to be the certificate of the client that will be both requesting the SAML assertion and using the SAML assertion to issue a query -* Claims (optional): Some endpoints may require that the SAML assertion include attributes of the user, such as an authenticated user's role, name identifier, email address, etc. If the SAML assertion needs those attributes, the RequestSecurityToken must specify which ones to include. +* X509 Certificate as the Proof of Possession or POP. This needs to be the certificate of the client that is both requesting the SAML assertion and using the SAML assertion to issue a query +* Claims (optional): Some endpoints may require that the SAML assertion include attributes of the user, such as an authenticated user's role, name identifier, email address, etc. If the SAML assertion needs those attributes, the RequestSecurityToken must specify which ones to include. ** UsernameToken: If Claims are required, the RequestSecurityToken security header must contain a UsernameToken element with a username and password. .X.509 PublicKey SAML Security Token Sample Request @@ -830,7 +831,7 @@ This is the response from the STS containing the SAML assertion to be used in su The `saml2:Assertion` block contains the entire SAML assertion. The `Signature` block contains a signature from the STS's private key. -The endpoint receiving the SAML assertion will verify that it trusts the signer and ensure that the message wasn't tampered with. +The endpoint receiving the SAML assertion verifies that it trusts the signer and ensure that the message wasn't tampered with. The `SubjectConfirmation` block contains the client's public key, so the server can verify that the client has permission to hold this SAML assertion. The `AttributeStatement` block contains all of the claims requested. diff --git a/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-token-validators.adoc b/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-token-validators.adoc index d47d9537d8c4..8f738b8829d1 100644 --- a/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-token-validators.adoc +++ b/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-token-validators.adoc @@ -5,7 +5,7 @@ :summary: Creating a custom token validator. :order: 12 -Token validators are used by the Security Token Service (STS) to validate incoming token requests. +((Token validators)) are used by the Security Token Service (STS) to validate incoming token requests. The `TokenValidator` CXF interface must be implemented by all custom token validators. The `canHandleToken` and `validateToken` methods must be overridden. The `canHandleToken` method should return true or false based on the `ValueType` value of the token that the validator is associated with. diff --git a/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-transformers-input.adoc b/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-transformers-input.adoc index 51880c60a195..ab136ddaf064 100644 --- a/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-transformers-input.adoc +++ b/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-transformers-input.adoc @@ -5,10 +5,11 @@ :summary: Creating a custom input transformer. :order: 07 +(((Input Transformers))) ${branding} supports the creation of custom <<{architecture-prefix}types_of_transformers,input transformers>> for use cases not covered by the included implementations. .Creating a custom input Transformer: -. Create a new Java class that implements ddf.catalog.transform.InputTransformer. + +. Create a new Java class that implements `ddf.catalog.transform.InputTransformer`. + `public class SampleInputTransformer implements ddf.catalog.transform.InputTransformer` . Implement the transform methods. + `public Metacard transform(InputStream input) throws IOException, CatalogTransformerException` + @@ -55,7 +56,7 @@ ${branding} supports the creation of custom <<{architecture-prefix}types_of_tran + . Deploy OSGi Bundle to OSGi runtime. -==== Create an XML Input Transformer using SaxEventHandlers [[saxEventHandlers]] +== Create an XML Input Transformer using SaxEventHandlers [[saxEventHandlers]] For a transformer to transform XML, (as opposed to JSON or a Word document, for example) there is a simpler solution than fully implementing a `MetacardValidator`. DDF includes an extensible, configurable `XmlInputTransformer`. @@ -127,19 +128,19 @@ This is pertinent because a metacards attributes are only stored in the `Catalog Since the `DynamicMetacardType` is constructed dynamically, attributes are declared by the `SaxEventHandlerFactory` that parses them, as opposed to the `MetacardType`. See `org.codice.ddf.transformer.xml.streaming.impl.XmlSaxEventHandlerFactoryImpl.java` vs `ddf.catalog.data.impl.BasicTypes.java` ==== -==== Create an Input Transformer Using Apache Camel +== Create an Input Transformer Using Apache Camel Alternatively, make an Apache Camel route in a blueprint file and deploy it using a feature file or via hot deploy. -===== Input Transformer Design Pattern (Camel) +=== Input Transformer Design Pattern (Camel) Follow this design pattern for compatibility: .From -When using *from*, `catalog:inputtransformer?id=text/xml`, an Input Transformer will be created and registered in the OSGi registry with an id of `text/xml`. +When using *from*, `catalog:inputtransformer?id=text/xml`, an Input Transformer is created and registered in the OSGi registry with an id of `text/xml`. .To -When using *to*, `catalog:inputtransformer?id=text/xml`, an Input Transformer with an id matching text/xml will be discovered from the OSGi registry and invoked. +When using *to*, `catalog:inputtransformer?id=text/xml`, an Input Transformer with an id matching text/xml is discovered from the OSGi registry and invoked. .InputTransformer Message Formats [cols="3,2,1m" optiona="header"] @@ -162,7 +163,7 @@ When using *to*, `catalog:inputtransformer?id=text/xml`, an Input Transformer wi [TIP] ==== Its always a good idea to wrap the `mimeType` value with the RAW parameter as shown in the example above. -This will ensure that the value is taken exactly as is, and is especially useful when you are using special characters. +This ensures that the value is taken exactly as is, and is especially useful when you are using special characters. ==== .InputTransformer Creation Example @@ -192,7 +193,7 @@ This will ensure that the value is taken exactly as is, and is especially useful An example of using an Apache Camel route to define an `InputTransformer` in a blueprint file and deploying it as a bundle to an OSGi container can be found in the ${branding} SDK examples at `${ddf-branding}/sdk/sample-transformers/xslt-identity-input-transformer` ==== -==== Input Transformer Boot Service Flag +== Input Transformer Boot Service Flag The `org.codice.ddf.platform.bootflag.BootServiceFlag` service with a service property of `id=inputTransformerBootFlag` is used to indicate certain Input Transformers are ready in the system. -Adding an Input Transformers ID to a new or existing JSON file under `${home_directory}/etc/transformers` will cause the service to wait for an Input Transformer with the given ID. \ No newline at end of file +Adding an Input Transformers ID to a new or existing JSON file under `${home_directory}/etc/transformers` causes the service to wait for an Input Transformer with the given ID. diff --git a/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-transformers-metacard.adoc b/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-transformers-metacard.adoc index 6a986cc9fc3a..1575d03dfbfa 100644 --- a/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-transformers-metacard.adoc +++ b/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-transformers-metacard.adoc @@ -5,11 +5,12 @@ :summary: Creating a custom metacard transformer. :order: 08 +(((Metacard Transformers))) In general, a `MetacardTransformer` is used to transform a `Metacard` into some desired format useful to the end user or as input to another process. Programmatically, a `MetacardTransformer` transforms a `Metacard` into a `BinaryContent` instance, which translates the `Metacard` into the desired final format. Metacard transformers can be used through the Catalog Framework `transform` convenience method or requested from the OSGi Service Registry by endpoints or other bundles. -==== Creating a New Metacard Transformer +== Creating a New Metacard Transformer Existing metacard transformers are written as Java classes, and these steps walk through the steps to create a custom metacard transformer. diff --git a/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-xacml-policies.adoc b/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-xacml-policies.adoc index f6d62deddec1..2caf7f5d5587 100644 --- a/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-xacml-policies.adoc +++ b/distribution/docs/src/main/resources/content/_developing/_devComponents/custom-xacml-policies.adoc @@ -5,6 +5,7 @@ :summary: Creating a custom metacard transformer. :order: 21 +(((XACML Policies))) This document assumes familiarity with the XACML schema and does not go into detail on the XACML language. When creating a policy, a target is used to indicate that a certain action should be run only for one type of request. Targets can be used on both the main policy element and any individual rules. @@ -18,26 +19,26 @@ Additional components can be created and added to ${branding} to identify specif ==== In the examples below, the policy has specified targets for the above type of calls. -For the Filtering code, the target was set for "filter", and the Service validation code targets were geared toward two services: `query` and `LocalSiteName`. -In a production environment, these actions for service authorization will generally be full URNs that are described within the SOAP WSDL. +For the Filtering code, the target was set for `filter`, and the Service validation code targets were geared toward two services: `query` and `LocalSiteName`. +In a production environment, these actions for service authorization generally are full URNs that are described within the SOAP WSDL. -==== XACML Policy Attributes +== XACML Policy Attributes Attributes for the XACML request are populated with the information in the calling subject and the resource being checked. -==== XACML Policy Subject +== XACML Policy Subject The attributes for the subject are obtained from the SAML claims and populated within the XACML policy as individual attributes under the `urn:oasis:names:tc:xacml:1.0:subject-category:access-subject` category. The name of the claim is used for the `AttributeId` value. Examples of the items being populated are available at the end of this page. -==== XACML Policy Resource +== XACML Policy Resource The attributes for resources are obtained through the permissions process. When checking permissions, the XACML processing engine retrieves a list of permissions that should be checked against the subject. These permissions are populated outside of the engine and should be populated with the attributes that should be asserted against the subject. When the permissions are of a key-value type, the key being used is populated as the AttributeId value under the urn:oasis:names:tc:xacml:3.0:attribute-category:resource category. -==== Using a XACML Policy +== Using a XACML Policy To use a XACML policy, copy the XACML policy into the `${home_directory}/etc/pdp/policies` directory. diff --git a/distribution/docs/src/main/resources/content/_developing/_devComponents/default-attribute-values.adoc b/distribution/docs/src/main/resources/content/_developing/_devComponents/default-attribute-values.adoc index a58efe6bfb99..a201e5342329 100644 --- a/distribution/docs/src/main/resources/content/_developing/_devComponents/default-attribute-values.adoc +++ b/distribution/docs/src/main/resources/content/_developing/_devComponents/default-attribute-values.adoc @@ -7,8 +7,9 @@ Create custom default attribute types. -==== Default Attribute Values +== Default Attribute Values +(((Default Attribute Values))) To define default attribute values, the definition file must have a `defaults` key in the root object. [source,json] @@ -33,20 +34,21 @@ The value of `defaults` is a list of objects where each object contains the keys } ---- -The value corresponding to the `attribute` key is the name of the attribute to which the default value will be applied. The value corresponding to the `value` key is the default value of the attribute. +The value corresponding to the `attribute` key is the name of the attribute to which the default value is applied. The value corresponding to the `value` key is the default value of the attribute. [NOTE] ==== -The attribute's default value must be of the same type as the attribute, but it has to be written as a string (i.e., enclosed in quotation marks) in the JSON file. +The attribute's default value must be of the same type as the attribute, but it has to be written as a string (enclosed in quotation marks) in the JSON file. -Dates must be UTC datetimes in the ISO 8601 format, i.e., `yyyy-MM-ddTHH:mm:ssZ` +Dates must be UTC datetimes in the ISO 8601 format, `yyyy-MM-ddTHH:mm:ssZ` ==== -The `metacardTypes` key is optional. If it is left out, then the default attribute value will be applied to every metacard that has that attribute. It can be thought of as a 'global' default value. If the `metacardTypes` key is included, then its value must be a list of strings where each string is the name of a metacard type. In this case, the default attribute value will be applied only to metacards that match one of the types given in the list. +The `metacardTypes` key is optional. If it is left out, then the default attribute value is applied to every metacard that has that attribute. It can be thought of as a 'global' default value. If the `metacardTypes` key is included, then its value must be a list of strings where each string is the name of a metacard type. In this case, the default attribute value is applied only to metacards that match one of the types given in the list. [NOTE] ==== -In the event that an attribute has a 'global' default value as well as a default value for a specific metacard type, the default value for the specific metacard type will be applied (i.e., the more specific default value wins). +In the event that an attribute has a 'global' default value as well as a default value for a specific metacard type, the default value for the specific metacard +type is applied (the more specific default value wins). ==== Example: diff --git a/distribution/docs/src/main/resources/content/_developing/_devComponents/editing-docs.adoc b/distribution/docs/src/main/resources/content/_developing/_devComponents/editing-docs.adoc index bdbab07863f8..8b3b2d1d489d 100644 --- a/distribution/docs/src/main/resources/content/_developing/_devComponents/editing-docs.adoc +++ b/distribution/docs/src/main/resources/content/_developing/_devComponents/editing-docs.adoc @@ -28,7 +28,7 @@ ${branding} documentation is included in the source code, so it is edited and ma |Properties file defining content types and other parameters. |=== -==== Editing Existing Documentation +== Editing Existing Documentation Update existing content when code behavior changes, new capabilities are added to features, or the configuration process changes. Content is organized within the `content` directory in sub directories according to the audience and purpose for each document in the documentation library. @@ -41,7 +41,7 @@ Quick Start:: This section is intended for getting set up with a test, demonstra Managing:: The managing section covers "how-to" instructions to be used to install, configure, and maintain an instance of ${branding} in a production environment. This content should be aimed at system administrators. Security hardening should be integrated into these sections. -Using:: This section is primarily aimed at the final end users who will be performing tasks with ${branding}. This content should guide users through common tasks and user interfaces. +Using:: This section is primarily aimed at the final end users who perform tasks with ${branding}. This content should guide users through common tasks and user interfaces. Integrating:: This section guides developers building other projects looking to connect to new or existing instances of ${branding}. @@ -57,7 +57,7 @@ Documentation:: This is a collection of all of the individual documentation page See the https://codice.atlassian.net/wiki/spaces/DDF/pages/6291516/Documentation+Style+Guide[style guide] for more guidance on stylistic and formatting concerns. -==== Adding New Documentation Content +== Adding New Documentation Content If creating a new section is required, there are some minimal requirements for a new `.adoc` file. @@ -71,14 +71,14 @@ Different sections have different headers required, but some common attributes a * `order`: used in sections where order needs to be enforced. * `summary`: brief summary of section contents. Some, but not all, summaries are included by templates. -==== Creating a New Documentation Template +== Creating a New Documentation Template To create a new, standalone documentation page, create a new template in the `templates` directory. Optionally, this template can `include` some of the internal templates in the `templates/build` directory, but this is not required. For guidance on using the freemarker syntax, see the https://freemarker.apache.org/docs/ref.html[Freemarker documentation] {external-link}. -==== Extending Documentation in Downstream Distributions +== Extending Documentation in Downstream Distributions By mimicking the build and directory structure of the documentation, downstream projects are able to leverage the existing documentation and insert content before and after sections of the ${branding} documentation. @@ -98,4 +98,4 @@ By mimicking the build and directory structure of the documentation, downstream Sub-directories are organized according to the documents that make up the main library. `images`:: any pre-existing images, such as screenshots, to be included in the documentation. `templates`:: template files used to create documentation artifacts. -A `build` sub-directory holds the templates that will not be standalone documents to render specific sections. +A `build` sub-directory holds the templates that are not standalone documents to render specific sections. diff --git a/distribution/docs/src/main/resources/content/_developing/_devComponents/filter-delegates.adoc b/distribution/docs/src/main/resources/content/_developing/_devComponents/filter-delegates.adoc index 716ec50fceea..310ff590b6bc 100644 --- a/distribution/docs/src/main/resources/content/_developing/_devComponents/filter-delegates.adoc +++ b/distribution/docs/src/main/resources/content/_developing/_devComponents/filter-delegates.adoc @@ -5,31 +5,31 @@ :order: 18 :summary: Creating a custom Filter Delegate. -Filter Delegates help reduce the complexity of parsing OGC Filters. +((Filter Delegates)) help reduce the complexity of parsing OGC Filters. The reference Filter Adapter implementation contains the necessary boilerplate visitor code and input normalization to handle commonly supported OGC Filters. -==== Creating a New Filter Delegate +== Creating a New Filter Delegate A Filter Delegate contains the logic that converts normalized filter input into a form that the target data source can handle. -Delegate methods will be called in a depth first order as the Filter Adapter visits filter nodes. +Delegate methods are called in a depth-first order as the Filter Adapter visits filter nodes. -===== Implementing the Filter Delegate +=== Implementing the Filter Delegate . Create a Java class extending `FilterDelegate`. + `public class ExampleDelegate extends ${ddf-branding}.catalog.filter.FilterDelegate {` -. `FilterDelegate` will throw an appropriate exception for all methods not implemented. Refer to the ${branding} JavaDoc for more details about what is expected of each `FilterDelegate` method. +. `FilterDelegate` throws an appropriate exception for all methods not implemented. Refer to the ${branding} JavaDoc for more details about what is expected of each `FilterDelegate` method. [NOTE] ==== A code example of a Filter Delegate can be found in `${ddf-branding}.catalog.filter.proxy.adapter.test` of the `filter-proxy` bundle. ==== -===== Throwing Exceptions +=== Throwing Exceptions Filter delegate methods can throw `UnsupportedOperationException` run-time exceptions. -The `GeotoolsFilterAdapterImpl` will catch and re-throw these exceptions as `UnsupportedQueryExceptions`. +The `GeotoolsFilterAdapterImpl` catches and re-throws these exceptions as `UnsupportedQueryExceptions`. -===== Using the Filter Adapter +=== Using the Filter Adapter The FilterAdapter can be requested from the OSGi registry. @@ -59,7 +59,7 @@ public ${ddf-branding}.catalog.operation.QueryResponse query(${ddf-branding}.cat Import the ${ddf-catalog} API Filter package and the reference implementation package of the Filter Adapter in the bundle manifest (in addition to any other required packages). + `Import-Package: ${ddf-branding}.catalog, ${ddf-branding}.catalog.filter, ${ddf-branding}.catalog.source` -===== Filter Support +=== Filter Support Not all OGC Filters are exposed at this time. If demand for further OGC Filter functionality is requested, it can be added to the Filter Adapter and Delegate so sources can support more complex filters. diff --git a/distribution/docs/src/main/resources/content/_developing/_devComponents/global-attribute-validators.adoc b/distribution/docs/src/main/resources/content/_developing/_devComponents/global-attribute-validators.adoc index 65f3685fbb3a..437a995517ec 100644 --- a/distribution/docs/src/main/resources/content/_developing/_devComponents/global-attribute-validators.adoc +++ b/distribution/docs/src/main/resources/content/_developing/_devComponents/global-attribute-validators.adoc @@ -5,8 +5,9 @@ :summary: Creating a custom global attribute validator. :order: 02 -==== Global Attribute Validators File +== Global Attribute Validators File +(((Global Attribute Validators))) To define Validators, the definition file must have a `validators` key in the root object. [source,json] @@ -45,7 +46,7 @@ Each object in the list of validators is the validator name and list of argument [WARNING] ==== -The value of the `arguments` key must always be an array of strings, even for numeric arguments, e.g. `["1", "10"]` +The value of the `arguments` key must always be an array of strings, even for numeric arguments, for example, `["1", "10"]` ==== @@ -69,7 +70,7 @@ The `validator` key must have a value of one of the following: - `enumeration` * `arguments`: (unlimited) [list of strings: each argument is one case-sensitive, valid enumeration value] - `relationship` - * `arguments`: (4+) [attribute value or null, one of mustHave|cannotHave|canOnlyHave, target attribute name, null or target attribute value(s) as additional arguments] + * `arguments`: (4+) [attribute value or null, one of mustHave|cannotHave|canOnlyHave, target attribute name, null or target attribute values as additional arguments] - `match_any` * `validators`: (unlimited) [list of previously defined validators: valid if any validator succeeds] ==== diff --git a/distribution/docs/src/main/resources/content/_developing/_devComponents/json-definition-files.adoc b/distribution/docs/src/main/resources/content/_developing/_devComponents/json-definition-files.adoc index 5ff1de902847..ac41b4e0d8f7 100644 --- a/distribution/docs/src/main/resources/content/_developing/_devComponents/json-definition-files.adoc +++ b/distribution/docs/src/main/resources/content/_developing/_devComponents/json-definition-files.adoc @@ -4,6 +4,7 @@ :summary: Introduction to JSON definition files. :order: 32 +(((JSON Definition Files))) ${branding} supports adding new attribute types, metacard types, validators, and more using json-formatted definition files. The following may be defined in a JSON definition file: @@ -15,7 +16,7 @@ The following may be defined in a JSON definition file: - <<{developing-prefix}default_attribute_values,Default Attribute Values>> - <<{developing-prefix}attribute_injection_definition,Attribute Injections>> -==== Definition File Format +== Definition File Format A definition file follows the JSON format as specified in http://www.ecma-international.org/publications/standards/Ecma-404.htm[ECMA-404] {external-link}. All definition files must be valid JSON in order to be parsed. @@ -23,7 +24,7 @@ All definition files must be valid JSON in order to be parsed. A single definition file may define as many of the types as needed. This means that types can be defined across multiple files for grouping or clarity. -==== Deploying Definition Files +== Deploying Definition Files The file must have a `.json` extension in order to be picked up by the deployer. Once the definition file is ready to be deployed, put the definition file `.json` into the `etc/definitions` folder. @@ -31,4 +32,4 @@ Once the definition file is ready to be deployed, put the definition file `:/services/catalog/ ---- -If successful, a status of `200 OK` will be returned, along with the content of the metacard requested. +If successful, a status of `200 OK` is returned, along with the content of the metacard requested. .Read Success Response Example [source,javascript,linenums] diff --git a/distribution/docs/src/main/resources/content/_integrating/_endpoints/content-endpoints-intro.adoc b/distribution/docs/src/main/resources/content/_integrating/_endpoints/content-endpoints-intro.adoc index f703c3f8240a..0db4121e35f3 100644 --- a/distribution/docs/src/main/resources/content/_integrating/_endpoints/content-endpoints-intro.adoc +++ b/distribution/docs/src/main/resources/content/_integrating/_endpoints/content-endpoints-intro.adoc @@ -5,5 +5,6 @@ :order: 04 == {title} +((({title}))) To retrieve content from an instance of ${branding}, use one of these endpoints. diff --git a/distribution/docs/src/main/resources/content/_integrating/_endpoints/crud-endpoints-intro.adoc b/distribution/docs/src/main/resources/content/_integrating/_endpoints/crud-endpoints-intro.adoc index db3c5ea882aa..4a8d69a33bde 100644 --- a/distribution/docs/src/main/resources/content/_integrating/_endpoints/crud-endpoints-intro.adoc +++ b/distribution/docs/src/main/resources/content/_integrating/_endpoints/crud-endpoints-intro.adoc @@ -5,6 +5,7 @@ :order: 02 == {title} +((({title}))) To perform CRUD (Create, Read, Update, Delete) operations on data or metadata in the catalog, work with one of these endpoints. diff --git a/distribution/docs/src/main/resources/content/_integrating/_endpoints/csw-endpoint.adoc b/distribution/docs/src/main/resources/content/_integrating/_endpoints/csw-endpoint.adoc index 4cd798269a25..f8ba6c41fbda 100644 --- a/distribution/docs/src/main/resources/content/_integrating/_endpoints/csw-endpoint.adoc +++ b/distribution/docs/src/main/resources/content/_integrating/_endpoints/csw-endpoint.adoc @@ -7,7 +7,7 @@ == {title} -The CSW endpoint enables a client to search collections of descriptive information (metadata) about geospatial data and services. +The ((CSW endpoint)) enables a client to search collections of descriptive information (metadata) about geospatial data and services. The CSW endpoint supports metadata operations only. @@ -86,7 +86,7 @@ use the `typeName` attribute in the `csw:Insert` element ---- To receive a copy of the metacard in the response, specify `verboseResponse="true"` in the `csw:Transaction`. -The `InsertResult` element of the response will hold the metacard information added to the catalog. +The `InsertResult` element of the response holds the metacard information added to the catalog. [source,xml] ---- @@ -110,7 +110,7 @@ The `InsertResult` element of the response will hold the metacard information ad ---- -A successful ingest will return a status of `200 OK` and `csw:TransactionResponse`. +A successful ingest returns a status of `200 OK` and `csw:TransactionResponse`. .Sample XML Transaction `Insert` Response [source,xml] @@ -163,7 +163,7 @@ A successful ingest will return a status of `200 OK` and `csw:TransactionRespons === CSW Endpoint Query Examples -To query through the CSW Enpoint, send a `POST` request to the CSW endpoint. +To query through the CSW Endpoint, send a `POST` request to the CSW endpoint. .CSW Endpoint Query URL [source,http] @@ -198,7 +198,7 @@ Optionally, set the `ElementSetName` to determine how much detail to return. * Brief: the least possible detail. * Summary: (Default) -* Full: All metadata elements for the record(s). +* Full: All metadata elements for the records. Within the `Constraint` element, define the query as an OSG or CQL filter. @@ -296,11 +296,11 @@ Within the `Constraint` element, define the query as an OSG or CQL filter. .Querying a Specific Source with the CSW Endpoint To query a `Specific Source`, specify a query for a `source-id`. To find a valid `source-id` , send a <<{integrating-prefix}csw_endpoint_get_capabilities_examples,Get Capabilities>> request. -Configured sources will be listed in the `FederatedCatalogs` section of the response. +Configured sources are listed in the `FederatedCatalogs` section of the response. [NOTE] ==== -The `DistributedSearch` element must be specific with a `hopCount` greater than 1 to identify it as a federated query, otherwise the ``source-id``'s will be ignored. +The `DistributedSearch` element must be specific with a `hopCount` greater than 1 to identify it as a federated query, otherwise the ``source-id``'s is ignored. ==== .Querying a Specific Source Sample Request @@ -851,7 +851,7 @@ Within the `csw:Transaction` element, use the `csw:RecordProperty` to update ind Use the `Name` element to specify the name of the record property to be updated and set the `Value` element to the value to update in the record. -The values in the `Update` will completely replace those that are already in the record. +The values in the `Update` completely replace those that are already in the record. [source,xml,linenums] ---- @@ -1040,9 +1040,9 @@ but it subscribes to a search and sends events to a `ResponseHandler` endpoint a the `GetRecords` request used in the subscription. The `ResponseHandler` must use the https protocol and receive a HEAD request to poll for availability and POST/PUT/DELETE requests for creation, updates, and deletions. -The response to a `GetRecords` request on the subscription url will be an acknowledgement containing the original +The response to a `GetRecords` request on the subscription url is an acknowledgement containing the original `GetRecords` request and a `requestId`. -The client will be assigned a `requestId` (URN). +The client is assigned a `requestId` (URN). A Subscription listens for events from federated sources if the `DistributedSearch` element is present and the catalog is a member of a federation. @@ -1299,7 +1299,7 @@ The constraint can be either an OGC or CQL filter. The `GetCapabilities` operation describes the operations the catalog supports and the URLs used to access those operations. The CSW endpoint supports both `HTTP GET` and `HTTP POST` requests for the `GetCapabilities` operation. -The response to either request will always be a `csw:Capabilities` XML document. +The response to either request is always a `csw:Capabilities` XML document. This XML document is defined by the http://schemas.opengis.net/csw/2.0.2/CSW-discovery.xsd[CSW-Discovery XML Schema] {external-link}. .CSW Endpoint `GetCapabilities` URL for GET request diff --git a/distribution/docs/src/main/resources/content/_integrating/_endpoints/endpoint-intro.adoc b/distribution/docs/src/main/resources/content/_integrating/_endpoints/endpoint-intro.adoc index ec5097391453..ea9ee08863b6 100644 --- a/distribution/docs/src/main/resources/content/_integrating/_endpoints/endpoint-intro.adoc +++ b/distribution/docs/src/main/resources/content/_integrating/_endpoints/endpoint-intro.adoc @@ -4,10 +4,10 @@ :operations: na :order: 00 -Federation with ${branding} is primarily accomplished through <<{integrating-prefix}endpoints,Endpoints>> accessible through http(s) requests and responses. +(((Federation))) with ${branding} is primarily accomplished through <<{integrating-prefix}endpoints,Endpoints>> accessible through https requests and responses. [NOTE] ==== -Not all installations will expose all available endpoints. Check with ${branding} administrator to confirm availability of these endpoints. +Not all installations expose all available endpoints. Check with ${branding} administrator to confirm availability of these endpoints. ==== diff --git a/distribution/docs/src/main/resources/content/_integrating/_endpoints/ingest-endpoints-intro.adoc b/distribution/docs/src/main/resources/content/_integrating/_endpoints/ingest-endpoints-intro.adoc index d3ab98dd3384..354151bcab59 100644 --- a/distribution/docs/src/main/resources/content/_integrating/_endpoints/ingest-endpoints-intro.adoc +++ b/distribution/docs/src/main/resources/content/_integrating/_endpoints/ingest-endpoints-intro.adoc @@ -5,6 +5,7 @@ :order: 01 == {title} +((({title}))) *Ingest* is the process of getting data and/or metadata into the ${branding} catalog framework. diff --git a/distribution/docs/src/main/resources/content/_integrating/_endpoints/opensearch-endpoint.adoc b/distribution/docs/src/main/resources/content/_integrating/_endpoints/opensearch-endpoint.adoc index 03731289f6b6..73fb9abb039d 100644 --- a/distribution/docs/src/main/resources/content/_integrating/_endpoints/opensearch-endpoint.adoc +++ b/distribution/docs/src/main/resources/content/_integrating/_endpoints/opensearch-endpoint.adoc @@ -7,7 +7,7 @@ == {title} -The OpenSearch Endpoint enables a client to send query parameters and receive search results. +The ((OpenSearch Endpoint)) enables a client to send query parameters and receive search results. This endpoint uses the input query parameters to create an OpenSearch query. The client does not need to specify all of the query parameters, only the query parameters of interest. @@ -163,7 +163,7 @@ default: `5000` |`polygon` |`polygon` |Comma-delimited list of lat/lon (`EPSG:4326 (WGS84)` decimal degrees) pairs, in clockwise order around the polygon, where the last point is the same as the first in order to close the polygon. -(e.g. `-80,-170,0,-170,80,-170,80,170,0,170,-80,170,-80,-170`) +(for example, `-80,-170,0,-170,80,-170,80,170,0,170,-80,170,-80,-170`) |According to the OpenSearch Geo Specification this is *deprecated*. Use the `geometry` parameter instead. |`box` @@ -215,7 +215,7 @@ The OpenSearch Endpoint can also use these additional parameters to refine queri |`` is optional but has a value of `asc` or `desc` (default is `desc`). However, when `` is `relevance`, `` must be `desc`. -Sorting by `date` will sort the results by the <<{metadata-prefix}effective,`effective`>> date. +Sorting by `date` sorts the results by the <<{metadata-prefix}effective,`effective`>> date. default: `relevance:desc` @@ -224,7 +224,7 @@ default: `relevance:desc` |Integer >= 0 |Maximum # of results to return. -If `count` is also specified, the `count` value will take precedence over the `maxResults` value. +If `count` is also specified, the `count` value takes precedence over the `maxResults` value. default: `1000` @@ -242,12 +242,12 @@ default: `300000` (5 minutes) |`type` |`type` -|Any valid datatype (e.g. `Text`) +|Any valid datatype (such as `Text`) |Specifies the type of data to search for. |`version` |`version` -|Comma-delimited list of strings (e.g. 20,30) +|Comma-delimited list of strings (such as 20,30) |Version values for which to search. |=== diff --git a/distribution/docs/src/main/resources/content/_integrating/_endpoints/prometheus-endpoint.adoc b/distribution/docs/src/main/resources/content/_integrating/_endpoints/prometheus-endpoint.adoc index 8cba881fe5fd..ea011f941fd1 100644 --- a/distribution/docs/src/main/resources/content/_integrating/_endpoints/prometheus-endpoint.adoc +++ b/distribution/docs/src/main/resources/content/_integrating/_endpoints/prometheus-endpoint.adoc @@ -8,10 +8,10 @@ == {title} -The Prometheus endpoint provides various metrics about ${branding} such as the number of queries made +The ((Prometheus endpoint)) provides various metrics about ${branding} such as the number of queries made to a specific source and counters of ingest operations. -An external Prometheus server will need to be setup and configured to scrape from ${branding}. The +An external Prometheus server must be set up and configured to scrape from ${branding}. The endpoint is exposed at: .Prometheus URL @@ -23,4 +23,4 @@ https://:/metrics === Visualising Metrics A visualization software, such as Grafana, can be connected to Prometheus and configured to display -available metrics. \ No newline at end of file +available metrics. diff --git a/distribution/docs/src/main/resources/content/_integrating/_endpoints/pub-sub-endpoints-intro.adoc b/distribution/docs/src/main/resources/content/_integrating/_endpoints/pub-sub-endpoints-intro.adoc index 7bbe48aa37de..95eb97e1c7e2 100644 --- a/distribution/docs/src/main/resources/content/_integrating/_endpoints/pub-sub-endpoints-intro.adoc +++ b/distribution/docs/src/main/resources/content/_integrating/_endpoints/pub-sub-endpoints-intro.adoc @@ -5,6 +5,7 @@ :order: 05 == {title} +((({title}))) These endpoints provide publication and subscription services to allow notifications when certain events happen within ${branding}. diff --git a/distribution/docs/src/main/resources/content/_integrating/_endpoints/query-endpoints-intro.adoc b/distribution/docs/src/main/resources/content/_integrating/_endpoints/query-endpoints-intro.adoc index 85ae609e3885..10d5163b7758 100644 --- a/distribution/docs/src/main/resources/content/_integrating/_endpoints/query-endpoints-intro.adoc +++ b/distribution/docs/src/main/resources/content/_integrating/_endpoints/query-endpoints-intro.adoc @@ -5,5 +5,6 @@ :order: 03 == {title} +((({title}))) Query data or metadata stored within an instance of ${branding} using one of these endpoints. diff --git a/distribution/docs/src/main/resources/content/_integrating/_endpoints/query-endpoints.adoc b/distribution/docs/src/main/resources/content/_integrating/_endpoints/query-endpoints.adoc index 9201b499e228..19b07505f04c 100644 --- a/distribution/docs/src/main/resources/content/_integrating/_endpoints/query-endpoints.adoc +++ b/distribution/docs/src/main/resources/content/_integrating/_endpoints/query-endpoints.adoc @@ -6,6 +6,7 @@ :summary: To perform CRUD (Create, Read, Update, Delete) operations on query metacards in the catalog, work with one of these endpoints. == {title} +((({title}))) The queries endpoint enables an application to create, retrieve, update, and delete query metacards. @@ -47,7 +48,7 @@ To create a query metacard through the queries endpoint, send a `POST` request t } ---- -A successful create request will return a status of `201 CREATED`. +A successful create request returns a status of `201 CREATED`. .Queries Endpoint Create Success Response Body [source,json,linenums] @@ -77,7 +78,7 @@ A successful create request will return a status of `201 CREATED`. } ---- -An unsuccessful create request will return a status of `500 SERVER ERROR`. +An unsuccessful create request returns a status of `500 SERVER ERROR`. .Queries Endpoint Create Failure Response Body [source,json,linenums] @@ -133,7 +134,7 @@ To retrieve a query metacard through the queries endpoint, send a `GET` request |=== -A successful retrieval request will return a status of `200 OK`. +A successful retrieval request returns a status of `200 OK`. === Queries Endpoint Retrieve All Fuzzy Examples @@ -145,7 +146,7 @@ To retrieve all query metacards based on some text based value through the queri https://:/search/catalog/internal/queries?text= ---- -A fuzzy search will only be performed against the `title`, `modified`, `owner`, and `description` attributes. +A fuzzy search is only performed against the `title`, `modified`, `owner`, and `description` attributes. === Queries Endpoint Retrieve Examples @@ -157,7 +158,7 @@ https://:/search/catalog/internal/queries/ To retrieve a specific query metacard through the queries endpoint, send a `GET` request to the queries endpoint with an id. -A successful retrieval request will return a status of `200 OK`. +A successful retrieval request returns a status of `200 OK`. .Query Endpoint Not Found Response Body [source,json,linenums] @@ -167,7 +168,7 @@ A successful retrieval request will return a status of `200 OK`. } ---- -An unsuccessful retrieval request will return a status of `404 NOT FOUND`. +An unsuccessful retrieval request returns a status of `404 NOT FOUND`. === Queries Endpoint Update Examples @@ -197,7 +198,7 @@ To update a specific query metacard through the queries endpoint, send a `PUT` r } ---- -A successful update request will return a status of `200 OK`. +A successful update request returns a status of `200 OK`. .Update Query Request Response Body [source,json,linenums] @@ -227,7 +228,7 @@ A successful update request will return a status of `200 OK`. } ---- -An unsuccessful update request will return a status of `404 NOT FOUND`. +An unsuccessful update request returns a status of `404 NOT FOUND`. .Update Query Unsuccessful Response Body [source,json,linenums] @@ -248,9 +249,9 @@ https://:/search/catalog/internal/queries/ To delete a specific query metacard through the queries endpoint, send a `GET` request to the queries endpoint with an id. -A successful deletion request will return a status of `204 NO CONTENT`. +A successful deletion request returns a status of `204 NO CONTENT`. -An unsuccessful deletion request will return a status of `404 NOT FOUND`. +An unsuccessful deletion request returns a status of `404 NOT FOUND`. .Delete Query Not Found Response Body [source,json,linenums] diff --git a/distribution/docs/src/main/resources/content/_integrating/_eventing/subscriptions.adoc b/distribution/docs/src/main/resources/content/_integrating/_eventing/subscriptions.adoc index e9f194462dc4..2d892c29c61b 100644 --- a/distribution/docs/src/main/resources/content/_integrating/_eventing/subscriptions.adoc +++ b/distribution/docs/src/main/resources/content/_integrating/_eventing/subscriptions.adoc @@ -5,34 +5,36 @@ :order: 32 :summary: Creating a custom Subscription. -Subscriptions represent "standing queries" in the Catalog. +((Subscriptions)) represent "standing queries" in the Catalog. Like a query, subscriptions are based on the OGC Filter specification. -==== Subscription Lifecycle +== Subscription Lifecycle A Subscription itself is a series of events during which various plugins or transformers can be called to process the subscription. -===== Creation +=== Creation -* Subscriptions are created directly with the <<{architecture-prefix}event_processor,Event Processor>> or declaratively through use of the Whiteboard Design Pattern. -* The Event Processor will invoke each Pre-Subscription Plugin and, if the subscription is not rejected, the subscription will be activated. +* Subscriptions are created directly with the<<{architecture-prefix}event_processor,Event Processor>> or declaratively through use of the Whiteboard Design Pattern. +* The Event Processor invokes each Pre-Subscription Plugin and, if the subscription is not rejected, the subscription is activated. -===== Evaluation +=== Evaluation -* When a metacard matching the subscription is created, updated, or deleted in any Source, each Pre-Delivery Plugin will be invoked. +* When a metacard matching the subscription is created, updated, or deleted in any Source, each Pre-Delivery Plugin is invoked. -* If the delivery is not rejected, the associated Delivery Method callback will be invoked. +* If the delivery is not rejected, the associated Delivery Method callback is invoked. -===== Update Evaluation +=== Update Evaluation Notably, the Catalog allows event evaluation on both the previous value (if available) and new value of a Metacard when an update occurs. -===== Durability +=== Durability -Subscription durability is not provided by the Event Processor. -Thus, all subscriptions are transient and will not be recreated in the event of a system restart. -It is the responsibility of Endpoints using subscriptions to persist and re-establish the subscription on startup. -This decision was made for the sake of simplicity, flexibility, and the inability of the Event Processor to recreate a fully-configured Delivery Method without being overly restrictive. +Subscription durability is not provided by the Event Processor. +Thus, all subscriptions are transient and not recreated in the event of a system restart. + +It is the responsibility of Endpoints using subscriptions to persist and re-establish the subscription on startup. + +This decision was made for the sake of simplicity, flexibility, and the inability of the Event Processor to recreate a fully configured Delivery Method without being overly restrictive. [IMPORTANT] ==== @@ -42,60 +44,60 @@ The Catalog Framework, or more specifically the Event Processor itself, does not Certain endpoints, however, can persist the subscriptions on their own and recreate them on system startup. ==== -==== Creating a Subscription +== Creating a Subscription Currently, the Catalog reference implementation does not contain a subscription endpoint. -Therefore, an endpoint that exposes a web service interface to create, update, and delete subscriptions would provide a client's subscription filtering criteria to be used by Catalog's Event Processor to determine which events are of interest to the client. +Therefore, an endpoint that exposes a web service interface to create, update, and delete subscriptions would provide a client's subscription filtering criteria to be used by Catalog's Event Processor to determine which events are of interest to the client. The endpoint client also provides the callback URL of the event consumer to be called when an event matching the subscription's criteria is found. -This callback to the event consumer is made by a Delivery Method implementation that the client provides when the subscription is created.  -Whenever an event occurs in the Catalog matching the subscription, the Delivery Method implementation will be called by the Event Processor.  -The Delivery Method will, in turn, send the event notification out to the event consumer.  -As part of the subscription creation process, the Catalog verifies that the event consumer at the specified callback URL is available to receive callbacks. +This callback to the event consumer is made by a Delivery Method implementation that the client provides when the subscription is created. +Whenever an event occurs in the Catalog matching the subscription, the Delivery Method implementation is called by the Event Processor. +The Delivery Method, in turn, sends the event notification out to the event consumer. +As part of the subscription creation process, the Catalog verifies that the event consumer at the specified callback URL is available to receive callbacks. Therefore, the client must ensure the event consumer is running prior to creating the subscription. -The Catalog completes the subscription creation by executing any pre-subscription Catalog Plugins, and then registering the subscription with the OSGi Service Registry. -The Catalog does not persist subscriptions by default. +The Catalog completes the subscription creation by executing any pre-subscription Catalog Plugins, and then registering the subscription with the OSGi Service Registry. +The Catalog does not persist subscriptions by default. -===== Event Processing and Notification +=== Event Processing and Notification -If an event matches a subscription's criteria, any pre-delivery plugins that are installed are invoked, the subscription's `DeliveryMethod` is retrieved, and its operation corresponding to the type of ingest event is invoked.  +If an event matches a subscription's criteria, any pre-delivery plugins that are installed are invoked, the subscription's `DeliveryMethod` is retrieved, and its operation corresponding to the type of ingest event is invoked. For example, the `DeliveryMethod` `created()` function is called when a metacard is created. The `DeliveryMethod` operations subsequently invoke the corresponding operation in the client's event consumer service, which is specified by the callback URL provided when the `DeliveryMethod` was created. An internal subscription tracker monitors the OSGi registry, looking for subscriptions to be added (or deleted). When it detects a subscription being added, it informs the Event Processor, which sets up the subscription's filtering and is responsible for posting event notifications to the subscriber when events satisfying their criteria are met. -The Standard Event Processor is an implementation of the Event Processor and provides the ability to create/delete subscriptions. -Events are generated by the ${ddf-catalog}Framework as metacards are created/updated/deleted and the Standard Event Processor is called since it is also a Post-Ingest Plugin. -The Standard Event Processor checks each event against each subscription's criteria. +The Standard Event Processor is an implementation of the Event Processor and provides the ability to create/delete subscriptions. +Events are generated by the ${ddf-catalog}Framework as metacards are created/updated/deleted and the Standard Event Processor is called since it is also a Post-Ingest Plugin. +The Standard Event Processor checks each event against each subscription's criteria. -When an event matches a subscription's criteria the Standard Event Processor: +When an event matches a subscription's criteria, the Standard Event Processor invokes: -* invokes each pre-delivery plugin on the metacard in the event. -* invokes the `DeliveryMethod` operation corresponding to the type of event being processed, e.g., `created()` operation for the creation of a metacard. +* each pre-delivery plugin on the metacard in the event. +* the `DeliveryMethod` operation corresponding to the type of event being processed, such as the `created()` operation for the creation of a metacard. .Available Event Processor * <<{architecture-prefix}event_processor,Standard Event Processor>> -====== Using ${branding} Implementation +==== Using ${branding} Implementation -If applicable, the implementation of `Subscription` that comes with ${branding} should be used. -It is available at `ddf.catalog.event.impl.SubscriptionImpl` and offers a constructor that takes in all of the necessary objects. -Specifically, all that is needed is a `Filter`, `DeliveryMethod`, `Set` of source IDs, and a `boolean` for enterprise. +If applicable, the implementation of `Subscription` that comes with ${branding} should be used. +It is available at `ddf.catalog.event.impl.SubscriptionImpl` and offers a constructor that takes in all of the necessary objects. +Specifically, all that is needed is a `Filter`, `DeliveryMethod`, `Set` of source IDs, and a `boolean` for enterprise. -The following is an example code stub showing how to create a new instance of Subscription using the ${branding} implementation.  +The following is an example code stub showing how to create a new instance of Subscription using the ${branding} implementation. .Creating a Subscription [source,java,linenums] ---- // Create a new filter using an imported FilterBuilder Filter filter = filterBuilder.attribute(Metacard.ANY_TEXT).like().text("*"); -  + // Create a implementation of DeliveryMethod DeliveryMethod deliveryMethod = new MyCustomDeliveryMethod(); -  + // Create a set of source ids // This set is empty as the subscription is not specific to any sources Set sourceIds = new HashSet(); -  + // Set the isEnterprise boolean value // This subscription example should notifications from all sources (not just local) boolean isEnterprise = true; @@ -103,7 +105,7 @@ boolean isEnterprise = true; Subscription subscription = new SubscriptionImpl(filter, deliveryMethod, sourceIds,isEnterprise); ---- -===== Delivery Method +=== Delivery Method A Delivery Method provides the operation (created, updated, deleted) for how an event's metacard can be delivered. diff --git a/distribution/docs/src/main/resources/content/_integrating/integrating-intro.adoc b/distribution/docs/src/main/resources/content/_integrating/integrating-intro.adoc index 249d25d3072b..e225e825aff8 100644 --- a/distribution/docs/src/main/resources/content/_integrating/integrating-intro.adoc +++ b/distribution/docs/src/main/resources/content/_integrating/integrating-intro.adoc @@ -3,6 +3,7 @@ :status: published :summary: Introduction to Integrating sections. +(((Integrating))) ${branding} is structured to enable flexible integration with external clients and into larger component systems. If integrating with an existing installation of ${branding}, continue to the following sections on endpoints and data/metadata management. diff --git a/distribution/docs/src/main/resources/content/_introduction/_coreConcepts/high-availability-intro.adoc b/distribution/docs/src/main/resources/content/_introduction/_coreConcepts/high-availability-intro.adoc index 72ae271735a6..735ea32f3b27 100644 --- a/distribution/docs/src/main/resources/content/_introduction/_coreConcepts/high-availability-intro.adoc +++ b/distribution/docs/src/main/resources/content/_introduction/_coreConcepts/high-availability-intro.adoc @@ -13,16 +13,16 @@ In a Highly Available Cluster, ${branding} has failover capabilities when a ${br [NOTE] ==== -The word "node", from a High Availability perspective, is one of the two ${branding} systems running within the Highly Available Cluster. +The word "node," from a High Availability perspective, describes one of the two ${branding} systems running within the Highly Available Cluster. Though there are multiple systems running with the Highly Available Cluster, it is still considered a single ${branding} from a user's perspective or from other ${branding}s' perspectives. ==== This setup consists of a SolrCloud instance, 2 ${branding} nodes connected to that SolrCloud, and a failover proxy that sits in front of those 2 nodes. -One of the ${branding} nodes will be arbitrarily chosen to be the active node, and the other will be the "hot standby" node. +One of the ${branding} nodes is arbitrarily chosen to be the active node, and the other is the "hot standby" node. It is called a "hot standby" node because it is ready to receive traffic even though it's not currently receiving any. -The failover proxy will route all traffic to the active node. -If the active node fails for any reason, the standby node will become active and the failover proxy will route all traffic to the new active node. +The failover proxy routes all traffic to the active node. +If the active node fails for any reason, the standby node becomes active and the failover proxy routes all traffic to the new active node. See the below diagrams for more detail. .Highly Available Cluster diff --git a/distribution/docs/src/main/resources/content/_introduction/_coreConcepts/ingest-intro.adoc b/distribution/docs/src/main/resources/content/_introduction/_coreConcepts/ingest-intro.adoc index 3ebd21e840ee..3b06a03e9026 100644 --- a/distribution/docs/src/main/resources/content/_introduction/_coreConcepts/ingest-intro.adoc +++ b/distribution/docs/src/main/resources/content/_introduction/_coreConcepts/ingest-intro.adoc @@ -11,5 +11,5 @@ Ingest is the process of bringing data resources, metadata, or both into the cat Ingested files are <<{integrating-prefix}transformers,transformed>> into a neutral format that can be searched against as well as migrated to other formats and systems. See <<{managing-prefix}ingesting_data, Ingesting Data>> for the various methods of ingesting data. -Upon ingest, a transformer will read the metadata from the ingested file and populate the fields of a metacard. +Upon ingest, a transformer reads the metadata from the ingested file and populates the fields of a metacard. Exactly how this is accomplished depends on the origin of the data, but most fields (except id) are imported directly. diff --git a/distribution/docs/src/main/resources/content/_introduction/_coreConcepts/resources-intro.adoc b/distribution/docs/src/main/resources/content/_introduction/_coreConcepts/resources-intro.adoc index 203eae619e95..35c3be4a9e38 100644 --- a/distribution/docs/src/main/resources/content/_introduction/_coreConcepts/resources-intro.adoc +++ b/distribution/docs/src/main/resources/content/_introduction/_coreConcepts/resources-intro.adoc @@ -7,13 +7,13 @@ == {title} -The Catalog Framework can interface with storage providers to provide storage of resources to specific types of storage, e.g., file system, relational database, XML database. +The Catalog Framework can interface with storage providers to provide storage of resources to specific types of storage, such as file system, relational database, XML database. A default file system implementation is provided by default. -Storage providers act as a proxy between the Catalog Framework and the mechanism storing the content. -Storage providers expose the storage mechanism to the Catalog Framework. +Storage providers act as a proxy between the Catalog Framework and the mechanism storing the content. +Storage providers expose the storage mechanism to the Catalog Framework. Storage plugins provide pluggable functionality that can be executed either immediately before or immediately after content has been stored or updated. -Storage providers provide the capability to the Catalog Framework to create, read, update, and delete resources in the content repository. +Storage providers provide the capability to the Catalog Framework to create, read, update, and delete resources in the content repository. See <<{managing-prefix}data_management,Data Management>> for more information on specific file types supported by ${branding}. diff --git a/distribution/docs/src/main/resources/content/_introduction/_coreConcepts/search-intro.adoc b/distribution/docs/src/main/resources/content/_introduction/_coreConcepts/search-intro.adoc index c78c37399a07..e85aa9d92993 100644 --- a/distribution/docs/src/main/resources/content/_introduction/_coreConcepts/search-intro.adoc +++ b/distribution/docs/src/main/resources/content/_introduction/_coreConcepts/search-intro.adoc @@ -30,5 +30,5 @@ Temporal searches can use the `created` or `modified` date attributes. Datatype Search:: A datatype search is used to search for metadata based on the datatype of the resource. Wildcards (*) can be used in both the datatype and version fields. -Metadata that matches any of the datatypes (and associated versions if specified) will be returned. -If a version is not specified, then all metadata records for the specified datatype(s) regardless of version will be returned. +Metadata that matches any of the datatypes (and associated versions if specified) is returned. +If a version is not specified, then all metadata records for the specified datatypes regardless of version are returned. diff --git a/distribution/docs/src/main/resources/content/_introduction/applications.adoc b/distribution/docs/src/main/resources/content/_introduction/applications.adoc index 496221c1a13b..a67be4be93dc 100644 --- a/distribution/docs/src/main/resources/content/_introduction/applications.adoc +++ b/distribution/docs/src/main/resources/content/_introduction/applications.adoc @@ -9,28 +9,28 @@ ${branding} is comprised of several modular applications, to be installed or uninstalled as needed. -${ddf-admin} Application:: +((${ddf-admin} Application)):: Enhances administrative capabilities when installing and managing ${branding}. It contains various services and interfaces that allow administrators more control over their systems. -${ddf-catalog} Application:: +((${ddf-catalog} Application)):: Provides a framework for storing, searching, processing, and transforming information. Clients typically perform local and/or federated query, create, read, update, and delete (QCRUD) operations against the Catalog. At the core of the Catalog functionality is the *Catalog Framework*, which routes all requests and responses through the system, invoking additional processing per the system configuration. -${ddf-platform} Application:: +((${ddf-platform} Application)):: The Core application of the distribution. The Platform application contains the fundamental building blocks to run the distribution. -${ddf-security} Application:: +((${ddf-security} Application)):: Provides authentication, authorization, and auditing services for the ${branding}. It is both a framework that developers and integrators can extend and a reference implementation that meets security requirements. -${ddf-solr} Application:: +((${ddf-solr} Application)):: Includes the Solr Catalog Provider, an implementation of the Catalog Provider using http://lucene.apache.org/solr/[Apache Solr] {external-link} as a data store. -${ddf-spatial} Application:: +((${ddf-spatial} Application)):: Provides OGC services, such as http://www.opengeospatial.org/standards/cat[CSW] {external-link}, http://www.opengeospatial.org/standards/wcs[WCS] {external-link}, http://www.opengeospatial.org/standards/wfs[WFS] {external-link}, and http://www.opengeospatial.org/standards/kml[KML] {external-link}. -${ddf-ui}:: +((${ddf-ui})):: Allows a user to search for records in the local Catalog (provider) and federated sources. Results of the search are returned and displayed on a globe or map, providing a visual representation of where the records were found. diff --git a/distribution/docs/src/main/resources/content/_introduction/developing-intro.adoc b/distribution/docs/src/main/resources/content/_introduction/developing-intro.adoc index 69a2aeac6207..14e460a421aa 100644 --- a/distribution/docs/src/main/resources/content/_introduction/developing-intro.adoc +++ b/distribution/docs/src/main/resources/content/_introduction/developing-intro.adoc @@ -4,12 +4,12 @@ :summary: Introduction to Developing sections. :order: 00 -Developers will build or extend the functionality of the applications.  +Developers build or extend the functionality of the applications.  ${branding} includes several extension points where external developers can add functionality to support individual use cases. ${branding} is written in Java and uses many open source libraries. -${branding} uses OSGi to provide modularity, lifecycle management, and dynamic services. +${branding} uses ((OSGi)) to provide modularity, lifecycle management, and dynamic services. OSGi services can be installed and uninstalled while ${branding} is running. ${branding} development typically means developing new OSGi bundles and deploying them to the running ${branding}. A complete description of OSGi is outside the scope of this documentation. diff --git a/distribution/docs/src/main/resources/content/_introduction/documentation-notes.adoc b/distribution/docs/src/main/resources/content/_introduction/documentation-notes.adoc index 9b6b0726a2ec..547fa4264686 100644 --- a/distribution/docs/src/main/resources/content/_introduction/documentation-notes.adoc +++ b/distribution/docs/src/main/resources/content/_introduction/documentation-notes.adoc @@ -14,7 +14,7 @@ This introduction section is intended to give a high-level overview of the conce Administrators:: <<{managing-prefix}managing,Managing>> | -Administrators will be installing, maintaining, and supporting existing applications. +Administrators install, maintain, and support existing applications. Use this section to <<{managing-prefix}installation_prerequisites,prepare>>, <<{managing-prefix}installing,install>>, <<{managing-prefix}configuring,configure>>, <<{managing-prefix}running,run>>, and <<{managing-prefix}monitoring,monitor>> ${branding}. Users:: @@ -24,11 +24,12 @@ Use this section to navigate the various user interfaces available in ${branding Integrators:: <<{integrating-prefix}integrating,Integrating>> | -Integrators will use the existing applications to support their external frameworks. This section will provide details for finding, accessing and using the components of ${branding}. + +Integrators use the existing applications to support their external frameworks. This section provides details for finding, accessing, and using the components of ${branding}. Developers:: <<{developing-prefix}developing,Developing>> | -Developers will build or extend the functionality of the applications.  +Developers build or extend the functionality of the applications. === Documentation Conventions @@ -46,14 +47,14 @@ Example: `ddf.catalog.CatalogFramework` ==== Hyperlinks -Some hyperlinks (e.g., `/admin`) within the documentation assume a locally running installation of ${ddf-branding}.  +Some hyperlinks (such as `/admin`) within the documentation assume a locally running installation of ${ddf-branding}. Simply change the hostname if accessing a remote host. Hyperlinks that take the user away from the ${branding} documentation are marked with an `external link` ({external-link}) icon. === Support -Questions about ${ddf-branding} should be posted to the https://groups.google.com/d/forum/ddf-users[ddf-users forum] {external-link} or https://groups.google.com/d/forum/ddf-developers[ddf-developers forum] {external-link}, where they will be responded to quickly by a member of the ${ddf-branding} team. +Questions about ${ddf-branding} should be posted to the https://groups.google.com/d/forum/ddf-users[ddf-users forum] {external-link} or https://groups.google.com/d/forum/ddf-developers[ddf-developers forum] {external-link}, to be responded to quickly by a member of the ${ddf-branding} team. ==== Documentation Updates diff --git a/distribution/docs/src/main/resources/content/_introduction/managing-intro.adoc b/distribution/docs/src/main/resources/content/_introduction/managing-intro.adoc index 2016299b52b2..ad5d663d1e68 100644 --- a/distribution/docs/src/main/resources/content/_introduction/managing-intro.adoc +++ b/distribution/docs/src/main/resources/content/_introduction/managing-intro.adoc @@ -3,5 +3,5 @@ :status: published :priority: 1 -Administrators will be installing, maintaining, and supporting existing applications. +Administrators install, maintain, and support existing applications. Use this section to prepare, install, configure, run, and monitor a ${branding}. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/_sources/confluence-federated-source.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/_sources/confluence-federated-source.adoc index 25b9c8cf44c2..e5c509ec1bb5 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/_sources/confluence-federated-source.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/_sources/confluence-federated-source.adoc @@ -43,11 +43,11 @@ See <<{reference-prefix}Confluence_Federated_Source, Confluence Federated Source [IMPORTANT] ==== -If an additional attribute is not part of the Confluence metacard type or <<{developing-prefix}attribute_injection_definition,injected>>, the attribute will not be added to the metacard. +If an additional attribute is not part of the Confluence metacard type or <<{developing-prefix}attribute_injection_definition,injected>>, the attribute is not added to the metacard. ==== .Usage Limitations of the Confluence Federated Source -Most of the fields that can be queried on Confluence have some sort of restriction on them. Most of the fields do not support the `like` aka `~` operation so the source will convert `like` queries to `equal` queries for attributes that don't support `like`. If the source receives a query with attributes it doesn't understand, it will just ignore them. If the query doesn't contain any attributes that map to Confluence search attributes, an empty result set will be returned. +Most of the fields that can be queried on Confluence have some sort of restriction on them. Most of the fields do not support the `like` aka `~` operation so the source converts `like` queries to `equal` queries for attributes that don't support `like`. If the source receives a query with attributes it doesn't understand, it just ignores them. If the query doesn't contain any attributes that map to Confluence search attributes, an empty result set is returned. -Depending on your version of Confluence, when downloading attachments you might get redirected to a different download URL. The default URLResourceReader configuration allows redirects, but if the option was disabled in the past, the download will fail. This can be fixed by re-enabling redirects in the `URLResourceReader` <<{developing-prefix}configuring_the_url_resource_reader,configuration>>. +Depending on your version of Confluence, when downloading attachments you might get redirected to a different download URL. The default `URLResourceReader` configuration allows redirects, but if the option was disabled in the past, the download fails. This can be fixed by re-enabling redirects in the `URLResourceReader` <<{developing-prefix}configuring_the_url_resource_reader,configuration>>. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/_sources/federation-strategy.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/_sources/federation-strategy.adoc index 530b9abaae6a..788e10dc958c 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/_sources/federation-strategy.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/_sources/federation-strategy.adoc @@ -7,11 +7,11 @@ == {title} -A federation strategy federates a query to all of the Remote Sources in the query's list, processes the results in a unique way, and then returns the results to the client.  -For example, implementations can choose to halt processing until all results return and then perform a mass sort or return the results back to the client as soon as they are received back from a Federated Source. +A federation strategy federates a query to all of the Remote Sources in the query's list, processes the results in a unique way, and then returns the results to the client. +For example, implementations can choose to halt processing until all results return and then perform a mass sort or return the results back to the client as soon as they are received back from a Federated Source. -An endpoint can optionally specify the federation strategy to use when it invokes the query operation. -Otherwise, the Catalog provides a default federation strategy that will be used: the Catalog Federation Strategy. +An endpoint can optionally specify the federation strategy to use when it invokes the query operation. +Otherwise, the Catalog provides a default federation strategy to use: the Catalog Federation Strategy. === Configuring Federation Strategy diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/_sources/opensearch-source.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/_sources/opensearch-source.adoc index ad1a0cd37891..d97a8c67b601 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/_sources/opensearch-source.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/_sources/opensearch-source.adoc @@ -90,7 +90,7 @@ If multiple point radius searches are encountered, each point radius is converte |Pulled from the query if it is a bounding-box query. + + Or else, calculated from the query if it is a single geometry or polygon query and the <<{reference-prefix}shouldConvertToBBox,`shouldConvertToBBox`>> configuration option is `true`. -NOTE: Converting a polygon that crosses the antimeridian to a bounding box will produce an incorrect bounding box. + +NOTE: Converting a polygon that crosses the antimeridian to a bounding box produces an incorrect bounding box. + //TODO DDF-3742 + Or else, calculated from the query if it is a geometry collection and the <<{reference-prefix}shouldConvertToBBox,`shouldConvertToBBox`>> configuration option is `true`. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/_sources/solr-catalog-provider.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/_sources/solr-catalog-provider.adoc index 4e2798d77046..bd812df362f9 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/_sources/solr-catalog-provider.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/_sources/solr-catalog-provider.adoc @@ -65,7 +65,7 @@ Configuration shared between Solr Server instances is managed by Zookeeper. ==== A minimum of three Zookeeper nodes required. Three Zookeeper nodes are needed to form a quorum. -A three Zookeeper ensemble allows for a single server to fail and the service will still be available. +A three Zookeeper ensemble allows for a single server to fail and the service to still be available. More Zookeeper nodes can be added to achieve greater fault tolerance. The total number of nodes must always be an odd number. See https://lucene.apache.org/solr/guide/${solr.docs.version}/setting-up-an-external-zookeeper-ensemble.html#SettingUpanExternalZooKeeperEnsemble-SettingupaZooKeeperEnsemble[ Setting Up an External Zoo Keeper Ensemble] for more information. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/_sources/wfs-11-source.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/_sources/wfs-11-source.adoc index fd9bd201846c..3398541714b9 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/_sources/wfs-11-source.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/_sources/wfs-11-source.adoc @@ -42,10 +42,10 @@ See <<{reference-prefix}Wfs_v1_1_0_Federated_Source,WFS v.1.1 Federated Source c .WFS URL The WFS URL must match the endpoint for the service being used. The type of service and version are added automatically, so they do not need to be included. -Some servers will throw an exception if they are included twice, so do not include those. +Some servers throw an exception if they are included twice, so do not include those. The syntax depends on the server. -However, in most cases, the syntax will be everything before the `?` character in the URL that corresponds to the `GetCapabilities` query. +However, in most cases, the syntax is everything before the `?` character in the URL that corresponds to the `GetCapabilities` query. .Example GeoServer 2.12.1 Syntax ---- @@ -58,4 +58,4 @@ In this case, the WFS URL would be: `http://www.example.org:8080/geoserver/wfs` The WFS v1.1.0 Source supports mapping metacard attributes to WFS feature properties for queries (GetFeature requests) to the WFS server. The source uses a `MetacardMapper` service to determine how to map a given metacard attribute in a query to a feature property the WFS server understands. It looks for a `MetacardMapper` whose `getFeatureType()` matches the feature type being queried. -Any `MetacardMapper` service implementation will work, but ${branding} provides one in the ${ddf-spatial} application called <<{reference-prefix}org.codice.ddf.spatial.ogc.wfs.catalog.mapper.MetacardMapper,Metacard to WFS Feature Map>>. +Any `MetacardMapper` service implementation can be used, but ${branding} provides one in the ${ddf-spatial} application called <<{reference-prefix}org.codice.ddf.spatial.ogc.wfs.catalog.mapper.MetacardMapper,Metacard to WFS Feature Map>>. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/_sources/wfs-20-source.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/_sources/wfs-20-source.adoc index 0f31f3bb20e3..70eda67ab01a 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/_sources/wfs-20-source.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/_sources/wfs-20-source.adoc @@ -39,10 +39,10 @@ See <<{reference-prefix}Wfs_v2_0_0_Federated_Source,WFS v.2.0 Federated source c .WFS URL The WFS URL must match the endpoint for the service being used. The type of service and version is added automatically, so they do not need to be included. -Some servers will throw an exception if they are included twice, so do not include those. +Some servers throw an exception if they are included twice, so do not include those. The syntax depends on the server. -However, in most cases, the syntax will be everything before the `?` character in the URL that corresponds to the `GetCapabilities` query. +However, in most cases, the syntax is everything before the `?` character in the URL that corresponds to the `GetCapabilities` query. .Example GeoServer 2.5 Syntax ---- @@ -78,8 +78,8 @@ There are two ways to configure the `MetacardMapper`: .Example WFS MetacardMapper Configuration The following shows how to configure the `MetacardMapper` to be used with the sample data provided with GeoServer. This configuration shows a custom mapping for the feature type ‘states’. -For the given type, we are taking the feature property ‘STATE_NAME’ and mapping it to the metacard attribute ‘title’. -In this particular case, since we mapped the state name to title in the metacard, it will now be fully searchable. +For the given type, the feature property ‘STATE_NAME’ is mapped to the metacard attribute ‘title’. +In this particular case, since the state name is mapped to title in the metacard, it is now fully searchable. .Example `MetacardMapper` Configuration Within a `feature.xml` file: [source,xml,linenums] diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/_sources/wfs-sources-services.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/_sources/wfs-sources-services.adoc index b6d78b73dcb4..a11a9c4115d0 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/_sources/wfs-sources-services.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/_sources/wfs-sources-services.adoc @@ -26,7 +26,7 @@ or <<{managing-prefix}wfs_2_0_source,WFS v2.0.0 Source>> for more information ab .Converting a WFS Feature In order to expose WFS features to ${branding} clients, the WFS feature must be converted into the common data format of the ${branding}, a metacard. The OGC package contains a `GenericFeatureConverter` that attempts to populate mandatory metacard fields with properties from the WFS feature XML. -All properties will be mapped directly to new attributes in the metacard. +All properties are mapped directly to new attributes in the metacard. However, the `GenericFeatureConverter` may not be able to populate the default metacard fields with properties from the feature XML. .Creating a Custom Converter diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/admin-console-tutorial.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/admin-console-tutorial.adoc index a8ab90dfcffc..c7e5cfd60e7d 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/admin-console-tutorial.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/admin-console-tutorial.adoc @@ -7,7 +7,7 @@ == {title} -The ${admin-console} is the centralized location for administering the system. +The ((${admin-console})) is the centralized location for administering the system. The ${admin-console} allows an administrator to configure and tailor system services and properties. The default address for the ${admin-console} is \${secure_url}/admin. @@ -58,7 +58,7 @@ Features are collections of OSGi bundles, configuration data, and/or other featu .Transitive Dependencies [NOTE] ==== -Features may have dependencies on other features and will auto-install them as needed. +Features may have dependencies on other features and auto-install them as needed. ==== In the ${admin-console}, Features are found on the *Features* tab of the *System* tab. @@ -68,8 +68,8 @@ In the ${admin-console}, Features are found on the *Features* tab of the *System . Select the *Features* tab. . Uninstalled features are shown with a *play* arrow under the *Actions* column. .. Select the *play* arrow for the desired feature. -.. The *Status* will change from *Uninstalled* to *Installed*. +.. The *Status* changes from *Uninstalled* to *Installed*. . Installed features are shown with a *stop* icon under the *Actions* column. .. Select the *stop* icon for the desired feature. -.. The *Status* will change from *Installed* to *Uninstalled*. +.. The *Status* changes from *Installed* to *Uninstalled*. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/catalog-authorization.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/catalog-authorization.adoc index 24d4aebcd28d..e00901745652 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/catalog-authorization.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/catalog-authorization.adoc @@ -19,8 +19,8 @@ All ${branding} Catalog operations can be restricted to users with certain attri . Select on the *Resource URI Policy Plugin* configuration. . Add any required attributes for each operation type. -Only users with the attributes listed on the *Catalog Policy Plugin* configuration will be allowed to access those operations. +Only users with the attributes listed on the *Catalog Policy Plugin* configuration are allowed to access those operations. By default, all operations only require a role of "guest" which every user has mixed into their attributes by way of the *Guest Claims Handler*. -If the default Guest user role is changed to something other than "guest" this configuration will need to be updated to allow users to continue using ${branding} Catalog operations. +If the default Guest user role is changed to something other than "guest" this configuration must be updated to allow users to continue using ${branding} Catalog operations. The *Resource URI Policy Plugin* functions in a very similar manner, but permits the `resource-uri` field to be protected separately from the rest of the metacard. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/catalog-filtering.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/catalog-filtering.adoc index 4493007fca36..ed2829929b6f 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/catalog-filtering.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/catalog-filtering.adoc @@ -7,7 +7,7 @@ == {title} -Filtering is the process of evaluating security markings on data resources, comparing them to the users permissions and protecting resources from inappropriate access. +((Filtering)) is the process of evaluating security markings on data resources, comparing them to the users permissions and protecting resources from inappropriate access. There are two options for processing filtering policies: internally, or through the use of a policy formatted in eXtensible Access Control Markup Language (XACML). The procedure for setting up a policy differs depending on whether that policy is to be used internally or by the external XACML processing engine. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/catalog-provider.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/catalog-provider.adoc index 193c716789fa..6f3a0d07d27e 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/catalog-provider.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/catalog-provider.adoc @@ -6,6 +6,7 @@ :order: 01 == {title} +(((Catalog Providers))) This scenario describes how to reconfigure ${branding} to use a different catalog provider. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/changing-hostname.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/changing-hostname.adoc index 82d08367fc8c..f1b976dd2fae 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/changing-hostname.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/changing-hostname.adoc @@ -6,9 +6,10 @@ :order: 02 == {title} +(((Hostname))) By default, the STS server, STS client and the rest of the services use the system property `org.codice.ddf.system.hostname` which is defaulted to 'localhost' and not to the fully qualified domain name of the ${branding} instance. Assuming the ${branding} instance is providing these services, the configuration must be updated to use the *fully qualified domain name* as the service provider. -If the ${branding} is being accessed from behind a proxy or load balancer, set the system property `org.codice.ddf.external.hostname` to the hostname users will be using to access the ${branding}. +If the ${branding} is being accessed from behind a proxy or load balancer, set the system property `org.codice.ddf.external.hostname` to the hostname users use to access the ${branding}. This can be changed during <<{managing-prefix}completing_installation_from_the_admin_console,Initial Configuration>> or later by editing the `${home_directory}/etc/custom.system.properties` file. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/config-templates.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/config-templates.adoc index a8dd6958fe16..526148a19fc1 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/config-templates.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/config-templates.adoc @@ -12,7 +12,7 @@ A template file is provided for some configurable ${branding} items so that they The following steps define the procedure for configuring a new source or feature using a `config` file: . Copy/rename the provided template file in the ``etc/templates` directory to the `etc` directory. (Refer to the table above to determine correct template.) -.. Not required, but a good practice is to change the instance name (e.g., `OpenSearchSource.1.config`) of the file to something identifiable (`OpenSearchSource.remote-site-1.config`). +.. While not required, a good practice is to change the instance name (such as `OpenSearchSource.1.config`) of the file to something identifiable (`OpenSearchSource.remote-site-1.config`). . Edit the copied file to etc with the settings for the configuration. (Refer to the table above to determine the configurable properties). .. Consult the inline comments in the file for guidance on what to modify. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/configuration-files.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/configuration-files.adoc index a41d851ccb00..87b0cd4e60a9 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/configuration-files.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/configuration-files.adoc @@ -16,13 +16,14 @@ The ${admin-console} can be re-enabled for additional configuration changes. ==== In an environment hardened for security purposes, access to the ${admin-console} or the ${command-console} might be denied and using the latter in such an environment may cause configuration errors. -It is necessary to configure ${branding} (e.g., providers, Schematron rulesets, etc.) using `.config` files. +For this reason,`.config` files (such as providers, Schematron rulesets, etc.) +are necessary to configure ${branding}. A template file is provided for some configurable ${branding} items so that they can be copied/renamed then modified with the appropriate settings. [WARNING] ==== -If the ${admin-console} is enabled again, all of the configuration done via `.config` files will be loaded and displayed. +If the ${admin-console} is enabled again, all of the configuration done via `.config` files is loaded and displayed. However, note that the name of the `.config` file is not used in the ${admin-console}. -Rather, a universally unique identifier (UUID) is added when the ${branding} item was created and displays this UUID in the console (e.g., `OpenSearchSource.112f298e-26a5-4094-befc-79728f216b9b`) +Rather, a universally unique identifier (UUID) is added when the ${branding} item was created and displays this UUID in the console (for example, `OpenSearchSource.112f298e-26a5-4094-befc-79728f216b9b`) ==== diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-access-plugins.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-access-plugins.adoc index e7ae71cf6865..7ef3b3ddc65c 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-access-plugins.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-access-plugins.adoc @@ -6,11 +6,13 @@ :order: 06 == {title} +(((Data Access Plugins))) Configure access plugins to act upon the rules and attributes configured by the policy plugins and user attributes. === Configuring the Security Audit Plugin +(((Security Audit Plugin))) The <<{architecture-prefix}security_audit_plugin,Security Audit Plugin>> audits specific metacard attributes. @@ -21,7 +23,7 @@ To configure the Security Audit Plugin: . Select *Configuration* tab. . Select *Security Audit Plugin*. -Add the desired metacard attributes that will be audited when modified. +Add the desired metacard attributes that are audited when modified. See <<{reference-prefix}org.codice.ddf.catalog.plugin.security.audit.SecurityAuditPlugin,Security Audit Plugin configurations>> for all possible configurations. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-catalog-rest-endpoint.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-catalog-rest-endpoint.adoc index b0ec920f6746..24e2a6be194f 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-catalog-rest-endpoint.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-catalog-rest-endpoint.adoc @@ -7,7 +7,7 @@ == {title} -The Catalog REST endpoint allows clients to perform operations on the Catalog using REST. +The ((Catalog REST endpoint)) allows clients to perform operations on the Catalog using REST. To install the Catalog REST endpoint: diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-csw-endpoint.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-csw-endpoint.adoc index a2cd8d4faeb5..301aa8b632d9 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-csw-endpoint.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-csw-endpoint.adoc @@ -7,7 +7,7 @@ == {title} -The CSW endpoint enables a client to search collections of descriptive information (metadata) about geospatial data and services. +The ((CSW endpoint)) enables a client to search collections of descriptive information (metadata) about geospatial data and services. To install the CSW endpoint: diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-data-management.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-data-management.adoc index 404f9e698949..461515f59489 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-data-management.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-data-management.adoc @@ -6,6 +6,7 @@ :order: 06 == {title} +(((Data Management))) Data ingested into ${branding} has security attributes that can be mapped to users' permissions to ensure proper access. This section covers configurations that ensure only the appropriate data is contained in or exposed by ${branding}. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-data-policy-plugins.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-data-policy-plugins.adoc index d903f17a010d..0a5e49271197 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-data-policy-plugins.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-data-policy-plugins.adoc @@ -10,6 +10,7 @@ Configure the data-related policy plugins to determine the accessibility of data held by ${branding}. === Configuring the Metacard Attribute Security Policy Plugin +(((Metacard Attribute Security Policy Plugin))) The Metacard Attribute Security Policy Plugin combines existing metacard attributes to make new attributes and adds them to the metacard. @@ -35,21 +36,23 @@ enter these two lines under the title **Metacard Union Attributes** See <<{reference-prefix}org.codice.ddf.catalog.security.policy.metacard.MetacardAttributeSecurityPolicyPlugin,Metacard Attribute Security Policy Plugin configurations>> for all possible configurations. === Configuring the Metacard Validation Marker Plugin +(((Metacard Validation Marker Plugin))) -By default, the Metacard Validation Marker Plugin will mark metacards with validation errors and warnings as they are reported by each metacard validator and then allow the ingest. +By default, the Metacard Validation Marker Plugin marks metacards with validation errors and warnings as they are reported by each metacard validator and then allows the ingest. To prevent the ingest of certain invalid metacards, the `Metacard Validity Marker` plugin can be configured to "enforce" one or more validators. -Metacards that are invalid according to an "enforced" validator will not be ingested. +Metacards that are invalid according to an "enforced" validator are not ingested. . Navigate to the *${admin-console}*. . Select the *${ddf-catalog}* application. . Select the *Configuration* tab. . Select the *Metacard Validity Marker Plugin*. -.. If desired, enter the ID of any metacard validator to enforce. This will prevent ingest of metacards that fail validation. +.. If desired, enter the ID of any metacard validator to enforce. This prevents ingest of metacards that fail validation. .. If desired, check *Enforce Errors* or *Enforce Warnings*, or both. See <<{reference-prefix}ddf.catalog.metacard.validation.MetacardValidityMarkerPlugin,Metacard Validity Marker Plugin configurations>> for all possible configurations. === Configuring the Metacard Validity Filter Plugin +(((Metacard Validity Filter Plugin))) The <<{architecture-prefix}metacard_validity_filter_plugin,Metacard Validity Filter Plugin>> determines whether metacards with validation errors or warnings are filtered from query results. @@ -63,6 +66,7 @@ The <<{architecture-prefix}metacard_validity_filter_plugin,Metacard Validity Fil See <<{reference-prefix}ddf.catalog.metacard.validation.MetacardValidityFilterPlugin,Metacard Validity Filter Plugin configurations>> for all possible configurations. === Configuring the XML Attribute Security Policy Plugin +(((XML Attribute Security Policy Plugin))) The XML Attribute Security Policy Plugin finds security attributes contained in a metacard's metadata. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-endpoints.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-endpoints.adoc index 01349a24ff3b..2f5789c3fcdc 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-endpoints.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-endpoints.adoc @@ -7,4 +7,4 @@ == {title} -Configure endpoints to enable external systems to send and receive content and metadata from ${branding}. \ No newline at end of file +Configure endpoints to enable external systems to send and receive content and metadata from ${branding}. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-fanout-proxy.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-fanout-proxy.adoc index 4fb987e72a9e..e49eef5ae063 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-fanout-proxy.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-fanout-proxy.adoc @@ -6,6 +6,7 @@ :order: 01 == {title} +(((Fanout Proxy))) Optionally, configure ${branding} as a fanout proxy such that only queries and resource retrieval requests are processed and create/update/delete requests are rejected. All queries are enterprise queries and no catalog provider needs to be configured. @@ -18,6 +19,6 @@ All queries are enterprise queries and no catalog provider needs to be configure . Save changes. ${branding} is now operating as a fanout proxy. -Only queries and resource retrieval requests will be allowed. -All queries will be federated. -Create, update, and delete requests will not be allowed, even if a Catalog Provider was configured prior to the reconfiguration as a fanout. +Only queries and resource retrieval requests are allowed. +All queries are federated. +Create, update, and delete requests are not allowed, even if a Catalog Provider was configured prior to the reconfiguration as a fanout. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-federation.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-federation.adoc index cdb965a70d65..a1036f82b727 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-federation.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-federation.adoc @@ -6,5 +6,6 @@ :summary: Configuring federation. == {title} +(((Federation))) ${branding} is able to <<{introduction-prefix}introduction_to_federation_and_sources,federate>> to other data sources, including other instances of ${branding}, with some simple configuration. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-guest-access.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-guest-access.adoc index 333ce8c06458..7cfea50c0554 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-guest-access.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-guest-access.adoc @@ -6,20 +6,21 @@ :order: 00 == {title} +(((Guest Access))) Unauthenticated access to a secured ${branding} system is provided by the *Guest* user. By default, ${branding} allows guest access. Because ${branding} does not know the identity of a Guest user, it cannot assign security attributes to the Guest. -The administrator must configure the attributes and values (i.e. the "claims") to be assigned to Guests. +The administrator must configure the attributes and values (the "claims") to be assigned to Guests. The Guest Claims become the default minimum attributes for every user, both authenticated and unauthenticated. -Even if a user claim is more restrictive, the guest claim will grant access, so ensure the guest claim is only as permissive as necessary. +Even if a user claim is more restrictive, the guest claim grants access, so ensure the guest claim is only as permissive as necessary. The *Guest* user is uniquely identified with a Principal name of the format `Guest@UID`. The unique identifier is assigned to a Guest based on its source IP address and is cached so that subsequent -Guest accesses from the same IP address within a 30-minute window will get the same unique identifier. +Guest accesses from the same IP address within a 30-minute window get the same unique identifier. To support administrators' need to track the source IP Address for a given Guest user, the IP Address -and unique identifier mapping will be audited in the security log. +and unique identifier mapping are audited in the security log. * Make sure that all the default logical names for locations of the security services are defined. @@ -31,7 +32,7 @@ Only authorized users are then allowed to continue to the Search UI page. === Allowing Guest User Access Guest authentication must be enabled and configured to allow guest users. -Once the guest user is configured, redaction and filtering of metadata is done for the guest user the same way it is done for normal users. +Once the guest user is configured, the redaction and filtering of metadata is done for the guest user the same way it is done for normal users. To enable guest authentication for a context, use the <<{managing-prefix}configuring_the_web_context_policy_manager, Web Context Policy Manager>> configuration to select *Allow Guest Access*. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-kml-endpoint.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-kml-endpoint.adoc index 2755f2d0ad98..43f555a57e97 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-kml-endpoint.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-kml-endpoint.adoc @@ -7,19 +7,19 @@ == {title} -Keyhole Markup Language (_KML_) is an XML notation for describing geographic annotation and visualization for 2- and 3- dimensional maps. +((Keyhole Markup Language)) (_KML_)(((KML))) is an XML notation for describing geographic annotation and visualization for 2- and 3- dimensional maps. -The root network link will create a network link for each configured source, including the local catalog. -The individual source network links will perform a query against the OpenSearch Endpoint periodically based on the current view in the KML client. +(((KML Network Link endpoint)))The root network link creates a network link for each configured source, including the local catalog. +The individual source network links perform a query against the OpenSearch Endpoint periodically based on the current view in the KML client. The query parameters for this query are obtained by a bounding box generated by Google Earth. -The root network link will refresh every 12 hours or can be forced to refresh. -As a user changes their current view, the query will be re-executed with the bounding box of the new view. +The root network link refreshes every 12 hours or can be forced to refresh. +As a user changes their current view, the query is re-executed with the bounding box of the new view. (This query gets re-executed two seconds after the user stops moving the view.) This KML Network Link endpoint has the ability to serve up custom KML style documents and Icons to be used within that document. The KML style document must be a valid XML document containing a KML style. The KML Icons should be placed in a single level directory and must be an image type (png, jpg, tif, etc.). -The Description will be displayed as a pop-up from the root network link on Google Earth. +The Description is displayed as a pop-up from the root network link on Google Earth. This may contain the general purpose of the network and URLs to external resources. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-multi-factor-auth.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-multi-factor-auth.adoc index 40b037bea066..8de364ef1c38 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-multi-factor-auth.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-multi-factor-auth.adoc @@ -7,11 +7,11 @@ == {title} -Mutli-factor authentication, sometimes referred to as two-factor authentication, allows for greater security. +(((MFA)))((Multi-factor authentication)), sometimes referred to as ((Two-factor authentication)), allows for greater security. It does this by requiring users to provide multiple proofs of identity, typically through something they know (such as a password), and something they have/are (such as a randomly generated pin number sent to one of their personal devices). The IdP that comes with ${branding} does not support multi-factor authentication by default. -Keycloak can be used to help setup and configure multi-factor authentication. +((Keycloak)) can be used to help setup and configure multi-factor authentication. See <<{managing-prefix}connecting_to_an_external_saml_identity_provider,Connecting to an External Identity Provider>> on how to initially hookup Keycloak. .Configuring Keycloak for MFA diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-oidc.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-oidc.adoc index a3b0d4b7dda1..7bc303d20e93 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-oidc.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-oidc.adoc @@ -5,12 +5,13 @@ :summary: Configuring included IdP. :order: 03 -==== {title} +== {title} +(((OpenID Connect, OIDC))) (((OAuth 2.0))) To use https://openid.net/specs/openid-connect-core-1_0.html[OpenID Connect (OIDC)] and https://tools.ietf.org/html/rfc6749[OAuth 2.0], ${branding} needs to be connected to an external Identity Provider (IdP) which supports these protocols. -===== OIDC +=== OIDC OIDC is used to authenticate (or log in) a user. To use this protocol in ${branding}, ${branding} needs the external IdP's information. @@ -28,11 +29,11 @@ Once connected, the Web Context Policy Manager needs to be updated. to do so, . Select the *Web Context Policy Manager*. . Under `Authentication Types for Web Pages` and `Authentication Types for Endpoints` add OIDC. -===== OAuth 2.0 +=== OAuth 2.0 OAuth 2.0 is an authorization protocol and ${branding} can use it when federating. -When a user queries a source that is configured to use this protocol, ${branding} will forward the user's information (access token) with the request. -If a source can be configured to use OAuth 2.0, `OAuth 2.0` will appear as an option under `Authentication Type` in the source's configuration. +When a user queries a source that is configured to use this protocol, ${branding} forwards the user's information (access token) with the request. +If a source can be configured to use OAuth 2.0, `OAuth 2.0` appears as an option under `Authentication Type` in the source's configuration. To configure a source to use OAuth 2.0, under the source's configuration, @@ -44,5 +45,5 @@ To configure a source to use OAuth 2.0, under the source's configuration, [NOTE] ==== -If the system ${branding} is federating with is a ${branding}, the ${branding} receiving the federated request should be connected to an external IdP and have `/services` protected by that IdP (i.e. have /service=OIDC`). +If ${branding} is federating with another ${branding}, the ${branding} receiving the federated request should be connected to an external IdP and have `/services` protected by that IdP (that is, have `/service=OIDC`). ==== diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-opensearch-endpoint.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-opensearch-endpoint.adoc index 15af2bae299d..71b2ebaa77f0 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-opensearch-endpoint.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-opensearch-endpoint.adoc @@ -7,9 +7,9 @@ == {title} -The OpenSearch endpoint enables a client to send query parameters and receive search results. This endpoint uses the input query parameters to create an OpenSearch query. The client does not need to specify all of the query parameters, only the query parameters of interest. +The ((OpenSearch endpoint)) enables a client to send query parameters and receive search results. This endpoint uses the input query parameters to create an OpenSearch query. The client does not need to specify all of the query parameters, only the query parameters of interest. -To install the KML endpoint: +To install the OpenSearch endpoint: . Navigate to the *${admin-console}*. . Select *System*. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-rest-for-users.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-rest-for-users.adoc index 6d38ec2bc913..6d8a2b0b1555 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-rest-for-users.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-rest-for-users.adoc @@ -7,7 +7,7 @@ == {title} -If using REST services or connecting to REST sources, several configuration options are available. +If using ((REST services)) or connecting to ((REST sources)), several configuration options are available. ${branding} can be configured to support an <<{managing-prefix}connecting_to_an_external_saml_identity_provider,external SAML IdP>> or no IdP at all. The following diagram shows the configuration options. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-security-policies.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-security-policies.adoc index 48aefd27eef7..4e72a605b78a 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-security-policies.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-security-policies.adoc @@ -7,4 +7,4 @@ == {title} -User attributes and Data attributes are matched by security policies defined within ${branding}. +((User attributes)) and ((Data attributes)) are matched by security policies((Security policies)) defined within ${branding}. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-system-message.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-system-message.adoc index 96d3c72501e4..44bdcfdea231 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-system-message.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/configuring-system-message.adoc @@ -6,6 +6,7 @@ :order: 04 == {title} +(((System Usage Message))) The Platform UI configuration contains the settings for displaying messages to users at login or in banners in the headers and footers of all pages. For, example this configuration can provide warnings that system usage is monitored or controlled. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/connecting-to-external-idp.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/connecting-to-external-idp.adoc index 0946afba7c6f..e15fc54e6f3d 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/connecting-to-external-idp.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/connecting-to-external-idp.adoc @@ -7,7 +7,7 @@ == {title} -To connect to an external SAML Identity Provider, +To connect to an external ((SAML Identity Provider)), . Provide the external SAML IdP with ${branding}'s Service Provider (SP) metadata. The SP metadata can found at `https://:/services/saml/sso/metadata`. @@ -21,7 +21,7 @@ The SP metadata can found at `https://:/services/saml/sso/metadata`. [NOTE] ==== -The certificate that the external IdP uses for signing will need to be added to the ${branding}'s keystore. See <<{managing-prefix}updating_key_store_trust_store_via_the_admin_console,Updating Key Store / Trust Store via the Admin Console>> for details. +The certificate that the external IdP uses for signing needs to be added to the ${branding}'s keystore. See <<{managing-prefix}updating_key_store_trust_store_via_the_admin_console,Updating Key Store / Trust Store via the Admin Console>> for details. ==== [NOTE] diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/connecting-to-sources.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/connecting-to-sources.adoc index e421f4f33b4a..c984d449f3bd 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/connecting-to-sources.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/connecting-to-sources.adoc @@ -6,25 +6,26 @@ :summary: Connecting to sources. == {title} +(((Sources))) A *source* is a system consisting of a catalog containing Metacards. -Catalog sources are used to connect Catalog components to data sources, local and remote. -Sources act as proxies to the actual external data sources, e.g., a RDBMS database or a NoSQL database. +((Catalog sources)) are used to connect Catalog components to data sources, local and remote. +Sources act as proxies to the actual external data sources, such as an RDBMS database or a NoSQL database. .Types of Sources -Remote Source:: Read-only data sources that support query operations but cannot be used to create, update, or delete metacards. +((Remote Source)):: Read-only data sources that support query operations but cannot be used to create, update, or delete metacards. -[[_federated_source]]Federated Sources:: A federated source is a remote source that can be included in federated queries by request or as part of an enterprise query. Federated sources support query and site information operations only. Catalog modification operations, such as create, update, and delete, are not allowed. +[[_federated_source]]((Federated Sources)):: A federated source is a remote source that can be included in federated queries by request or as part of an enterprise query. Federated sources support query and site information operations only. Catalog modification operations, such as create, update, and delete, are not allowed. Federated sources also expose an event service, which allows the Catalog Framework to subscribe to event notifications when metacards are created, updated, and deleted. + ${ddf-catalog} instances can also be federated to each other. Therefore, a ${ddf-catalog} can also act as a federated source to another ${ddf-catalog}. -[[_connected_sources]]Connected Sources:: A Connected Source is a local or remote source that is always included in every local and enterprise query, but is hidden from being queried individually. A connected source's identifier is removed in all query results by replacing it with ${branding}'s source identifier. The Catalog Framework does not reveal a connected source as a separate source when returning source information responses. +[[_connected_sources]]((Connected Sources)):: A Connected Source is a local or remote source that is always included in every local and enterprise query, but is hidden from being queried individually. A connected source's identifier is removed in all query results by replacing it with ${branding}'s source identifier. The Catalog Framework does not reveal a connected source as a separate source when returning source information responses. -[[_catalog_providers]]Catalog Providers:: A Catalog Provider is used to interact with data providers, such as files systems or databases, to query, create, update, or delete data. The provider also translates between ${branding} objects and native data formats. +[[_catalog_providers]]((Catalog Providers)):: A Catalog Provider is used to interact with data providers, such as files systems or databases, to query, create, update, or delete data. The provider also translates between ${branding} objects and native data formats. + -All sources, including federated source and connected source, support queries, but a Catalog provider also allows metacards to be created, updated, and deleted. A Catalog provider typically connects to an external application or a storage system (e.g., a database), acting as a proxy for all catalog operations. +All sources, including federated source and connected source, support queries, but a Catalog provider also allows metacards to be created, updated, and deleted. A Catalog provider typically connects to an external application or a storage system (such as a database), acting as a proxy for all catalog operations. -[[_catalog_stores]]Catalog Stores:: A Catalog Store is an editable store that is either local or remote. +[[_catalog_stores]]((Catalog Stores)):: A Catalog Store is an editable store that is either local or remote. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/console-commands-ref.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/console-commands-ref.adoc index e6aa325dae05..0353b61a22a5 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/console-commands-ref.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/console-commands-ref.adoc @@ -6,5 +6,6 @@ :summary: Console command reference == {title} +(((Console command))) ${branding} provides access to a powerful ${command-console} to use to manage and configure the system. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/content-directory-monitor.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/content-directory-monitor.adoc index 9021e7084c0b..a0a1b27d1147 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/content-directory-monitor.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/content-directory-monitor.adoc @@ -6,8 +6,9 @@ :summary: Content Directory Monitor. == {title} +((({title}))) -The Content Directory Monitor (CDM) provides the capability to easily add content and metacards into the ${ddf-catalog} by placing a file in a directory. +The Content Directory Monitor (CDM) provides the capability to easily add content and metacards into the ${ddf-catalog} by placing a file in a directory. === Installing the Content Directory Monitor @@ -32,12 +33,14 @@ Configuring a CDM requires adding read and write permissions to the directory be After adding permissions, a system restart is required for them to take effect. ==== +---- . permission java.io.FilePermission "", "read"; . permission java.io.FilePermission "${/}-", "read, write"; +---- -Trailing slashes after have no effect on the permissions granted. For example, adding a permission for "${/}test${/}path" and "${/}test${/}path${/}" are equivalent. The recursive forms "${/}test${/}path${/}-", and "${/}test${/}path${/}${/}-" are also equivalent. +Trailing slashes after `` have no effect on the permissions granted. For example, adding a permission for `"${/}test${/}path"` and `"${/}test${/}path${/}"` are equivalent. The recursive forms `"${/}test${/}path${/}-"`, and `"${/}test${/}path${/}${/}-"` are also equivalent. -Line 1 gives the CDM the permissions to read from the monitored directory path. Line 2 gives the CDM the permissions to recursively read and write from the monitored directory path, specified by the directory path's suffix "${/}-". +Line 1 gives the CDM the permissions to read from the monitored directory path. Line 2 gives the CDM the permissions to recursively read and write from the monitored directory path, specified by the directory path's suffix `"${/}-"`. If a CDM configuration is deleted, then the corresponding permissions that were added should be deleted to avoid granting unnecessary permissions to parts of the system. @@ -89,7 +92,7 @@ Regardless of the option, the ${branding} takes each file in a monitored directo * *Erases* the original file from the monitored directory. .Move -* Copies the file into the directory `.\ingested` *(this will double the disk space used)* +* Copies the file into the directory `.\ingested` *(this doubles the disk space used)* * Copies the file into the Content Repository. * Creates a metacard in the Catalog from the file. * *Erases* the original file from the monitored directory. @@ -102,14 +105,17 @@ Regardless of the option, the ${branding} takes each file in a monitored directo * If the original file is renamed, the old metacard is deleted and a new metacard is created. .Parallel Processing -The CDM supports parallel processing of files (up to 8 files processed concurrently). This is configured by setting the number of *Maximum Concurrent Files* in the configuration. A maximum of 8 is imposed to protect system resources. +The CDM supports parallel processing of files (up to 8 files processed concurrently). +This is configured by setting the number of *Maximum Concurrent Files* in the configuration. +A maximum of 8 is imposed to protect system resources. .Read Lock -When the CDM is set up, the directory specified is continuously scanned, and files are locked for processing based on the *ReadLock Time Interval*. This does not apply to the *Monitor in place* processing directive. Files will not be ingested without having a ReadLock that has observed no change in the file size. -This is done so that files that are in transit will not be ingested prematurely. The interval should be dependent on the speed of the copy to the directory monitor (ex. network drive vs local disk). -For local files, the default value of 500 milliseconds is recommended. The recommended interval for network drives is 1000 - 2000 milliseconds. If the value provided is less than 100, 100 milliseconds will be used. +When the CDM is set up, the directory specified is continuously scanned, and files are locked for processing based on the *ReadLock Time Interval*. This does not apply to the *Monitor in place* processing directive. Files are not ingested without having a ReadLock that has observed no change in the file size. +This is done so that files that are in transit are not ingested prematurely. The interval should be dependent on the speed of the copy to the directory monitor (ex. network drive vs local disk). +For local files, the default value of 500 milliseconds is recommended. The recommended interval for network drives is 1000 - 2000 milliseconds. If the value provided is less than 100, 100 milliseconds is used. It is also recommended that the *ReadLock Time Interval* be set to a lower amount of time when the *Maximum Concurrent Files* is set above 1 so that files are -locked in a timely manner and processed as soon as possible. When a higher *ReadLock Time Interval* is set, the time it takes for files to be processed is increased. +locked in a timely manner and processed as soon as possible. +When a higher *ReadLock Time Interval* is set, the time it takes for files to be processed is increased. .Attribute Overrides The CDM supports setting metacard attributes directly when ${branding} ingests a file. Custom overrides are entered in the form: @@ -128,38 +134,40 @@ To set multi-valued attributes, use a separate override for each value. For exam `*topic.keyword=PPI*` + `*topic.keyword=radiology*` -Attributes will only be overridden if they are part of the <<{integrating-prefix}metacard_type, metacard type>> or are <<{developing-prefix}attribute_injection_definition,injected>>. +Attributes are only overridden if they are part of the <<{integrating-prefix}metacard_type, metacard type>> or are <<{developing-prefix}attribute_injection_definition,injected>>. All attributes in the <<{metadata-prefix}catalog_taxonomy_definitions, catalog taxonomy tables>> are injected into all metacards by default and can be overridden. [IMPORTANT] ==== -If an overridden attribute is not part of the <<{integrating-prefix}metacard_type, metacard type>> or <<{developing-prefix}attribute_injection_definition,injected>> the attribute will not be added to the metacard. +If an overridden attribute is not part of the <<{integrating-prefix}metacard_type, metacard type>> or <<{developing-prefix}attribute_injection_definition,injected>> the attribute is not added to the metacard. ==== For example, if the metacard type contains contact email, `*contact.point-of-contact-email*` -but the value is not currently set, adding an attribute override will set the attribute value. +but the value is not currently set, adding an attribute override sets the attribute value. To override attributes that are not part of the metacard type, <<{developing-prefix}attribute_injection_definition,attribute injection>> can be used. .Blacklist The CDM blacklist uses the "bad.files" and "bad.file.extensions" properties from the custom.system.properties file in "etc/" in order to prevent -malicious or unwanted data from being ingested into DDF. While the CDM automatically omits hidden files, this is particularly useful when -an operating system automatically generates files that should not be ingested. One such example of this is "thumbs.db" in Windows. +malicious or unwanted data from being ingested into DDF. +While the CDM automatically omits hidden files, this is particularly useful when +an operating system automatically generates files that should not be ingested. +One such example of this is "thumbs.db" in Windows. This file type and any temporary files are included in the blacklist. .Errors -If the CDM fails to read the file, an error will be logged in the CDM log. If the directory monitor is +If the CDM fails to read the file, an error is logged in the CDM log. If the directory monitor is configured to *Delete* or *Move*, the original file is also moved to the `\.errors` directory. .Logging -CDM will send logs detailing the processing of files in the directory to `cdm.log`. +CDM sends log entries detailing the processing of files in the directory to `cdm.log`. [TIP] ==== -The log level for CDM can be set with the following console command. At the DEBUG level, CDM will periodically log the list of files still currently processing. +The log level for CDM can be set with the following console command. At the DEBUG level, CDM periodically logs the list of files still currently processing. ---- log:set DEBUG cdmLogger ---- diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/decanter-services.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/decanter-services.adoc index 8f4f073c4bd8..b3d87cb5c8ff 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/decanter-services.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/decanter-services.adoc @@ -6,6 +6,7 @@ :order: 02 == {title} +(((Alerts))) By default, ${branding} uses two services provided by Karaf Decanter for alerts that can be configured by configuration file. Further information on Karaf Decanter services and configurations can be found https://karaf.apache.org/documentation.html#decanter[here] {external-link}. @@ -13,7 +14,7 @@ Further information on Karaf Decanter services and configurations can be found h === Configuring Decanter Service Level Agreement (SLA) Checker The Decanter SLA Checker provides a way to create alerts based on configurable conditions in events posted to `decanter/collect/*` and can be configured by editing the file `${home_directory}/etc/org.apache.karaf.decanter.sla.checker.cfg`. -By default there are only two checks that will produce alerts, and they are based on the `SystemNotice` event property of `priority`. +By default there are only two checks that produce alerts, and they are based on the `SystemNotice` event property of `priority`. .Decanter SLA Configuration |=== diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/enabling-ssl.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/enabling-ssl.adoc index 1decd2118783..a4aac8f7bec3 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/enabling-ssl.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/enabling-ssl.adoc @@ -5,8 +5,9 @@ :order: 00 == {title} +(((SSL))) -In order for outbound secure connections (HTTPS) to be made from components like Federated Sources and Resource Readers configuration may need to be updated with keystores and security properties. +In order for outbound secure connections (HTTPS) to be made from components like Federated Sources and Resource Readers, configuration may need to be updated with keystores and security properties. These values are configured in the `${home_directory}/etc/custom.system.properties` file. The following values can be set: @@ -19,8 +20,8 @@ The following values can be set: |`javax.net.ssl.trustStore` |`etc/keystores/serverTruststore.jks` -|The java keystore that contains the trusted public certificates for Certificate Authorities (CA's) that can be used to validate SSL Connections for outbound TLS/SSL connections (e.g. HTTPS). -When making outbound secure connections a handshake will be done with the remote secure server and the CA that is in the signing chain for the remote server's certificate must be present in the trust store for the secure connection to be successful. +|The java keystore that contains the trusted public certificates for Certificate Authorities (CAs) that can be used to validate SSL Connections for outbound TLS/SSL connections (such as HTTPS). +When making outbound secure connections a handshake is done with the remote secure server and the CA that is in the signing chain for the remote server's certificate must be present in the trust store for the secure connection to be successful. |`javax.net.ssl.trustStorePassword` |`changeit` diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/encryption-service.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/encryption-service.adoc index c1ab5372da1f..4317ce1fe70f 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/encryption-service.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/encryption-service.adoc @@ -7,6 +7,8 @@ :order: 03 == {title} +((({title}))) + ${branding} includes an encryption service to encrypt plain text such as passwords. === Encryption Command diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/enforcing-errors.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/enforcing-errors.adoc index 19798f04145e..8f8d34ea931f 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/enforcing-errors.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/enforcing-errors.adoc @@ -13,6 +13,6 @@ Prevent data with errors or warnings from being ingested at all. . Select the *${ddf-catalog}* application. . Select *Configuration*. . Select *Metacard Validation Marker Plugin*. -. Enter *ID* of validator(s) to enforce. +. Enter *ID* of each validator to enforce. . Select *Enforce errors* to prevent ingest for errors. . Select *Enforce warnings* to prevent ingest for warnings. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/environment-hardening.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/environment-hardening.adoc index 45cba8668639..eedfac78d116 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/environment-hardening.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/environment-hardening.adoc @@ -5,6 +5,7 @@ :order: 09 == {title} +((({title}))) * *{hardening-step}* @@ -31,7 +32,7 @@ a|* Stop the management feature using the command line console: `feature:stop ma |File System Access |tampering, information disclosure, and denial of service -a|Set OS File permissions under the `${home_directory}` directory (e.g. `/deploy`, `/etc`) to ensure unauthorized viewing and writing is not allowed. +a|Set OS File permissions under the `${home_directory}` directory (for example, `/deploy` or `/etc`) to ensure unauthorized viewing and writing is not allowed. If Caching is installed: @@ -64,14 +65,13 @@ To allow direct remote access to the ${branding} shell from any host, change the SSH can also be authenticated and authorized through an external Realm, such as LDAP. This can be accomplished by editing the `${home_directory}/etc/org.apache.karaf.shell.cfg` file and setting the -value for `sshRealm`, e.g. to `ldap`. No restart of ${branding} is necessary after this change. +value for `sshRealm` to the appropriate realm, such as `ldap`. No restart of ${branding} is necessary after this change. -By definition, all connections over SSH will be authenticated and authorized and secure from eavesdropping. +By definition, all connections over SSH are authenticated and authorized and secure from eavesdropping. [WARNING] ==== -Enabling SSH will expose your file system such that any user with access to your ${branding} shell will -have read/write/execute access to all directories and files accessible to your installation user. +Enabling SSH exposes your file system because any user with access to your ${branding} shell has read/write/execute access to all directories and files accessible to your installation user. *Because of this, SSH is not recommended in a secure environment and should be turned off in a fully hardened system.* @@ -90,7 +90,7 @@ Setting this configuration may break compatibility to legacy systems that do not [WARNING] ==== -Setting this configuration will require a certificate to be installed in the browser. +Setting this configuration requires a certificate to be installed in the browser. ==== |Session Inactivity Timeout diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/feature-commands.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/feature-commands.adoc index 8aa24899caef..0c8f9417dc9f 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/feature-commands.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/feature-commands.adoc @@ -6,6 +6,7 @@ :summary: Managing features from the ${command-console}. == {title} +((({title}))) Individual features can also be added via the ${command-console}. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/filter-policy-plugins.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/filter-policy-plugins.adoc index 3c372fa81d30..a78adf1fb541 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/filter-policy-plugins.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/filter-policy-plugins.adoc @@ -7,6 +7,6 @@ == {title} -Several Policy Plugins for catalog filtering exist currently: <<{developing-prefix}metacard_attribute_security_policy_plugin,Metacard Attribute Security Policy Plugin>> and <<{developing-prefix}xml_attribute_security_policy_plugin,XML Attribute Security Policy Plugin>>. +Several ((Policy Plugins)) for catalog filtering exist currently, <<{developing-prefix}metacard_attribute_security_policy_plugin,Metacard Attribute Security Policy Plugin>> and <<{developing-prefix}xml_attribute_security_policy_plugin,XML Attribute Security Policy Plugin>>. These Policy Plugin implementations allow an administrator to easily add filtering capabilities to some standard Metacard types for all ${ddf-catalog} operations. -These plugins will place policy information on the Metacard itself that allows the <<{developing-prefix}filter_plugin,Filter Plugin>> to restrict unauthorized users from viewing content they are not allowed to view. +These plugins place policy information on the Metacard itself that allows the <<{developing-prefix}filter_plugin,Filter Plugin>> to restrict unauthorized users from viewing content they are not allowed to view. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/global-settings.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/global-settings.adoc index ba645de10fbf..f8d5c8ba0e5d 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/global-settings.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/global-settings.adoc @@ -7,7 +7,7 @@ == {title} -Global configuration settings are configured via the properties file `custom.system.properties`. +((Global configuration settings)) are configured via the properties file ((`custom.system.properties`)). These properties can be manually set by editing this file or set via the initial configuration from the ${admin-console}. [NOTE] @@ -105,7 +105,7 @@ If the hostname is changed during the install to something other than `localhost |Internal HTTPS Port |org.codice.ddf.system.httpsPort |String -|The https port that the system uses. +a|The https port that the system uses. NOTE: This *DOES* change the port the system runs on. |8993 @@ -114,7 +114,7 @@ NOTE: This *DOES* change the port the system runs on. |Internal HTTP Port |org.codice.ddf.system.HttpPort |String -|The http port that the system uses. +a|The http port that the system uses. NOTE: This *DOES* change the port the system runs on. |8181 @@ -123,7 +123,7 @@ NOTE: This *DOES* change the port the system runs on. |Internal Default Port |org.codice.ddf.system.port |String -|The default port that the system uses. This should match either the above http or https port. +a|The default port that the system uses. This should match either the above http or https port. NOTE: This *DOES* change the port the system runs on. |8993 @@ -132,7 +132,7 @@ NOTE: This *DOES* change the port the system runs on. |Internal Root Context |org.codice.ddf.system.rootContext |String -|The base or root context that services will be made available under. +|The base or root context that services are made available under. |/services |Yes @@ -150,8 +150,7 @@ a|The hostname or IP address used to advertise the system. Do not enter `localho If the hostname is changed during the install to something other than `localhost` a new keystore and truststore must be provided. See <<{managing-prefix}managing_keystores_and_certificates,Managing Keystores and Certificates>> for details. -NOTE: -Does not change the address the system runs on. +NOTE: Does not change the address the system runs on. |localhost |Yes @@ -159,7 +158,7 @@ Does not change the address the system runs on. |HTTPS Port |org.codice.ddf.external.httpsPort |String -|The https port used to advertise the system. +a|The https port used to advertise the system. NOTE: This does not change the port the system runs on. |8993 @@ -168,7 +167,7 @@ NOTE: This does not change the port the system runs on. |External HTTP Port |org.codice.ddf.external.httpPort |String -|The http port used to advertise the system. +a|The http port used to advertise the system. NOTE: This does not change the port the system runs on. |8181 @@ -177,7 +176,7 @@ NOTE: This does not change the port the system runs on. |External Default Port |org.codice.ddf.external.port |String -|The default port used to advertise the system. This should match either the above http or https port. +a|The default port used to advertise the system. This should match either the above http or https port. NOTE: Does not change the port the system runs on. |8993 @@ -186,7 +185,7 @@ NOTE: Does not change the port the system runs on. |External Root Context |org.codice.ddf.external.context |String -|The base or root context that services will be advertised under. +|The base or root context that services are advertised under. |/services |Yes @@ -267,7 +266,7 @@ TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 |Allow Basic Auth Over Http |org.codice.allowBasicAuthOverHttp |Boolean -|Set to true to allow Basic Auth credentials to be sent over HTTP unsecurely. This should only be done in a test environment. These events will be audited. +|Set to true to allow Basic Auth credentials to be sent over HTTP unsecurely. This should only be done in a test environment. These events are audited. |false |Yes @@ -315,9 +314,9 @@ The interval is measured in seconds. |File extensions flagged as potentially dangerous to the host system or external clients |bad.file.extensions |String -|Files uploaded with these bad file extensions will have their file names sanitized before being saved +|Files uploaded with these bad file extensions have their file names sanitized before being saved -E.g. sample_file.exe will be renamed to sample_file.bin upon ingest +For example, `sample_file.exe` is renamed to `sample_file.bin` upon ingest |.exe, .jsp, .html, @@ -394,9 +393,10 @@ E.g. sample_file.exe will be renamed to sample_file.bin upon ingest |File names flagged as potentially dangerous to the host system or external clients |bad.files |String -|Files uploaded with these bad file names will have their file names sanitized before being saved +|Files uploaded with these bad file names have their file names sanitized before being saved + +For example, `crossdomain.xml` is renamed to `file.bin` upon ingest -E.g. crossdomain.xml will be renamed to file.bin upon ingest |crossdomain.xml, clientaccesspolicy.xml, .htaccess, @@ -415,7 +415,7 @@ robots.txt |Mime types flagged as potentially dangerous to external clients |bad.mime.types |String -|Files uploaded with these mime types will be rejected from the upload +|Files uploaded with these mime types are rejected from the upload |text/html, text/javascript, text/x-javascript, @@ -428,7 +428,7 @@ application/x-msmetafile |File names flagged as potentially dangerous to external clients |ignore.files |String -|Files uploaded with these file names will be rejected from the upload +|Files uploaded with these file names are rejected from the upload |.DS_Store, Thumbs.db |Yes @@ -515,9 +515,9 @@ For example, the url for the local csw service (\${secure_url}/services/csw) cou ${variable-prefix}org.codice.ddf.system.protocol}${variable-prefix}org.codice.ddf.system.hostname}:${variable-prefix}org.codice.ddf.system.port}${variable-prefix}org.codice.ddf.system.rootContext}/csw ---- -This variable version is more verbose, but will not need to be changed if the system `host`, `port` or `root` context changes. +This variable version is more verbose, but does not need to be changed if the system `host`, `port` or `root` context changes. [WARNING] ==== Only root can access ports < 1024 on Unix systems. -==== \ No newline at end of file +==== diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/hiding-errors-by-role.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/hiding-errors-by-role.adoc index 663bdedaceeb..3063d75a359a 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/hiding-errors-by-role.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/hiding-errors-by-role.adoc @@ -11,7 +11,7 @@ Prevent certain users from seeing data with certain types of errors or warnings. Typically, this is used for security markings. -If the *Metacard Validation Filter Plugin* is configured to *Filter errors* and/or *Filter warnings*, metacards with errors/warnings will be hidden from users without the specified user attributes. +If the *Metacard Validation Filter Plugin* is configured to *Filter errors* and/or *Filter warnings*, metacards with errors/warnings are hidden from users without the specified user attributes. . Navigate to the *${admin-console}*. . Select the *${ddf-catalog}* application. @@ -25,5 +25,5 @@ If the *Metacard Validation Filter Plugin* is configured to *Filter errors* and/ To harden the system and prevent other ${branding} systems from querying invalid data in the local catalog, it is recommended to create and set user roles that are unique to the local system (ie. a user role that includes a UUID). -. Select *Filter errors* to filter errors. Users without the `invalid-state` attribute will not see metacards with errors. -. Select *Filter warnings* to filter warnings. Users without the `invalid-state` attribute will not see metacards with warnings. +. Select *Filter errors* to filter errors. Users without the `invalid-state` attribute cannot see metacards with errors. +. Select *Filter warnings* to filter warnings. Users without the `invalid-state` attribute cannot see metacards with warnings. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/high-availability-config.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/high-availability-config.adoc index e836ab79c246..111c45bf53bc 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/high-availability-config.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/high-availability-config.adoc @@ -9,7 +9,7 @@ This section describes how to make configuration changes after the initial setup for a ${branding} in a <<{introduction-prefix}introduction_to_high_availability,Highly Available Cluster>>. -In a Highly Available Cluster, configuration changes must be made on both ${branding} nodes. +In a (((Highly Available Cluster))), configuration changes must be made on both ${branding} nodes. The changes can still be made in the standard ways via the <<{managing-prefix}admin_console_tutorial,Admin Console>>, the <<{managing-prefix}console_command_reference,Command Line>>, or the <<{managing-prefix}configuration_files, file system>>. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/http-port.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/http-port.adoc index 36910ca5f490..ba25721766d6 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/http-port.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/http-port.adoc @@ -10,7 +10,7 @@ To change HTTP or HTTPS ports from the default values, edit the `custom.system.properties` file. . Open the file at ${home_directory}/etc/custom.system.properties -. Change the value after the `=` to the desired port number(s): +. Change the value after the `=` to the desired port numbers: .. `org.codice.ddf.system.httpsPort=8993` to `org.codice.ddf.system.httpsPort=` .. `org.codice.ddf.system.httpPort=8181` to `org.codice.ddf.system.httpPort=` . Restart ${branding} for changes to take effect. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/isolating-solrcloud-zookeeper.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/isolating-solrcloud-zookeeper.adoc index c2e77c944d73..d48b1423a5ab 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/isolating-solrcloud-zookeeper.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/isolating-solrcloud-zookeeper.adoc @@ -9,7 +9,7 @@ * *{hardening-step}* (if using SolrCloud/Zookeeper) -Zookeeper clients cannot use secure (SSL/TLS) connections. +((Zookeeper)) clients cannot use secure (SSL/TLS) connections. The configuration information that Zookeeper sends and receives is vulnerable to network sniffing. Any unencrypted network traffic is vulnerable to sniffing attacks. To use SolrCloud with Zookeeper securely, these processes must be isolated on the network, or their communications must be encrypted by other means. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/jetty-threadpool-settings.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/jetty-threadpool-settings.adoc index 8d1dedbc5806..01e202d9e9b0 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/jetty-threadpool-settings.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/jetty-threadpool-settings.adoc @@ -7,7 +7,7 @@ == {title} -To prevent resource shortages in the event of concurrent requests, ${branding} allows configuring Jetty ThreadPool settings to specify the minimum and maximum available threads. +To prevent resource shortages in the event of concurrent requests, ${branding} allows configuring ((Jetty ThreadPool settings)) to specify the minimum and maximum available threads. . The settings can be changed at `etc/org.ops4j.pax.web.cfg` under Jetty Server ThreadPool Settings. . Specify the maximum thread amount with `org.ops4j.pax.web.server.maxThreads` diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/landing-page.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/landing-page.adoc index 8b3b29cef579..a2904e41c2d2 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/landing-page.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/landing-page.adoc @@ -7,8 +7,8 @@ == {title} -The Landing Page is the first page presented to users of ${branding}. -It is customizable to allow adding organizationally-relevant content. +The ((Landing Page)) is the first page presented to users of ${branding}. +It is customizable to allow adding organizationally relevant content. === Installing the Landing Page diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/ldap-server.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/ldap-server.adoc index 2825e9403cb7..809c21044cb0 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/ldap-server.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/ldap-server.adoc @@ -6,6 +6,7 @@ :order: 03 == {title} +(((LDAP))) [WARNING] ==== @@ -18,7 +19,7 @@ Then change the LDAP Bind User Password in the <<{reference-prefix}Claims_Handle A claim is an additional piece of data about a principal that can be included in a token along with basic token data. A claims manager provides hooks for a developer to plug in claims handlers to ensure that the STS includes the specified claims in the issued token. -Claims handlers convert incoming user credentials into a set of attribute claims that will be populated in the SAML assertion. +Claims handlers convert incoming user credentials into a set of attribute claims that is populated in the SAML assertion. For example, the `LDAPClaimsHandler` takes in the user's credentials and retrieves the user's attributes from a backend LDAP server. These attributes are then mapped and added to the SAML assertion being created. Integrators and developers can add more claims handlers that can handle other types of external services that store user attributes. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/logout-theming.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/logout-theming.adoc index a46fc6eebe8d..e59bc5174256 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/logout-theming.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/logout-theming.adoc @@ -6,17 +6,18 @@ :order: 01 == {title} +(((Logout Page))) The logout pages is presented to users through the navigation of ${branding} and has a changeable timeout value. . Navigate to the *${admin-console}*. -. Select *${ddf-security}* Application. +. Select *${ddf-security}* Application. . Select *Configuration* tab. . Select *Logout Page*. The customizable feature of the logout page is the *Logout Page Time Out*. This is the time limit the IDP -client will wait for a user to click log out on the logout page. Any requests that take longer than this -time for the user to submit will be rejected. +client waits for a user to click log out on the logout page. Any requests that take longer than this +time for the user to submit are rejected. . *Default value*: 3600000 (milliseconds) diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/platform-ui-theming.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/platform-ui-theming.adoc index b5236eb8acf7..132b98ec4329 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/platform-ui-theming.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/platform-ui-theming.adoc @@ -6,6 +6,7 @@ :order: 02 == {title} +((({title}))) The Platform UI Configuration allows for the customization of attributes of all pages within ${branding}. It contains settings to display messages to users at login or in banners in the headers and footers of all pages, @@ -28,4 +29,4 @@ The banner has four items to configure: . *Text Color* . *Background Color* -See the <<{reference-prefix}ddf.platform.ui.config,Platform UI>> for all possible configurations of the Platform UI Configuration. \ No newline at end of file +See the <<{reference-prefix}ddf.platform.ui.config,Platform UI>> for all possible configurations of the Platform UI Configuration. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/product-cache.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/product-cache.adoc index a068534266f7..47684b4fbf22 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/product-cache.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/product-cache.adoc @@ -5,7 +5,8 @@ :summary: Configure product cache. :order: 01 -== {title } +== {title} +(((Product Cache))) All caching properties are part of the <<{reference-prefix}ddf.catalog.resource.download.ReliableResourceDownloadManager,Resource Download Settings>>. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/remove-default-users-cont.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/remove-default-users-cont.adoc index f030a1f3854b..17486dc57927 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/remove-default-users-cont.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/remove-default-users-cont.adoc @@ -7,7 +7,7 @@ [WARNING] ==== -Once the default users are removed, the `<${branding}_HOME>/bin/client` and `<${branding}_HOME>/bin/client.bat` scripts will not work. +Once the default users are removed, the `<${branding}_HOME>/bin/client` and `<${branding}_HOME>/bin/client.bat` scripts do not work. If SSH access to the Karaf shell is to be supported, edit the file `org.apache.karaf.shell.cfg` in the `/etc` directory, changing the value of the `sshRealm` property from `karaf` to `ldap`. ==== @@ -29,4 +29,4 @@ If a system recovery account is configured in `users.properties`, ensure: [NOTE] ==== It is recommended to perform yearly reviews of accounts for compliance with organizational account management requirements. -==== \ No newline at end of file +==== diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/remove-default-users.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/remove-default-users.adoc index 680408c1c950..863d9f27a5d5 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/remove-default-users.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/remove-default-users.adoc @@ -6,11 +6,12 @@ :order: 06 == {title} +((({title}))) * *{hardening-step}* The default security configuration uses a property file located at `${home_directory}/etc/users.properties` to store users and passwords. -A hardened system will remove this file and manage all users externally, via an LDAP server or by other means. +A hardened system removes this file and manage all users externally, via an LDAP server or by other means. .Default Users are an Insecure Default [NOTE] @@ -22,4 +23,4 @@ Once ${branding} is configured to use an external user (such as LDAP), remove th Use of a `users.properties` file should be limited to emergency recovery operations and replaced as soon as effectively possible. The deletion of the default users in the `users.properties` file can be done automatically after 72 hours. -This feature can be found at *${admin-console} -> Admin -> Default Users Deletion Scheduler -> Enable default users automatic deletion*. \ No newline at end of file +This feature can be found at *${admin-console} -> Admin -> Default Users Deletion Scheduler -> Enable default users automatic deletion*. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/restricting-app-access.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/restricting-app-access.adoc new file mode 100644 index 000000000000..514ae9ffd23d --- /dev/null +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/restricting-app-access.adoc @@ -0,0 +1,37 @@ +:title: Restricting Access to Features, Apps, Services, and Configurations +:type: configuration +:status: published +:parent: Configuring User Access +:summary: Restricting User Access to Features, Apps, Services, and Configurations +:order: 051 + +== {title} +((({title}))) + +* *{hardening-step}* + +Limit access to the individual applications, features, or services to those users who need access. +Organizational requirements should dictate which applications are restricted and the extent to which they are restricted. + +. Navigate to the *${admin-console}*. +. Select the *${ddf-admin}* application. +. Select the *Configuration* tab. +. Select the *Admin Configuration Policy*. +. To add a feature or app permission: +.. Add a new field to "Feature and App Permissions" in the format of: ++ +`/ = "attribute name=attribute value","attribute name2=attribute value2", ...` ++ +.. For example, to restrict access of any user without an admin role to the catalog-app: ++ +`catalog-app = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role=admin", ...` ++ +. To add a configuration permission: +.. Add a new field to "Configuration Permissions" in the format of: ++ +`configuration id = "attribute name=attribute value","attribute name2=attribute value2", ...` +.. For example, to restrict access of any user without an admin role to the Web Context Policy Manager: ++ +`org.codice.ddf.security.policy.context.impl.PolicyManager="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role=admin"` + +If a permission is specified, any user without the required attributes is unable to see or modify the feature, app, or configuration. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/securing-admin-console.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/securing-admin-console.adoc index 9e662946ced7..8443b31bc04c 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/securing-admin-console.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/securing-admin-console.adoc @@ -2,10 +2,11 @@ :type: configuration :status: published :parent: Configuring User Access -:summary: Introduction to the ${admin-console}. +:summary: Restricting User Access to ${admin-console} :order: 05 == {title} +((({title}))) * *{hardening-step}* @@ -18,37 +19,7 @@ To set access restrictions on the ${admin-console}, consult the organization's s . Select the *${ddf-security}* application. . Select the *Configuration* tab. . Select the *Web Context Policy Manager*. -.. A dialogue will pop up that allows you to edit ${branding} access restrictions. +.. A dialogue allows you to edit ${branding} access restrictions. .. If your infrastructure supports multiple <<{reference-prefix}org.codice.ddf.security.policy.context.impl.PolicyManager,authentication methods>>, you may specify them here. .. Role requirements may be enforced by configuring the <<{reference-prefix}org.codice.ddf.security.policy.context.impl.PolicyManager,required attributes>> for a given context. .. The <<{reference-prefix}org.codice.ddf.security.policy.context.impl.PolicyManager,white listed contexts>> allows child contexts to be excluded from the authentication constraints of their parents. - -=== Restricting Feature, App, Service, and Configuration Access - -* *{hardening-step}* - -Limit access to the individual applications, features, or services to those users who need access. -Organizational requirements should dictate which applications are restricted and the extent to which they are restricted. - -. Navigate to the *${admin-console}*. -. Select the *${ddf-admin}* application. -. Select the *Configuration* tab. -. Select the *Admin Configuration Policy*. -. To add a feature or app permission: -.. Add a new field to "Feature and App Permissions" in the format of: -+ -`/ = "attribute name=attribute value","attribute name2=attribute value2", ...` -+ -.. For example, to restrict access of any user without an admin role to the catalog-app: -+ -`catalog-app = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role=admin", ...` -+ -. To add a configuration permission: -.. Add a new field to "Configuration Permissions" in the format of: -+ -`configuration id = "attribute name=attribute value","attribute name2=attribute value2", ...` -.. For example, to restrict access of any user without an admin role to the Web Context Policy Manager: -+ -`org.codice.ddf.security.policy.context.impl.PolicyManager="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role=admin"` - -If a permission is specified, any user without the required attributes will be unable to see or modify the feature, app, or configuration. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/securing-idp-sp.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/securing-idp-sp.adoc index a03affda57c1..4f93f0534070 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/securing-idp-sp.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/securing-idp-sp.adoc @@ -7,7 +7,7 @@ == {title} -The ${ddf-security} SAML handler provides service provider handling that satisfies the http://docs.oasis-open.org/security/saml/v2.0/saml-profiles-2.0-os.pdf[SAML 2.0 Web SSO profile] in order to support external SAML IdPs (Identity Providers). +The ((${ddf-security} SAML handler)) provides service provider handling that satisfies the http://docs.oasis-open.org/security/saml/v2.0/saml-profiles-2.0-os.pdf[SAML 2.0 Web SSO profile] in order to support external SAML IdPs (Identity Providers). The SAML handler is used for SSO authentication purposes. @@ -27,7 +27,7 @@ The Web SSO bundles are installed by default with the ${ddf-security} applicatio .. An HTTPS URL (https://) .. A file URL (file:) .. An XML block to refer to desired metadata -... (e.g., \${secure_url}/services/idp/login/metadata) +... (for example, \${secure_url}/services/idp/login/metadata) .SAML 2.0 Web SSO Client (SP) example.xml [source,xml,linenums] diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/setting-internal-policies.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/setting-internal-policies.adoc index f707867b2d3a..121a4a46c573 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/setting-internal-policies.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/setting-internal-policies.adoc @@ -6,6 +6,7 @@ :order: 00 == {title} +(((Setting Internal Policies))) . Navigate to the *${admin-console}*. . Select the *${ddf-security}* application. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/setting-xacml-policies.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/setting-xacml-policies.adoc index b6109db6e3c3..e698a1235c8d 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/setting-xacml-policies.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/setting-xacml-policies.adoc @@ -7,7 +7,7 @@ == {title} -To set up a XACML policy, place the desired XACML policy in the `/etc/pdp/policies` directory and update the included `access-policy.xml` to include the new policy. -This is the directory in which the PDP will look for XACML policies every 60 seconds. +To set up a ((XACML policy)), place the desired XACML policy in the `/etc/pdp/policies` directory and update the included `access-policy.xml` to include the new policy. +This is the directory in which the PDP looks for XACML policies every 60 seconds. See <<{developing-prefix}developing_xacml_policies,Developing XACML Policies>> for more information about custom XACML policies. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/solr-admin-ui.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/solr-admin-ui.adoc index 5f777c4e6d92..e2a071e093d1 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/solr-admin-ui.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/solr-admin-ui.adoc @@ -7,5 +7,5 @@ == {title} -The Solr Admin UI for Solr server configurations can be accessed from a web browser. +The ((Solr Admin UI)) for Solr server configurations can be accessed from a web browser. See https://lucene.apache.org/solr/guide/${solr.docs.version}/using-the-solr-administration-user-interface.html[Using the Solr Administration User Interface] {external-link} for more details. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/solr-synonyms.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/solr-synonyms.adoc index ee40cda81b09..7b9c52d296f2 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/solr-synonyms.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/solr-synonyms.adoc @@ -7,9 +7,9 @@ == {title} -When configured, text searches in Solr will utilize synonyms when attempting to match text within the catalog. +When configured, text searches in Solr utilize synonyms when attempting to match text within the catalog. Synonyms are used during keyword/anyText searches as well as when searching on specific text attributes when using the `like` / `contains` operator. -Text searches using the `equality` / `exact match` operator will not utilize synonyms. +Text searches using the `equality` / `exact match` operator do not utilize synonyms. Solr utilizes a `synonyms.txt` file which exists for each Solr core. Synonym matching is most pertinent to metacards which are contained within 2 cores: `catalog` and `metacard_cache`. diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/updating-system-users.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/updating-system-users.adoc index b3ba11eecebe..cb4bee6eda56 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/updating-system-users.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/updating-system-users.adoc @@ -6,13 +6,14 @@ :order: 04 == {title} +((System users)) By default, all system users are located in the `${home_directory}/etc/users.properties` and `${home_directory}/etc/users.attributes` files. -The default users included in these two files are "admin" and "localhost". +The default users included in these two files are `admin` and `localhost`. The `users.properties` file contains username, password, and role information; while the `users.attributes` file is used to mix in additional attributes. The `users.properties` file must also contain the user corresponding to the fully qualified domain name (FQDN) of the system where ${branding} is running. This FQDN user represents this host system internally when making decisions about what operations the system is capable of performing. -For example, when performing a ${branding} Catalog Ingest, the system's attributes will be checked against any security attributes present on the metacard, prior to ingest, to determine whether or not the system should be allowed to ingest that metacard. +For example, when performing a ${branding} Catalog Ingest, the system's attributes are checked against any security attributes present on the metacard, prior to ingest, to determine whether or not the system should be allowed to ingest that metacard. Additionally, the `users.attributes` file can contain user entries in a regex format. This allows an administrator to mix in attributes for external systems that match a particular regex pattern. @@ -35,19 +36,19 @@ The `users.attributes` file uses a JSON format as shown below: } ---- -For this example, the "admin" user will end up with two additional claims of "test" and "test1" with values of "testValue" and [ "testing1", "testing2", "testing3" ] respectively. -Also, any host matching the regex ".*host.*" would end up with the claim "reg" with the single value of "ex". -The "localhost" user would have no additional attributes mixed in. +For this example, the `"admin"` user ends up with two additional claims of `"test"` and `"test1"` with values of `"testValue"` and `[ "testing1", "testing2", "testing3" ]` respectively. +Also, any host matching the regex `".*host.*"` would end up with the claim `"reg"` with the single value of `"ex"`. +The `"localhost"` user would have no additional attributes mixed in. [WARNING] ==== -It is possible for a regex in `users.attributes` to match users as well as a system, so verify that the regex pattern's scope will not be too great when using this feature. +It is possible for a regex in `users.attributes` to match users as well as a system, so verify that the regex pattern's scope is not too great when using this feature. ==== [WARNING] ==== -If your data will contain security markings, and these markings are being parsed out into the metacard security attributes via a PolicyPlugin, then the FQDN user *MUST* be updated with attributes that would grant the privileges to ingest that data. -Failure to update the FQDN user with sufficient attributes will result in an error being returned for any ingest request. +If your data contains security markings, and these markings are being parsed out into the metacard security attributes via a PolicyPlugin, then the FQDN user *MUST* be updated with attributes that would grant the privileges to ingest that data. +Failure to update the FQDN user with sufficient attributes results in an error being returned for any ingest request. ==== [WARNING] @@ -56,9 +57,9 @@ The following attribute values are not allowed: * `null` * `""` -* a non-String (e.g. `100`, `false`) +* a non-String (for example, `100` or `false`) * an array including any of the above * `[]` -Additionally, attribute names should not be repeated, and the order that the attributes are defined and the order of values within an array will be ignored. +Additionally, attribute names should not be repeated, and the order that the attributes are defined and the order of values within an array is ignored. ==== diff --git a/distribution/docs/src/main/resources/content/_managing/_configuring/web-context-policy-manager.adoc b/distribution/docs/src/main/resources/content/_managing/_configuring/web-context-policy-manager.adoc index 6356b2043e22..8a51e3cc31a7 100644 --- a/distribution/docs/src/main/resources/content/_managing/_configuring/web-context-policy-manager.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_configuring/web-context-policy-manager.adoc @@ -7,7 +7,7 @@ == {title} -The Web Context Policy Manager defines all security policies for REST endpoints within ${branding}. +The ((Web Context Policy Manager)) defines all security policies for REST endpoints within ${branding}. It defines: * the type of authentication for web pages (such as /admin and /search) and endpoints (context paths that start with /services) @@ -17,15 +17,16 @@ It defines: See <<{reference-prefix}org.codice.ddf.security.policy.context.impl.PolicyManager, Web Context Policy Manager Configurations>> for detailed descriptions of all fields. === Guest Access -Guest access is a toggleable configuration. -Enabling guest access will cause all users to be assigned a guest principal for use throughout the entire system. -The guest principal will be used either by itself or along with any other principals acquired from configured authentication types. +((Guest access)) is a toggleable configuration. +Enabling guest access causes all users to be assigned a guest principal for use throughout the entire system. +The guest principal is used either by itself or along with any other principals acquired from configured authentication types. === Session Storage Enabling session storage allows the system to persist the user login through the use of cookies. Note that the `SAML` and `OIDC` authentication types require session storage to be enabled. === Authentication Types +(((Authentication Types))) Through the Web Context Policy Manager, authentication types for ${branding} may be configured with the following format: @@ -51,7 +52,7 @@ The `web-context-policy-config.properties` file format is: [WARNING] ==== If the file-based configuration is used, the *authentication type* configuration for web pages and endpoints in the ${admin-console} is ignored. -All other configurations in the Web Context Policy Manager such as Guest Access, Required Attributes, and White Listed Contexts will *not* be ignored. +All other configurations in the Web Context Policy Manager such as Guest Access, Required Attributes, and White Listed Contexts are *not* ignored. ==== .Default Types of Authentication @@ -77,11 +78,11 @@ All other configurations in the Web Context Policy Manager such as Guest Access, ==== Terminating and Non-Terminating Authentication Types Terminating authentication types are authentication types where, once hit, must either allow or forbid access to the system. -No other authentication types will be checked once a terminating authentication type is hit. +No other authentication types are checked once a terminating authentication type is hit. Non-Terminating authentication types are authentication types where, once hit, must first verify that the client supports the authentication type's method of obtaining credentials. If the client supports the non-terminating authentication type's method of obtaining credentials, it either allows or forbids access to the system. -However if the client does not support the non-terminating authentication type's method of obtaining credentials, the system will continue to the next configured authentication type. +However if the client does not support the non-terminating authentication type's method of obtaining credentials, the system continues to the next configured authentication type. `PKI` is the only non-terminating authentication type. `BASIC`, `OIDC`, and `SAML` are terminating authentication types. @@ -93,10 +94,10 @@ The system first checks to see if the client supports the acquisition of SAML cr - If the connecting client is a machine that supports SAML ECP, the system can acquire SAML credentials. - If the connecting client is a machine that does not support SAML ECP, the system cannot acquire SAML credentials. -If the system can acquire SAML credentials from the client, the system will attempt to acquire said credentials and either allow or forbid access. -If the system cannot acquire SAML credentials from the client, the system will forbid access. +If the system can acquire SAML credentials from the client, the system attempts to acquire said credentials and either allow or forbid access. +If the system cannot acquire SAML credentials from the client, the system forbids access. -Otherwise, if ${branding} is protected by the non-terminating `PKI` authorization type and the system cannot acquire PKI certificates from the client, the system will continue to the next configured authentication type. +Otherwise, if ${branding} is protected by the non-terminating `PKI` authorization type and the system cannot acquire PKI certificates from the client, the system continues to the next configured authentication type. === Required Attributes @@ -105,5 +106,5 @@ For example, the default required attribute for the `/admin` context is `role=sy === White Listed Contexts -White listed contexts are trusted contexts which will bypass security. -Any sub-contexts of a white listed context will be white listed as well, unless they are specifically assigned a policy. +White listed contexts are trusted contexts which bypass security. +Any sub-contexts of a white listed context are white listed as well, unless they are specifically assigned a policy. diff --git a/distribution/docs/src/main/resources/content/_managing/_datamanagement/attributes-added-by-attribute-injection.adoc b/distribution/docs/src/main/resources/content/_managing/_datamanagement/attributes-added-by-attribute-injection.adoc index 9ef5617923fc..13e80253a353 100644 --- a/distribution/docs/src/main/resources/content/_managing/_datamanagement/attributes-added-by-attribute-injection.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_datamanagement/attributes-added-by-attribute-injection.adoc @@ -17,7 +17,7 @@ A <<{integrating-prefix}metacard_type,Metacard Type>> indicates the attributes a Attribute values can only be set/modified if the attribute exists in the metacard's metacard type. Attributes are initially injected with blank values. -However, if an attempt is made to inject an attribute that already exists, the attribute will retain the original value. +However, if an attempt is made to inject an attribute that already exists, the attribute retains the original value. ==== See <<{metadata-prefix}catalog_taxonomy_definitions,Catalog Taxonomy Definitions>> for a list of attributes injected by default. + diff --git a/distribution/docs/src/main/resources/content/_managing/_datamanagement/attributes-added-by-pre-ingest-plugins.adoc b/distribution/docs/src/main/resources/content/_managing/_datamanagement/attributes-added-by-pre-ingest-plugins.adoc index aa652f0ca476..98d0a8ab12f8 100644 --- a/distribution/docs/src/main/resources/content/_managing/_datamanagement/attributes-added-by-pre-ingest-plugins.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_datamanagement/attributes-added-by-pre-ingest-plugins.adoc @@ -10,5 +10,5 @@ The <<{architecture-prefix}pre_ingest_plugins,Pre-Ingest Plugins>> are responsible for setting attribute fields on metacards before they are stored in the catalog. * The <<{architecture-prefix}expiration_date_pre_ingest_plugin,Expiration Date Pre-Ingest Plugin>> adds or updates expiration dates which can be used later for archiving old data. -* The <<{architecture-prefix}geocoder_plugin,Geocoder Plugin>> is responsible for populating the metacard’s `Location.COUNTRY_CODE` attribute if the metacard has an associated location. If the metacard’s country code is already populated, the plugin will not override it. -* The <<{architecture-prefix}metacard_groomer,Metacard Groomer>> plugin adds/updates IDs and timestamps to the created metacard. \ No newline at end of file +* The <<{architecture-prefix}geocoder_plugin,Geocoder Plugin>> is responsible for populating the metacard’s `Location.COUNTRY_CODE` attribute if the metacard has an associated location. If the metacard’s country code is already populated, the plugin does not override it. +* The <<{architecture-prefix}metacard_groomer,Metacard Groomer>> plugin adds/updates IDs and timestamps to the created metacard. diff --git a/distribution/docs/src/main/resources/content/_managing/_datamanagement/attributes-added-on-query.adoc b/distribution/docs/src/main/resources/content/_managing/_datamanagement/attributes-added-on-query.adoc index 2c17246dc190..b538815345a7 100644 --- a/distribution/docs/src/main/resources/content/_managing/_datamanagement/attributes-added-on-query.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_datamanagement/attributes-added-on-query.adoc @@ -7,4 +7,4 @@ == {title} -Metacards resulting from a query will undergo <<{managing-prefix}attributes_added_by_attribute_injection,Attribute Injection>>, then have their <<{managing-prefix}attributes_added_by_attribute_overrides_query,Attributes Overridden>>. +Metacards resulting from a query undergo <<{managing-prefix}attributes_added_by_attribute_injection,Attribute Injection>>, then have their <<{managing-prefix}attributes_added_by_attribute_overrides_query,Attributes Overridden>>. diff --git a/distribution/docs/src/main/resources/content/_managing/_datamanagement/overriding-attributes.adoc b/distribution/docs/src/main/resources/content/_managing/_datamanagement/overriding-attributes.adoc index d6826efa0964..c83666cb233f 100644 --- a/distribution/docs/src/main/resources/content/_managing/_datamanagement/overriding-attributes.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_datamanagement/overriding-attributes.adoc @@ -25,4 +25,4 @@ Attribute overrides are available for the following ingest methods: .. *Confluence Connected Source*. .. *Confluence Federated Source*. . Select *Attribute Overrides*. -. Enter the key-value pair for the attribute to override and the value(s) to set. +. Enter the key-value pair for the attribute to override and the values to set. diff --git a/distribution/docs/src/main/resources/content/_managing/_datamanagement/schematron-validation.adoc b/distribution/docs/src/main/resources/content/_managing/_datamanagement/schematron-validation.adoc index 70f0bd251045..4d74525c8749 100644 --- a/distribution/docs/src/main/resources/content/_managing/_datamanagement/schematron-validation.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_datamanagement/schematron-validation.adoc @@ -6,6 +6,7 @@ :summary: Adding Schematron Validation Services. == {title} +(((Schematron))) ${branding} uses https://github.com/schematron[Schematron Validation] {external-link} to validate metadata ingested into the catalog. diff --git a/distribution/docs/src/main/resources/content/_managing/_installing/configure-single-sign-on.adoc b/distribution/docs/src/main/resources/content/_managing/_installing/configure-single-sign-on.adoc index 9b3f942a0693..09cc944b4b00 100644 --- a/distribution/docs/src/main/resources/content/_managing/_installing/configure-single-sign-on.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_installing/configure-single-sign-on.adoc @@ -7,7 +7,8 @@ .[[_configuring_sso]]Configure Single Sign On (SSO) **** -Configure Single Sign On method: SAML or OIDC. +Configure Single Sign On method for SAML or OIDC. +(((Single Sign On, SSO))) .SAML SSO Enter the URLs for the IdP metatdata and set other options. @@ -18,12 +19,12 @@ Configure ${BRANDING}'s internal Identity Provider Server. . *_SP Metadata_*: The metatada of the desired Service Provider to connect to the internal IdP. Can be configured as an HTTPS URL (`https://`), file URL (`file:`), or an XML block (`<md:EntityDescriptor>...</md:EntityDescriptor>`). . *_Require Signed AuthnRequests_*: -Toggle whether or not to require signed `AuthnRequests`. When off, unsigned `AuthnRequests` will be rejected. +Toggle whether or not to require signed `AuthnRequests`. When off, unsigned `AuthnRequests` are rejected. -. *_Limit RelayStates to 80 Bytes_*: Toggle whether or not to restrict the `RelayState` length to 80 bytes. The SAML specification requires a maximum length of 80 bytes. When on, messages with `RelayStates` over 80 bytes will be rejected. Only disable if this length is not enforced by the IdP being connected. +. *_Limit RelayStates to 80 Bytes_*: Toggle whether or not to restrict the `RelayState` length to 80 bytes. The SAML specification requires a maximum length of 80 bytes. When on, messages with `RelayStates` over 80 bytes are rejected. Only disable if this length is not enforced by the IdP being connected. . *_Cookie Expiration Time (minutes)_*: -Sets the cookie expiration time for Single Sign On, which determines how long the internal IdP will cache SAML assertions for later use. This value should match the lifetime of SAML assertions. +Sets the cookie expiration time for Single Sign On, which determines how long the internal IdP caches SAML assertions for later use. This value should match the lifetime of SAML assertions. IdP Client:: Configure handling of incoming requests where SAML authentication is enabled. @@ -32,7 +33,7 @@ Configure handling of incoming requests where SAML authentication is enabled. The metadata of the desired IdP to authenticate with. Can be configured as an HTTPS URL (`https://`), file URL (`file:`), or an XML block (`<md:EntityDescriptor>...</md:EntityDescriptor>`). . *_Perform User-Agent Check_*: -If selected, this will allow clients that do not support ECP and are not browsers to fall back to PKI, BASIC, and potentially GUEST authentication, if enabled. +If selected, this allows clients that do not support ECP and are not browsers to fall back to PKI, BASIC, and potentially GUEST authentication, if enabled. .OIDC Select the IdP type desired and set other options as needed. @@ -41,7 +42,7 @@ OIDC Handler Configuration:: Configurations relating to handling incoming requests where OIDC authentication is enabled. . *_IdP Type_*: -The type of IdP that OIDC will be authenticating with. +The type of IdP to authenticate with OIDC. . *_Client ID_*: Unique ID for the client. This may be provided by the Identity Provider. diff --git a/distribution/docs/src/main/resources/content/_managing/_installing/file-system-access.adoc b/distribution/docs/src/main/resources/content/_managing/_installing/file-system-access.adoc index f5c5ef4bf69a..8e46f1e603b6 100644 --- a/distribution/docs/src/main/resources/content/_managing/_installing/file-system-access.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_installing/file-system-access.adoc @@ -10,13 +10,14 @@ Restrict access to sensitive files by ensuring that the only users with access privileges are administrators. Within the `${home_directory}`, a directory is created named ${branding-lowercase}-${project.version}. -This directory will be referred to in the documentation as `${home_directory}`. +This directory is referred to in the documentation as `${home_directory}`. . Do not assume the deployment is from a trusted source; verify its origination. -. Check the available storage space on the system to ensure the deployment will not exceed the available space. +. Check the available storage space on the system to ensure the deployment does not exceed the available space. . Set maximum storage space on the `${home_directory}/deploy` and `${home_directory}/system` directories to restrict the amount of space used by deployments. === Setting Directory Permissions +(((Setting Directory Permissions))) * *{hardening-step}* @@ -72,7 +73,7 @@ Set directory permissions to protect the ${branding} from unauthorized access. The amount of memory allocated to the Java Virtual Machine host ${branding} by the operating system can be increased by updating the `setenv` script: -.Setenv Scripts: *NIX +.Setenv Scripts (*NIX) ---- ${home_directory}/bin/setenv Update the JAVA_OPTS -Xmx value @@ -80,7 +81,7 @@ ${home_directory}/bin/setenv-wrapper.conf Update the wrapper.java.additional -Xmx value ---- -.Setenv Scripts: Windows +.Setenv Scripts (Windows) ---- ${home_directory}/bin/setenv.bat Update the JAVA_OPTS -Xmx value @@ -95,7 +96,7 @@ By default, ${branding} prevents connections to JMX because the system is more s is not enabled. However, many monitoring tools require a JMX connection to the Java Virtual Machine. To enable JMX, update the setenv script: -.Setenv Scripts: *NIX +.Setenv Scripts (*NIX) ---- ${home_directory}/bin/setenv Remove -XX:+DisableAttachMechanism from JAVA_OPTS @@ -103,7 +104,7 @@ ${home_directory}/bin/setenv-wrapper.conf Comment out the -XX:+DisableAttachMechanism line and re-number remainder lines appropriately ---- -.Setenv Scripts: Windows +.Setenv Scripts (Windows) ---- ${home_directory}/bin/setenv.bat Remove -XX:+DisableAttachMechanism from JAVA_OPTS diff --git a/distribution/docs/src/main/resources/content/_managing/_installing/finish-page.adoc b/distribution/docs/src/main/resources/content/_managing/_installing/finish-page.adoc index fdc5eea81e9f..72873fc3496f 100644 --- a/distribution/docs/src/main/resources/content/_managing/_installing/finish-page.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_installing/finish-page.adoc @@ -7,11 +7,11 @@ .Finished Page **** -Upon successful startup, the *Finish* page will redirect to the ${admin-console} to begin further configuration, ingest, or federation. +Upon successful startup, the *Finish* page redirects to the ${admin-console} to begin further configuration, ingest, or federation. [NOTE] ==== -The redirect will only work if the certificates are configured in the browser. + +The redirect only works if the certificates are configured in the browser. + Otherwise the redirect link must be used. ==== diff --git a/distribution/docs/src/main/resources/content/_managing/_installing/firewall-config.adoc b/distribution/docs/src/main/resources/content/_managing/_installing/firewall-config.adoc index ee9f5ba89398..50f7a9f7ebe5 100644 --- a/distribution/docs/src/main/resources/content/_managing/_installing/firewall-config.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_installing/firewall-config.adoc @@ -6,9 +6,10 @@ :order: 09 === Firewall Port Configuration +(((Firewall Port Configuration))) Below is a table listing all of the default ports that ${branding} uses and a description of what they are used for. -Firewalls will need to be configured to open these ports in order for external systems to communicate with ${branding}. +Firewalls need to be configured to open these ports in order for external systems to communicate with ${branding}. .Port List [cols="1a,7a" options="header"] diff --git a/distribution/docs/src/main/resources/content/_managing/_installing/hardware-reqs.adoc b/distribution/docs/src/main/resources/content/_managing/_installing/hardware-reqs.adoc index 89fd2bd0bfa8..c71172aef7c9 100644 --- a/distribution/docs/src/main/resources/content/_managing/_installing/hardware-reqs.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_installing/hardware-reqs.adoc @@ -5,6 +5,7 @@ :order: 00 == Hardware Requirements +(((Hardware Requirements))) ====== @@ -67,5 +68,6 @@ Debian 9 Microsoft Edge + Firefox + Chrome +|=== ===== diff --git a/distribution/docs/src/main/resources/content/_managing/_installing/high-availability-initial-setup-exceptions.adoc b/distribution/docs/src/main/resources/content/_managing/_installing/high-availability-initial-setup-exceptions.adoc index cb18462095ca..a6fdb656034e 100644 --- a/distribution/docs/src/main/resources/content/_managing/_installing/high-availability-initial-setup-exceptions.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_installing/high-availability-initial-setup-exceptions.adoc @@ -10,11 +10,12 @@ These steps are handled differently for the initial setup of a Highly Available Cluster. === Failover Proxy Integration +(((Failover Proxy))) In order to integrate with a failover proxy, the ${branding} node's system properties (in `${home_directory}/etc/custom.system.properties`) must be changed to publish the correct port to external systems and users. This must be done before installing the first ${branding} node. See <<{managing-prefix}high_availability_initial_setup, High Availability Initial Setup>>. -There are two internal port properties that must be changed to whatever ports the ${branding} will use on its system. +There are two internal port properties that must be changed to whatever ports the ${branding} uses on its system. Then there are two external port properties that must be changed to whatever ports the failover proxy is forwarding traffic through. [WARNING] @@ -24,7 +25,7 @@ There may be unexpected behavior otherwise. ==== In the below example, the failover proxy with a hostname of service.org is forwarding https traffic via 8993 and http traffic via 8181. -The ${branding} node will run on 1111 for https and 2222 for http (on the host that it's hosted on). +The ${branding} node runs on 1111 for https and 2222 for http (on the host that it's hosted on). The hostname of the ${branding} must match the hostname of the proxy. [source] ---- @@ -46,7 +47,7 @@ On Windows, this means they must be under the same drive. === Highly Available Security Auditing -A third party tool will have to be used to persist the logs in a highly available manner. +A third party tool must be used to persist the logs in a highly available manner. * Edit the `${home_directory}/etc/org.ops4j.pax.logging.cfg` file to enable log4j2, following the steps in <<{managing-prefix}enabling_fallback_audit_logging, Enabling Fallback Audit Logging>>. * Then put the appropriate log4j2 appender in `${home_directory}/etc/log4j2.xml` to send logs to the chosen third party tool. @@ -70,7 +71,7 @@ This certificate, and any subsequent certificates signed by the Demo CA, are int and should not be used in production. ==== -Certificates need to have Subject Alternative Names (SANs) which will include the host for the failover +Certificates need to have Subject Alternative Names (SANs) which include the host for the failover proxy and for both ${branding} nodes. A certificate with SANs signed by the Demo CA can be obtained by navigating to `${home_directory}/etc/certs/` and, assuming the proxy's hostname is service.org, running the following for UNIX operating systems: @@ -89,7 +90,7 @@ CertNew -cn service.org -san "DNS:service.org" [NOTE] ==== -Systems that use DDF version 2.11.4 or later will automatically get a DNS SAN entry matching the CN +Systems that use DDF version 2.11.4 or later automatically get a DNS SAN entry matching the CN without the need to specify the `-san` argument to the `CertNew` command. ==== @@ -99,5 +100,5 @@ More customization for certs can be achieved by following the steps at === High Availability Installation Profile Instead of having to manually turn features on and off, there is a High Availability installation profile. -This profile will not show up in the UI Installer, but can be installed by executing `profile:install ha` on the command line *instead* of stepping through the UI Installer. -This profile will install all of the High Availability supported features. +This profile does not show up in the UI Installer, but can be installed by executing `profile:install ha` on the command line *instead* of stepping through the UI Installer. +This profile installs all of the High Availability supported features. diff --git a/distribution/docs/src/main/resources/content/_managing/_installing/high-availability-initial-setup.adoc b/distribution/docs/src/main/resources/content/_managing/_installing/high-availability-initial-setup.adoc index deac91153c21..f155edb1eabc 100644 --- a/distribution/docs/src/main/resources/content/_managing/_installing/high-availability-initial-setup.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_installing/high-availability-initial-setup.adoc @@ -6,6 +6,7 @@ :order: 10 == {title} +(((High Availability))) This section describes how to complete the initial setup of ${branding} in a <<{introduction-prefix}introduction_to_high_availability,Highly Available Cluster>>. diff --git a/distribution/docs/src/main/resources/content/_managing/_installing/ie11-configuration.adoc b/distribution/docs/src/main/resources/content/_managing/_installing/ie11-configuration.adoc index 15449abedb6e..66f18199e9b3 100644 --- a/distribution/docs/src/main/resources/content/_managing/_installing/ie11-configuration.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_installing/ie11-configuration.adoc @@ -6,12 +6,13 @@ :order: 09 === Internet Explorer 11 Enhanced Security Configuration +(((Internet Explorer 11 Enhanced Security Configuration))) Below are steps listing all of the changes that ${branding} requires to run on Internet Explorer 11 and several additional considerations to keep in mind. . In the IE11 `Settings` > `Compatibility View Settings` dialog, un-check `Display intranet sites in Compatibility View`. . In the `Settings` > `Internet Options` > `Security` tab, `Local intranet` zone: -.. Click the `Sites` > `Advanced` button, add the current host name to the list, e.g., https://windows-host-name.domain.edu, and close the dialog. +.. Click the `Sites` > `Advanced` button, add the current host name to the list, such as \https://windows-host-name.domain.edu, and close the dialog. .. Make sure the security level for the `Local intranet` zone is set to `Medium-low` in `Custom level...`. ... `Enable Protected Mode` is checked by default, but it may need to be disabled if the above changes do not fully resolve access issues. . Restart the browser. diff --git a/distribution/docs/src/main/resources/content/_managing/_installing/initial-startup.adoc b/distribution/docs/src/main/resources/content/_managing/_installing/initial-startup.adoc index 74d59f3dc2a2..d46ac93d7923 100644 --- a/distribution/docs/src/main/resources/content/_managing/_installing/initial-startup.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_installing/initial-startup.adoc @@ -6,6 +6,7 @@ :order: 02 == Initial Startup +(((Initial Startup))) Run the ${branding} using the appropriate script. @@ -52,7 +53,7 @@ Bundle fragments are distinguished from other bundles in the command line consol Bundle fragments remain in the *Resolved* state and can never move to the *Active* state. ==== -.Example: Bundle Fragment in the Command Line Console +.Example Bundle Fragment in the Command Line Console ---- 96 | Resolved | 80 | 2.10.0.SNAPSHOT | DDF :: Platform :: PaxWeb :: Jetty Config, Hosts: 90 ---- @@ -86,7 +87,7 @@ During ${branding} installation, the major directories and files shown in the ta |Log file that records user interactions with the system for auditing purposes. |`deploy` -|Hot-deploy directory – KARs and bundles added to this directory will be hot-deployed (Empty upon ${branding} installation) +|Hot-deploy directory – KARs and bundles added to this directory are hot-deployed (Empty upon ${branding} installation) |`documentation` |HTML and PDF copies of ${branding} documentation. diff --git a/distribution/docs/src/main/resources/content/_managing/_installing/install-prereqs.adoc b/distribution/docs/src/main/resources/content/_managing/_installing/install-prereqs.adoc index a69d049589df..4a2865755985 100644 --- a/distribution/docs/src/main/resources/content/_managing/_installing/install-prereqs.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_installing/install-prereqs.adoc @@ -9,7 +9,7 @@ [WARNING] ==== -For security reasons, ${branding} cannot be started from a user's home directory. If attempted, the system will automatically shut down. +For security reasons, ${branding} cannot be started from a user's home directory. If attempted, the system automatically shuts down. ==== These are the system/environment requirements to configure _prior_ to an installation. diff --git a/distribution/docs/src/main/resources/content/_managing/_installing/install-with-zip.adoc b/distribution/docs/src/main/resources/content/_managing/_installing/install-with-zip.adoc index 4fbee8925485..5eb78fe1f986 100644 --- a/distribution/docs/src/main/resources/content/_managing/_installing/install-with-zip.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_installing/install-with-zip.adoc @@ -17,7 +17,7 @@ To install the ${branding} distribution zip, perform the following: . Download the ${branding} {download-url}[zip file] {external-link}. . After the <<{managing-prefix}installation_prerequisites,prerequisites>> have been met, change the current directory to the desired install directory, creating a new directory if desired. -This will be referred to as `${home_directory}`. +This is referred to as `${home_directory}`. + .Windows Pathname Warning [WARNING] @@ -26,24 +26,24 @@ Do not use spaces in directory or file names of the `${home_directory}` path. For example, do not install in the default `Program Files` directory. ==== + -.Example: Create a Directory (Windows and *NIX) +.Example Create a Directory (Windows and *NIX) ---- mkdir new_installation ---- + .. Use a Non-`root` User on *NIX. (Windows users skip this step) + -It is recommended that the `root` user create a new install directory that can be owned by a non-`root` user (e.g., ${branding}_USER). +It is recommended that the `root` user create a new install directory that can be owned by a non-`root` user (such as ${branding}_USER). This can be a new or existing user. This ${branding}_USER can now be used for the remaining installation instructions. -.. Create a new group or use an existing group (e.g., ${branding}_GROUP) (Windows users skip this step) +.. Create a new group or use an existing group (such as ${branding}_GROUP) (Windows users skip this step) + -.Example: Add New Group on *NIX +.Example Add New Group on *NIX ---- groupadd ${branding}_GROUP ---- + -.Example: Switch User on *NIX +.Example Switch User on *NIX ---- chown ${branding}_USER:${branding}_GROUP new_installation @@ -100,5 +100,5 @@ Instead, use the java jar command line utility to unzip the distribution (see ex ---- The unzipping process may take time to complete. -The command prompt will stop responding to input during this time. +The command prompt stops responding to input during this time. ==== diff --git a/distribution/docs/src/main/resources/content/_managing/_installing/installing-from-the-command-line.adoc b/distribution/docs/src/main/resources/content/_managing/_installing/installing-from-the-command-line.adoc index 446fd19088fe..bb7c66f7a9bd 100644 --- a/distribution/docs/src/main/resources/content/_managing/_installing/installing-from-the-command-line.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_installing/installing-from-the-command-line.adoc @@ -25,5 +25,5 @@ The certificates must be set up manually as described in <<{managing-prefix}mana [NOTE] ==== -The system will need to be restarted after changing any of these settings. +The system needs to be restarted after changing any of these settings. ==== diff --git a/distribution/docs/src/main/resources/content/_installing/java-reqs.adoc b/distribution/docs/src/main/resources/content/_managing/_installing/java-reqs.adoc similarity index 99% rename from distribution/docs/src/main/resources/content/_installing/java-reqs.adoc rename to distribution/docs/src/main/resources/content/_managing/_installing/java-reqs.adoc index 463d06f7e4cd..b63974a37097 100644 --- a/distribution/docs/src/main/resources/content/_installing/java-reqs.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_installing/java-reqs.adoc @@ -5,6 +5,7 @@ :order: 01 == Java Requirements +(((Java Requirements))) For a runtime system: * https://www.oracle.com/technetwork/java/javase/downloads/jre8-downloads-2133155.html[JRE 8 x64] {external-link} or https://openjdk.java.net/install[OpenJDK 8 JRE] {external-link} must be installed. diff --git a/distribution/docs/src/main/resources/content/_managing/_running/catalog-backup.adoc b/distribution/docs/src/main/resources/content/_managing/_running/catalog-backup.adoc index 53bcea36abb9..15386c20739b 100644 --- a/distribution/docs/src/main/resources/content/_managing/_running/catalog-backup.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_running/catalog-backup.adoc @@ -6,7 +6,7 @@ == {title} -To backup local catalog records, a Catalog Backup Plugin is available. +To backup local catalog records, a ((Catalog Backup Plugin)) is available. It is not installed by default for performance reasons. See <<{developing-prefix}catalog_backup_plugin,Catalog Backup Plugin>> for installation and configuration instructions). diff --git a/distribution/docs/src/main/resources/content/_managing/_running/catalog-commands.adoc b/distribution/docs/src/main/resources/content/_managing/_running/catalog-commands.adoc index 4328410d6ea5..bf4379e2992a 100644 --- a/distribution/docs/src/main/resources/content/_managing/_running/catalog-commands.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_running/catalog-commands.adoc @@ -47,7 +47,7 @@ Provides a list of environment variables. |Provides the various fields of a metacard for inspection. |catalog:latest -|Retrieves the latest records from the Catalog based on the Core.METACARD_MODIFIED date. +|Retrieves the latest records from the Catalog based on the `Core.METACARD_MODIFIED` date. |catalog:range |Searches by the given range arguments (exclusively). @@ -78,10 +78,11 @@ Provides a list of environment variables. .catalog:dump Options The `catalog:dump` command provides selective export of metacards based on date ranges. The `--created-after` and `--created-before` options allow filtering on the date and time that the metacard was created, while `--modified-after` and `--modified-before` options allow filtering on the date and time that the metacard was last modified (which is the created date if no other modifications were made). -These date ranges are exclusive (i.e., if the date and time match exactly, the metacard will not be included). +These date ranges are exclusive (that is, if the date and time match exactly, the +metacard is not included). [[_date_filtering_options]]The date filtering options (`--created-after`, `--created-before`, `--modified-after`, and `--modified-before`) can be used in any combination, with the export result including only metacards that match all of the provided conditions. -If no date filtering options are provided, created and modified dates are ignored, so that all metacards match. +If no date filtering options are provided, `created` and `modified` dates are ignored, so that all metacards match. .Date Syntax Supported dates are taken from the common subset of ISO8601, matching the datetime from the following syntax: diff --git a/distribution/docs/src/main/resources/content/_managing/_running/command-scheduler.adoc b/distribution/docs/src/main/resources/content/_managing/_running/command-scheduler.adoc index 49a2b925a63f..d748d5c4a561 100644 --- a/distribution/docs/src/main/resources/content/_managing/_running/command-scheduler.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_running/command-scheduler.adoc @@ -7,7 +7,7 @@ == {title} -The Command Scheduler allows administrators to schedule Command Line Commands to be run at specified intervals. +The ((Command Scheduler)) allows administrators to schedule Command Line Commands to be run at specified intervals. The Command Scheduler allows administrators to schedule Command Line Shell Commands to be run in a platform-independent way. For instance, if an administrator wanted to use the Catalog commands to export all records of a Catalog to a directory, the administrator could write a cron job or a scheduled task to remote into the container and execute the command. @@ -15,11 +15,11 @@ Writing these types of scripts are specific to the administrator's operating sys The administrator can also create a Command Schedule, which currently requires only two fields. The Command Scheduler only runs when the container is running, so there is no need to verify if the container is up. In addition, when the container is restarted, the commands are rescheduled and executed again. -A command will be repeatedly executed indefinitely according to the configured interval until the container is shutdown or the Scheduled Command is deleted. +A command is repeatedly executed indefinitely according to the configured interval until the container is shutdown or the Scheduled Command is deleted. [NOTE] ==== -There will be further attempts to execute the command according to the configured interval even if an attempt fails. +Further attempts are made to execute the command according to the configured interval even if an attempt fails. See the log for details about failures. ==== @@ -31,14 +31,14 @@ Configure the Command Scheduler to execute a command at specific intervals. . Select the *${ddf-platform}* application. . Click on the *Configuration* tab. . Select *Platform Command Scheduler*. -. Enter the command or commands to be executed in the *Command* text field. Commands can be separated by a semicolon and will execute in order from left to right. +. Enter the command or commands to be executed in the *Command* text field. Commands can be separated by a semicolon and execute in order from left to right. . Enter an interval in the *Interval* field. This can either be a Quartz Cron expression or a positive integer (seconds) (e.x. `0 0 0 1/1 * ? *` or `12`). . Select the interval type in the *Interval Type* drop-down. . Click the *Save changes* button. [NOTE] ==== -Scheduling commands will be delayed by 1 minute to allow time for bundles to load when ${branding} is starting up. +Scheduling commands are delayed by 1 minute to allow time for bundles to load when ${branding} is starting up. ==== === Updating a Scheduled Command @@ -55,7 +55,7 @@ Scheduled commands have the following syntax: `${ddf-branding-lowercase}.platfor === Output of Scheduled Commands -Commands that normally write out to the console will write out to the log. +Commands that normally write out to the console write out to the log. For example, if an `echo "Hello World"` command is set to run every five seconds, the log contains the following: .Sample Command Output in the Log diff --git a/distribution/docs/src/main/resources/content/_managing/_running/console-commands.adoc b/distribution/docs/src/main/resources/content/_managing/_running/console-commands.adoc index 3b3257507960..5d9f6c66ecc7 100644 --- a/distribution/docs/src/main/resources/content/_managing/_running/console-commands.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_running/console-commands.adoc @@ -5,8 +5,9 @@ :order: 00 == {title} +((({title}))) -Once the distribution has started, administrators will have access to a powerful command line console, the ${command-console}. +Once the distribution has started, administrators have access to a powerful command line console, the ${command-console}. This ${command-console} can be used to manage services, install new features, and manage the state of the system. The ${command-console} is available to the user when the distribution is started manually or may also be accessed by using the `bin/client.bat` or `bin/client` scripts. diff --git a/distribution/docs/src/main/resources/content/_managing/_running/cql-syntax.adoc b/distribution/docs/src/main/resources/content/_managing/_running/cql-syntax.adoc index 87f48ff7eeac..166fdc14ed43 100644 --- a/distribution/docs/src/main/resources/content/_managing/_running/cql-syntax.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_running/cql-syntax.adoc @@ -7,7 +7,7 @@ == {title} -The CQL syntax used with console commands should follow the OGC CQL format. +The ((CQL syntax)) used with console commands should follow the OGC CQL format. GeoServer provides a description of the grammar and examples in this http://docs.geoserver.org/stable/en/user/tutorials/cql/cql_tutorial.html[CQL Tutorial] {external-link}. .CQL Syntax Examples diff --git a/distribution/docs/src/main/resources/content/_managing/_running/ddf-service.adoc b/distribution/docs/src/main/resources/content/_managing/_running/ddf-service.adoc index 6e39e519caa2..03e49710028a 100644 --- a/distribution/docs/src/main/resources/content/_managing/_running/ddf-service.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_running/ddf-service.adoc @@ -5,27 +5,31 @@ :project: ${branding} :order: 07 -==== {title} +== {title} +((({title}))) -===== Running as a Service with Automatic Start on System Boot +=== Running as a Service with Automatic Start on System Boot Because ${branding} is built on top of Apache Karaf, ${branding} can use the Karaf Wrapper to run ${branding} as a service and enable automatic startup and shutdown. -When ${branding} is started using Karaf Wrapper, new `wrapper.log` and `wrapper.log.n` (where n goes from 1 to 5 by default) log files will be generated to include wrapper and console specific information. +When ${branding} is started using Karaf Wrapper, new `wrapper.log` and `wrapper.log.n` (where n goes from 1 to 5 by default) log files are generated to include wrapper and console specific information. [WARNING] ==== When installing as a service on *NIX, do not use spaces in the path for ${home_directory} as the service scripts that are generated by the wrapper cannot handle spaces. ==== + [WARNING] ==== Ensure that JAVA_HOME is properly set before beginning this process. See <<{introduction-prefix}java_requirements,Java Requirements>>. ==== + [WARNING] ==== Install a profile on the first start of the system. -Attempting to install a profile after the first start (i.e. when starting as a service) may cause issues. +Attempting to install a profile after the first start (such as when starting as a service) may cause issues. ==== + [WARNING] ==== If using the default Security Manager, the service should be ran as the user who installed the service in order to avoid permission issues. @@ -95,7 +99,7 @@ ${home_directory}\bin\${branding-lowercase}-service.bat install Startup and shutdown settings can then be managed through *Services -> MMC Start -> Control Panel -> Administrative Tools -> Services*. -===== Karaf Documentation +=== Karaf Documentation Because ${branding} is built on top of Apache Karaf, more information on operating ${branding} can be found in the http://karaf.apache.org/index/documentation.html[Karaf documentation] {external-link}. diff --git a/distribution/docs/src/main/resources/content/_managing/_running/directory-monitor-ingest.adoc b/distribution/docs/src/main/resources/content/_managing/_running/directory-monitor-ingest.adoc index 906058030959..84ea7e096633 100644 --- a/distribution/docs/src/main/resources/content/_managing/_running/directory-monitor-ingest.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_running/directory-monitor-ingest.adoc @@ -7,11 +7,11 @@ == {title} -The ${ddf-catalog} application contains a Content Directory Monitor feature that allows files placed in a single directory to be monitored and ingested automatically. +The ${ddf-catalog} application contains a ((Content Directory Monitor)) feature that allows files placed in a single directory to be monitored and ingested automatically. For more information about configuring a directory to be monitored, see <<{managing-prefix}configuring_the_content_directory_monitor,Configuring the Content Directory Monitor>>. -Files placed in the monitored directory will be ingested automatically. -If a file cannot be ingested, they will be moved to an automatically-created directory named `.errors`. +Files placed in the monitored directory are ingested automatically. +If a file cannot be ingested, they are moved to an automatically created directory named `.errors`. More information about the ingest operations can be found in the ingest log. The default location of the log is `${home_directory}/data/log/ingest_error.log`. Optionally, ingested files can be automatically moved to a directory called `.ingested`. diff --git a/distribution/docs/src/main/resources/content/_managing/_running/external-ingest.adoc b/distribution/docs/src/main/resources/content/_managing/_running/external-ingest.adoc index ac0f39703fd7..c40d31b3f599 100644 --- a/distribution/docs/src/main/resources/content/_managing/_running/external-ingest.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_running/external-ingest.adoc @@ -25,9 +25,9 @@ Where: + *-X* specifies the type of HTTP operation. For this example, it is necessary to POST (ingest) data to the server. + *-d* specifies the data sent in the POST request. The `${at-symbol}` character is necessary to specify that the data is a file. + -The last parameter is the URL of the server that will receive the data. +The last parameter is the URL of the server receiving the data. -This should return a response similar to the following (the actual catalog ID in the id and Location URL fields will be different): +This should return a response similar to the following (the actual catalog ID in the id and Location URL fields are different): .Sample Response [source,http,linenums] @@ -40,7 +40,7 @@ Location: ${secure_url}/services/catalog/44dc84da101c4f9d9f751e38d9c4d97b Server: Jetty(7.5.4.v20111024) ---- -. Use a web browser to verify a file was successfully ingested. Enter the URL returned in the response's HTTP header in a web browser. For instance in our example, it was `/services/catalog/44dc84da101c4f9d9f751e38d9c4d97b`. The browser will display the catalog entry as XML in the browser. +. Use a web browser to verify a file was successfully ingested. Enter the URL returned in the response's HTTP header in a web browser. For instance in the example, it was `/services/catalog/44dc84da101c4f9d9f751e38d9c4d97b`. The browser displays the catalog entry as XML in the browser. . Verify the catalog entry exists by executing a query via the OpenSearch endpoint. . Enter the following URL in a browser `/services/catalog/query?q=${branding-lowercase}`. A single result, in Atom format, should be returned. @@ -52,4 +52,4 @@ curl -k -X POST -i -H "Content-Type: multipart/mixed" -F parse.resource=@/path/t ---- More information about the ingest operations can be found in the ingest log. -The default location of the log is `${home_directory}/data/log/ingest_error.log`. \ No newline at end of file +The default location of the log is `${home_directory}/data/log/ingest_error.log`. diff --git a/distribution/docs/src/main/resources/content/_managing/_running/forms-commands.adoc b/distribution/docs/src/main/resources/content/_managing/_running/forms-commands.adoc index 9d896a425547..d948ceca4d9b 100644 --- a/distribution/docs/src/main/resources/content/_managing/_running/forms-commands.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_running/forms-commands.adoc @@ -7,8 +7,8 @@ == {title} -System search provide a way to execute queries with pre-defined templates and search criteria. System search forms are loaded -via the system and are read-only. This command allows an administrator to ingest, modify or remove system search forms within the system. +((System search)) provide a way to execute queries with pre-defined templates and search criteria. System search forms are loaded +via the system and are read-only. This command allows an administrator to ingest, modify, or remove system search forms within the system. .Loading Forms With Defaults ---- @@ -21,13 +21,13 @@ forms:load --formsDirectory "/etc/forms" --forms "forms.json" --results "results ---- Where: + -*-formsDirectory* Specifies the directory in which the forms JSON and XML will reside +*-formsDirectory* Specifies the directory in which the forms JSON and XML reside. -*-results* Specifies the file name of the `results.json` file +*-results* Specifies the file name of the `results.json` file. -*-forms* Specifies the file name of the `forms.json` file +*-forms* Specifies the file name of the `forms.json` file. -It's important to note that `forms:load` will fallback to the system default location for forms, results and the forms directory. The defaults are as follows: +It's important to note that `forms:load` falls back to the system default location for forms, results and the forms directory. The defaults are as follows: ``` formsDirectory: "/etc/forms" forms: "forms.json" @@ -38,7 +38,7 @@ Example search forms and result form data can be found in `${home_directory}/etc Managing Forms -In addition to ingesting new system forms into the system, we provide the capability to manage the forms, view the forms and remove them. +In addition to ingesting new system forms into the system, you have the capability to manage the forms, view the forms and remove them. .Viewing All Forms ---- diff --git a/distribution/docs/src/main/resources/content/_managing/_running/ingest-command.adoc b/distribution/docs/src/main/resources/content/_managing/_running/ingest-command.adoc index f9164ad5fdc7..aa288c8981ad 100644 --- a/distribution/docs/src/main/resources/content/_managing/_running/ingest-command.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_running/ingest-command.adoc @@ -6,6 +6,7 @@ :order: 00 == {title} +((({title}))) The ${command-console} has a command-line option for ingesting data. @@ -19,8 +20,8 @@ The syntax for the ingest command is `ingest -t ` -Select the `` based on the type of file(s) ingested. -Metadata will be extracted if it exists in a format compatible with the transformer. +Select the `` based on the type of files ingested. +Metadata is extracted if it exists in a format compatible with the transformer. The default transformer is the <<{developing-prefix}xml_input_transformer,XML input transformer>>, which supports the metadata schema `catalog:metacard`. To see a list of all transformers currently installed, and the file types supported by each, run the `catalog:transformers` command. diff --git a/distribution/docs/src/main/resources/content/_managing/_running/ingesting.adoc b/distribution/docs/src/main/resources/content/_managing/_running/ingesting.adoc index 0fe8345f6824..b4198f234ee3 100644 --- a/distribution/docs/src/main/resources/content/_managing/_running/ingesting.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_running/ingesting.adoc @@ -6,7 +6,7 @@ == {title} -Ingesting is the process of getting metacard(s) into the Catalog Framework. +((Ingesting)) is the process of getting metacards into the Catalog Framework. Ingested files are "transformed" into a neutral format that can be searched against as well as migrated to other formats and systems. There are multiple methods available for ingesting files into the ${branding}. diff --git a/distribution/docs/src/main/resources/content/_managing/_running/manual-removal-expired.adoc b/distribution/docs/src/main/resources/content/_managing/_running/manual-removal-expired.adoc index 54149cf2e53f..6781233a94f9 100644 --- a/distribution/docs/src/main/resources/content/_managing/_running/manual-removal-expired.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_running/manual-removal-expired.adoc @@ -30,7 +30,7 @@ The `--expired` option is to remove only expired records. [IMPORTANT] ==== -If the `--expired` option is omitted, then all records will be removed from the Catalog. +If the `--expired` option is omitted, then all records are removed from the Catalog. ==== The Catalog Command is convenient for removing records but it is not guaranteed to be fast or efficient. Additionally, certain configurations for archiving Catalog records can dramatically slow the process. If efficiency and speed are desired, interact directly with the catalog storage provider to delete records. diff --git a/distribution/docs/src/main/resources/content/_managing/_running/monitoring.adoc b/distribution/docs/src/main/resources/content/_managing/_running/monitoring.adoc index 16278427b8ac..8e9ccd7ef07a 100644 --- a/distribution/docs/src/main/resources/content/_managing/_running/monitoring.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_running/monitoring.adoc @@ -4,48 +4,50 @@ :summary: Monitoring an installed instance. :order: 00 +(((Monitoring))) The ${branding} contains many tools to monitor system functionality, usage, and overall system health. -==== Metrics Reporting +== Metrics Reporting +(((Metrics Reporting))) Metrics are exposed over a Prometheus endpoint at `/metrics`. In order to extract and store the metrics, a Prometheus server is required. A user interface like Grafana can be used to display metrics. -==== Managing Logging +== Managing Logging The ${branding} supports a dynamic and customizable logging system including log level, log format, log output destinations, roll over, etc. -===== Configuring Logging +=== Configuring Logging Edit the configuration file `${home_directory}/etc/org.ops4j.pax.logging.cfg]` -===== ${branding} log file +=== ${branding} log file The name and location of the log file can be changed with the following setting: `log4j.appender.out.file=${home_directory}/data/log/${branding-lowercase}.log` -===== Controlling log level +=== Controlling log level A useful way to debug and detect issues is to change the log level: `log4j.rootLogger=DEBUG, out, osgi:VmLogAppender` -===== Controlling the size of the log file +=== Controlling the size of the log file Set the maximum size of the log file before it is rolled over by editing the value of this setting: `log4j.appender.out.maxFileSize=20MB` -===== Number of backup log files to keep +=== Number of backup log files to keep Adjust the number of backup files to keep by editing the value of this setting: `log4j.appender.out.maxBackupIndex=10` -===== Enabling logging of inbound and outbound SOAP messages for the ${branding} SOAP endpoints +=== Enabling logging of inbound and outbound SOAP messages for the ${branding} SOAP endpoints By default, the ${branding} start scripts include a system property enabling logging of inbound and outbound SOAP messages. @@ -55,13 +57,13 @@ In order to see the messages in the log, one must set the logging level for `org `${branding-lowercase}${at-symbol}local>log:set INFO org.apache.cxf.services` -===== Logging External Resources +=== Logging External Resources Other appenders can be selected and configured. -For more detail on configuring the log file and what is logged to the console see: http://karaf.apache.org/manual/latest/#_log[Karaf Documentation: Log] {external-link}. +For more detail on configuring the log file and what is logged to the console see http://karaf.apache.org/manual/latest/#_log[Log] {external-link} in the Karaf documentation. -===== Enabling HTTP Access Logging +=== Enabling HTTP Access Logging To enable access logs for the current ${branding}, do the following: @@ -88,7 +90,7 @@ To enable access logs for the current ${branding}, do the following: ---- -Change the location of the logs to the desired location. In the settings above, location will default to data/log (same place where the log is located). +Change the location of the logs to the desired location. In the settings above, location defaults to `data/log` (same place where the log is located). The log is using _National Center for Supercomputing Association Applications (NCSA)_ or Common format (hence the class 'NCSARequestLog'). This is the most popular format for access logs and can be parsed by many web server analytics tools. Here is a sample output: @@ -101,19 +103,19 @@ This is the most popular format for access logs and can be parsed by many web se 127.0.0.1 - - [14/Jan/2013:16:21:33 +0000] "GET /favicon.ico HTTP/1.1" 200 0 ---- -===== Using the LogViewer +=== Using the LogViewer * Navigate to the ${admin-console} * Navigate to the *System* tab * Select *Logs* -The LogViewer displays the most recent 500 log messages by default, but will grow to a maximum of 5000 messages. -To view incoming logs, select the *PAUSED* button to toggle it to *LIVE* mode. Switching this back to *PAUSED* will prevent any new logs from being displayed in the LogViewer. Note that this only affects the logs displayed by the LogViewer and does not affect the underlying log. +The ((LogViewer)) displays the most recent 500 log messages by default, but can grow to a maximum of 5000 messages. +To view incoming logs, select the *PAUSED* button to toggle it to *LIVE* mode. Switching this back to *PAUSED* prevents any new logs from being displayed in the LogViewer. Note that this only affects the logs displayed by the LogViewer and does not affect the underlying log. Log events can be filtered by: * Log level (`ERROR`, `WARNING`, etc). -** The LogViewer will display at the currently configured log level for the Karaf logs. +** The LogViewer displays at the currently configured log level for the Karaf logs. *** See <<{managing-prefix}controlling_log_level, Controlling Log Level>> to change log level. * Log message text. * Bundle generating the message. @@ -121,7 +123,7 @@ Log events can be filtered by: [WARNING] ==== It is not recommended to use the LogViewer if the system logger is set to a low reporting level such as `TRACE`. -The volume of messages logged will exceed the polling rate, and incoming logs may be missed. +The volume of messages logged may exceed the polling rate, and incoming logs may be missed. The actual logs being polled by the LogViewer can still be accessed at `${home_directory}/data/log` ==== diff --git a/distribution/docs/src/main/resources/content/_managing/_running/os-services.adoc b/distribution/docs/src/main/resources/content/_managing/_running/os-services.adoc index 0be5c26418cb..d90511bdaf8e 100644 --- a/distribution/docs/src/main/resources/content/_managing/_running/os-services.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_running/os-services.adoc @@ -5,7 +5,8 @@ :project: ${branding} :order: 03 -=== {title} +== {title} +((({title}))) The lifecycle of ${branding} and Solr processes can be managed by the operating system. The ${branding} documentation provides instructions to install diff --git a/distribution/docs/src/main/resources/content/_managing/_running/platform-commands.adoc b/distribution/docs/src/main/resources/content/_managing/_running/platform-commands.adoc index a6e7a9d1d428..d50c199cdf2b 100644 --- a/distribution/docs/src/main/resources/content/_managing/_running/platform-commands.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_running/platform-commands.adoc @@ -6,6 +6,7 @@ :order: 04 == {title} +((({title}))) .[[_platform_command_descriptions]]Platform Command Descriptions [cols="1m,9" options="header"] diff --git a/distribution/docs/src/main/resources/content/_managing/_running/solr-commands.adoc b/distribution/docs/src/main/resources/content/_managing/_running/solr-commands.adoc index 261e770d8e71..cda5a58b6715 100644 --- a/distribution/docs/src/main/resources/content/_managing/_running/solr-commands.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_running/solr-commands.adoc @@ -6,6 +6,7 @@ :order: 02 == {title} +((({title}))) .[[_solr_command_descriptions]]Solr Command Descriptions [cols="1m,9a" options="header"] diff --git a/distribution/docs/src/main/resources/content/_managing/_running/solr-service.adoc b/distribution/docs/src/main/resources/content/_managing/_running/solr-service.adoc index 1ea32fd69e82..7731610a597c 100644 --- a/distribution/docs/src/main/resources/content/_managing/_running/solr-service.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_running/solr-service.adoc @@ -5,6 +5,6 @@ :project: ${branding} :order: 05 -==== {title} +== {title} Refer to https://lucene.apache.org/solr/guide/${solr.docs.version}/taking-solr-to-production.html[Taking Solr to Production] {external-link} in the Solr documentation for configuring Solr as a Windows or init.d service. diff --git a/distribution/docs/src/main/resources/content/_managing/_running/starting-intro.adoc b/distribution/docs/src/main/resources/content/_managing/_running/starting-intro.adoc index 2cdfbe1a1769..915be7208c07 100644 --- a/distribution/docs/src/main/resources/content/_managing/_running/starting-intro.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_running/starting-intro.adoc @@ -4,23 +4,24 @@ :summary: Starting and stopping an instance. :order: 01 +(((Startup))) Follow the below steps to start and stop ${branding}. -==== Starting from Startup Scripts +== Starting from Startup Scripts Run one of the start scripts from a command shell to start the distribution and open a local console: -.Start Script: *NIX +.Start Script (*NIX) ---- ${home_directory}/bin/${branding-lowercase} ---- -.Start Script: Windows +.Start Script (Windows) ---- ${home_directory}/bin/${branding-lowercase}.bat ---- -==== Starting as a Background Process +== Starting as a Background Process Alternatively, to run ${branding} as a background process, run the `start` script: @@ -51,7 +52,7 @@ ${home_directory}/bin/client.bat -h Use the `-h` option followed by the name (``) or IP of the host where ${branding} is running. ==== -==== Stopping ${branding} +== Stopping ${branding} There are two options to stop a running instance: diff --git a/distribution/docs/src/main/resources/content/_managing/_running/store-commands.adoc b/distribution/docs/src/main/resources/content/_managing/_running/store-commands.adoc index d3fcd6e9e7db..b13a5aaae5bf 100644 --- a/distribution/docs/src/main/resources/content/_managing/_running/store-commands.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_running/store-commands.adoc @@ -6,6 +6,7 @@ :order: 06 == {title} +((({title}))) .[[_store_command_descriptions]]Persistence Store Command Descriptions [cols="2m,6"] diff --git a/distribution/docs/src/main/resources/content/_managing/_running/subscription-commands.adoc b/distribution/docs/src/main/resources/content/_managing/_running/subscription-commands.adoc index b3498ed8f140..72f66d660c2b 100644 --- a/distribution/docs/src/main/resources/content/_managing/_running/subscription-commands.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_running/subscription-commands.adoc @@ -6,6 +6,7 @@ :order: 03 == {title} +((({title}))) [NOTE] ==== @@ -20,15 +21,15 @@ The subscriptions commands are installed when the Catalog application is install |Description |subscriptions:delete -|Deletes the subscription(s) specified by the search phrase or LDAP filter. +|Deletes the subscriptions specified by the search phrase or LDAP filter. |subscriptions:list -|List the subscription(s) specified by the search phrase or LDAP filter. +|List the subscriptions specified by the search phrase or LDAP filter. |=== .subscriptions:list Command Usage Examples Note that no arguments are required for the `subscriptions:list` command. -If no argument is provided, all subscriptions will be listed. +If no argument is provided, all subscriptions are listed. A count of the subscriptions found matching the list command's search phrase (or LDAP filter) is displayed first followed by each subscription's ID. .List All Subscriptions @@ -118,9 +119,9 @@ my.contextual.id.json|http://172.18.14.169:8088/services/json/local/event/notifi .subscriptions:delete Command Usage The arguments for the `subscriptions:delete` command are the same as for the `list` command, except that a search phrase or LDAP filter must be specified. -If one of these is not specified an error will be displayed. -When the `delete` command is executed it will display each subscription ID it is deleting. -If a subscription matches the search phrase but cannot be deleted, a message in red will be displayed with the ID. +If one of these is not specified, an error is displayed. +When the `delete` command is executed, it displays each subscription ID it is deleting. +If a subscription matches the search phrase but cannot be deleted, a message in red is displayed with the ID. After all matching subscriptions are processed, a summary line is displayed indicating how many subscriptions were deleted out of how many matching subscriptions were found. .Delete a Specific Subscription Using Its Exact ID diff --git a/distribution/docs/src/main/resources/content/_managing/_running/troubleshooting-ui.adoc b/distribution/docs/src/main/resources/content/_managing/_running/troubleshooting-ui.adoc index 51a1bf28afc2..062d94ecf48c 100644 --- a/distribution/docs/src/main/resources/content/_managing/_running/troubleshooting-ui.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_running/troubleshooting-ui.adoc @@ -4,7 +4,7 @@ :summary: Troubleshooting UI issues. :order: 01 -==== Deleted Records Are Being Displayed In The Search UI's Search Results +== Deleted Records Are Being Displayed In The Search UI's Search Results When queries are issued by the Search UI, the query results that are returned are also cached in an internal Solr database for faster retrieval when the same query may be issued in the future. As records are deleted from the catalog provider, this Solr cache is kept in sync by also deleting the same records from the cache if they exist. @@ -26,7 +26,7 @@ https://{FQDN}:{PORT}/solr/metacard_cache/update?stream.body=*:*< ---- https://{FQDN}:{PORT}/solr/metacard_cache/update?stream.body=original_id_txt:50ffd32b21254c8a90c15fccfb98f139&commit=true ---- -* To delete record(s) in the Solr cache using a query on a field in the record(s) - in this example, the `title_txt` field is being used with wildcards to search for any records with word remote in the title: +* To delete records in the Solr cache using a query on a field in the records - in this example, the `title_txt` field is being used with wildcards to search for any records with word remote in the title: .Deletion of records in Solr query cache using search criteria ---- diff --git a/distribution/docs/src/main/resources/content/_managing/_running/troubleshooting.adoc b/distribution/docs/src/main/resources/content/_managing/_running/troubleshooting.adoc index 57cb0a538b09..1fac6980f72b 100644 --- a/distribution/docs/src/main/resources/content/_managing/_running/troubleshooting.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_running/troubleshooting.adoc @@ -6,6 +6,7 @@ //// Troubleshooting //// +(((Troubleshooting))) If, after configuration, a ${branding} is not performing as expected, consult this table of common fixes and workarounds. @@ -52,9 +53,9 @@ a|Restart ${branding}. . Start up ${branding}: `./${branding-lowercase}` -|Distribution Will Not Start +|Distribution Does Not Start -${branding} will not start when calling the start script defined during installation. +${branding} does not start when calling the start script defined during installation. |Complete the following procedure. . Verify that Java is correctly installed. @@ -77,7 +78,7 @@ This can be caused when another ${branding} is not properly shut down. |Perform one or all of the following recommended solutions, as necessary. * Wait for proper shutdown of ${branding} prior to starting a new instance. -* Verify running java.exe are not ${branding} (e.g., kill/close if necessary). +* Verify running java.exe are not ${branding} (and use kill/close commands, if necessary). * Utilize automated start/stop scripts to run ${branding} as a service. 2+^|*Troubleshooting TLS/SSL Connectivity* diff --git a/distribution/docs/src/main/resources/content/_managing/_running/validator-plugins.adoc b/distribution/docs/src/main/resources/content/_managing/_running/validator-plugins.adoc index f30f117ff310..b145c01de02b 100644 --- a/distribution/docs/src/main/resources/content/_managing/_running/validator-plugins.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_running/validator-plugins.adoc @@ -6,6 +6,7 @@ :summary: Validator plugins run on Ingest == {title} +(((Validator Plugins))) When Enforce Errors is enabled within the ${admin-console}, validator plugins ensure the data being ingested is valid. Below is a list of the validators run against the data ingested. @@ -17,26 +18,26 @@ ingested is valid. Below is a list of the validators run against the data ingest . Select the *System* tab. . Select the *Configuration* tab. . Select *Metacard Validation Marker Plugin*. -.. If *Enforce errors* is checked, these validators below will be run on ingest. -.. If *Enforce errors* is not checked, these validators below will *not* be run on ingest. +.. If *Enforce errors* is checked, these validators below are run on ingest. +.. If *Enforce errors* is not checked, these validators below are *not* run on ingest. ==== === Validators run on ingest -* *Size Validator*: Validates the size of an attribute's value(s). -* *Range Validator*: Validates an attribute's value(s) against an *inclusive* numeric range. -* *Enumeration Validator*: Validates an attribute's value(s) against a set of acceptable values. -* *Future Date Validator*: Validates an attribute's value(s) against the current date and time, +* *((Size Validator))*: Validates the size of an attribute's values. +* *((Range Validator))*: Validates an attribute's values against an *inclusive* numeric range. +* *((Enumeration Validator))*: Validates an attribute's values against a set of acceptable values. +* *((Future Date Validator))*: Validates an attribute's valuess against the current date and time, validating that they are in the future. -* *Past Date Validator*: Validates an attribute's value(s) against the current date and time, +* *((Past Date Validator))*: Validates an attribute's values against the current date and time, validating that they are in the past. -* *ISO3 Country Code Validator*: Validates an attribute's value(s) against the ISO_3166-1 Alpha3 country codes. -* *Pattern Validator*: Validates an attribute's value(s) against a regular expression. -* *Required Attributes Metacard Validator*: Validates that a metacard contains certain attributes. -- ID: *ddf.catalog.validation.impl.validator.RequiredAttributesMetacardValidator* -* *Duplication Validator*: Validates metacard against the local catalog for duplicates based on configurable attributes. -- ID: *org.codice.ddf.validator.metacard.duplication.DuplicationValidator* -* *Relationship Validator*: Validates values that an attribute *must have*, *can only have*, and/or *can't have*. -- ID: *ddf.catalog.validation.impl.validator.RelationshipValidator* -* *Metacard WKT Validator*: Validates a location metacard attribute (WKT string) against valid geometric shapes. -- ID: *org.codice.ddf.validator.metacard.wkt.MetacardWktValidator* \ No newline at end of file +* *((ISO3 Country Code Validator))*: Validates an attribute's values against the ISO_3166-1 Alpha3 country codes. +* *((Pattern Validator))*: Validates an attribute's values against a regular expression. +* *((Required Attributes Metacard Validator))*: Validates that a metacard contains certain attributes. +- ID: `ddf.catalog.validation.impl.validator.RequiredAttributesMetacardValidator` +* *((Duplication Validator))*: Validates metacard against the local catalog for duplicates based on configurable attributes. +- ID: `org.codice.ddf.validator.metacard.duplication.DuplicationValidator` +* *((Relationship Validator))*: Validates values that an attribute *must have*, *can only have*, and/or *can't have*. +- ID: `ddf.catalog.validation.impl.validator.RelationshipValidator` +* *((Metacard WKT Validator))*: Validates a location metacard attribute (WKT string) against valid geometric shapes. +- ID: `org.codice.ddf.validator.metacard.wkt.MetacardWktValidator` diff --git a/distribution/docs/src/main/resources/content/_managing/_securing/auditing.adoc b/distribution/docs/src/main/resources/content/_managing/_securing/auditing.adoc index 8730e5dfaa39..80fa5b94f29c 100644 --- a/distribution/docs/src/main/resources/content/_managing/_securing/auditing.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_securing/auditing.adoc @@ -10,7 +10,7 @@ * *{hardening-step}* -Audit logging captures security-specific system events for monitoring and review. +((Audit logging)) captures security-specific system events for monitoring and review. ${branding} provides an <<{developing-prefix}security_logging_plugin,Audit Plugin>> that logs all catalog transactions to the `security.log`. Information captured includes user identity, query information, and resources retrieved. @@ -52,10 +52,10 @@ If you want to change the location of your systems security backup log from the * edit `${home_directory}/security/configurations.policy` ** find "Security-Hardening: Backup Log File Permissions" -** below `grant codeBase "file:/pax-logging-log4j2"` add the path to the directory containing the new log file you will create in the next step. +** below `grant codeBase "file:/pax-logging-log4j2"` add the path to the directory containing the new log file created in the next step. * edit `${home_directory}/etc/log4j2.xml` ** find the entry for the `securityBackup` appender. (see example) -** change value of `filename` and prefix of `filePattern` to the name/path of the desired failover security logs +** change value of `filename` and prefix of `filePattern` to the name/path of the desired failover security logs. .`securityBackup` Appender Before [source,xml,linenums] @@ -75,6 +75,6 @@ If you want to change the location of your systems security backup log from the [WARNING] ==== -If the system is unable to write to the `security.log` file on system startup, fallback logging will be unavailable. +If the system is unable to write to the `security.log` file on system startup, fallback logging is unavailable. Verify that the `security.log` file is properly configured and contains logs before configuring a fall back. ==== diff --git a/distribution/docs/src/main/resources/content/_managing/_securing/disallowing-login-wo-certs.adoc b/distribution/docs/src/main/resources/content/_managing/_securing/disallowing-login-wo-certs.adoc index fafc7e7be7fa..9e05cc685b92 100644 --- a/distribution/docs/src/main/resources/content/_managing/_securing/disallowing-login-wo-certs.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_securing/disallowing-login-wo-certs.adoc @@ -6,6 +6,7 @@ :order: 08 == {title} +(((Disallowing Login Without Certificates))) ${branding} can be configured to prevent login without a valid PKI certificate. @@ -13,7 +14,7 @@ ${branding} can be configured to prevent login without a valid PKI certificate. * Select *${ddf-security}*. * Select *Web Context Policy Manager*. * Add a policy for each context requiring restriction. -** For example, just configuring `PKI` as the authentication type for web pages will disallow login without certificates to ${branding}. +** For example, just configuring `PKI` as the authentication type for web pages disallows login without certificates to ${branding}. * Click *Save*. [NOTE] diff --git a/distribution/docs/src/main/resources/content/_managing/_securing/hardening-checklist.adoc b/distribution/docs/src/main/resources/content/_managing/_securing/hardening-checklist.adoc index 2111a93e9d55..719c25d7ffec 100644 --- a/distribution/docs/src/main/resources/content/_managing/_securing/hardening-checklist.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_securing/hardening-checklist.adoc @@ -6,6 +6,7 @@ :order: 03 == {title} +(((Hardening Checklist))) The following list enumerates the required mitigations needed for hardening. It is not intended to be a step-by-step procedure. To harden a new system, perform configuration as <<{managing-prefix}configuring,documented>>. @@ -21,7 +22,8 @@ To harden a new system, perform configuration as <<{managing-prefix}configuring, * [ ] <<{managing-prefix}configuring_guest_access,Configure Guest User Authentication>> * [ ] <<{managing-prefix}hiding_errors_and_warnings_from_users_based_on_role, Create unique user role>> * [ ] <<{managing-prefix}restricting_access_to_admin_console, Restricting Access to ${admin-console}>> -* [ ] <<{managing-prefix}restricting_feature_app_service_and_configuration_access, Restrict Feature, App, Service, and Configuration Access>> +* [ ] <<{managing-prefix}restricting_access_to_features_apps_services_and_configurations, Restricting Access to Features, Apps, Services, and Configurations +>> * [ ] <<{managing-prefix}removing_default_users,Remove Default Users>> * [ ] <<{managing-prefix}hardening_solr,Harden Solr>> * [ ] <<{managing-prefix}environment_hardening,Environment Hardening>> diff --git a/distribution/docs/src/main/resources/content/_managing/_securing/hardening-intro.adoc b/distribution/docs/src/main/resources/content/_managing/_securing/hardening-intro.adoc index 96958cfc1a47..c61e1e77ed44 100644 --- a/distribution/docs/src/main/resources/content/_managing/_securing/hardening-intro.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_securing/hardening-intro.adoc @@ -9,6 +9,7 @@ .Security Hardening **** +(((Security Hardening))) To harden ${branding}, extra security precautions are required. Where available, necessary migitations to harden an installation of ${branding} are called out in the following configuration steps. diff --git a/distribution/docs/src/main/resources/content/_managing/_securing/managing-crl.adoc b/distribution/docs/src/main/resources/content/_managing/_securing/managing-crl.adoc index 75da7b4a8484..5e306907d671 100644 --- a/distribution/docs/src/main/resources/content/_managing/_securing/managing-crl.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_securing/managing-crl.adoc @@ -9,10 +9,10 @@ * *{hardening-step}* -For hardening purposes, it is recommended to implement a way to verify a Certificate Revocation List (CRL) at least daily or an Online Certificate Status Protocol (OCSP) server. +For hardening purposes, it is recommended to implement a way to verify a ((Certificate Revocation List)) (CRL) at least daily or an ((Online Certificate Status Protocol (OCSP) server)). === Managing a Certificate Revocation List (CRL) -A Certificate Revocation List is a collection of formerly-valid certificates that should explicitly _not_ be accepted. +A Certificate Revocation List is a collection of formerly valid certificates that should explicitly _not_ be accepted. ==== Creating a CRL @@ -45,7 +45,7 @@ $> openssl ca -gencrl -out crl-tokenissuer-revoked.pem [NOTE] ==== -Enabling CRL revocation or modifying the CRL file will require a restart of ${branding} to apply updates. +Enabling CRL revocation or modifying the CRL file requires a restart of ${branding} to apply updates. ==== . Place the CRL in ${home_directory}/etc/keystores. @@ -56,13 +56,13 @@ Enabling CRL revocation or modifying the CRL file will require a restart of ${br .. `${home_directory}/etc/ws-security/issuer/signature.properties` . (Replace with the file path or URL of the CRL file used in previous step.) -Adding this property will also enable CRL revocation for any context policy implementing PKI authentication. -For example, setting PKI as the authentication type for web pages in the Web Context Policy Manager will disable basic authentication and require a certificate. -If a certificate is not in the CRL, it will be allowed through, otherwise it will get a 401 error. -If no certificate is provided, and guest access is enabled on the web context policy, guest access will be granted. +Adding this property also enables CRL revocation for any context policy implementing PKI authentication. +For example, setting PKI as the authentication type for web pages in the Web Context Policy Manager disables basic authentication and require a certificate. +If a certificate is not in the CRL, it is allowed through. If not, it receives a 401 error. +If no certificate is provided, and guest access is enabled on the web context policy, guest access is granted. This also enables CRL revocation for the STS endpoint. -The STS CRL Interceptor monitors the same `encryption.properties` file and operates in an identical manner to the PKI Authenication's CRL handler. Enabling the CRL via the `encryption.properties` file will also enable it for the STS, and also requires a restart. +The STS CRL Interceptor monitors the same `encryption.properties` file and operates in an identical manner to the PKI Authenication's CRL handler. Enabling the CRL via the `encryption.properties` file also enabless it for the STS, and also requires a restart. If the CRL cannot be placed in ${home_directory}/etc/keystores but can be accessed via an *HTTPS* URL: @@ -73,25 +73,25 @@ If the CRL cannot be placed in ${home_directory}/etc/keystores but can be access . Add the *HTTPS* URL under *CRL URL address* . Check the *Enable CRL via URL* option -A local CRL file will be created and the `encryption.properties` and `signature.properties` files will be set as mentioned above. +A local CRL file is created and the `encryption.properties` and `signature.properties` files are set as mentioned above. ===== Add Revocation to a Web Context -The PKIHandler implements CRL revocation, so any web context that is configured to use PKI authentication will also use CRL revocation if revocation is enabled. +The PKIHandler implements CRL revocation, so any web context that is configured to use PKI authentication also uses CRL revocation if revocation is enabled. . After enabling revocation (see above), open the *Web Context Policy Manager*. . Add or modify the *Authentication Types for Web Pages* and *Authentication Types for Endpoints* configurations to use PKI. . If guest access is also required, check the `Allow Guest Access` box in the policy. -With guest access, a user with a revoked certificate will be given a 401 error, but users without a certificate will be able to access the web context as the guest user. +With guest access, a user with a revoked certificate is given a 401 error, but users without a certificate is able to access the web context as the guest user. The STS CRL interceptor does not need a web context specified. -The CRL interceptor for the STS will become active after specifying the CRL file path, or the URL for the CRL, in the `encryption.properties` file and restarting ${branding}. +The CRL interceptor for the STS becomes active after specifying the CRL file path, or the URL for the CRL, in the `encryption.properties` file and restarting ${branding}. [NOTE] ==== -Disabling or enabling CRL revocation or modifying the CRL file will require a restart of ${branding} to apply updates. -If CRL checking is already enabled, adding a new context via the *Web Context Policy Manager* will not require a restart. +Disabling or enabling CRL revocation or modifying the CRL file requires a restart of ${branding} to apply updates. +If CRL checking is already enabled, adding a new context via the *Web Context Policy Manager* does not require a restart. ==== ===== Adding Revocation to an Endpoint @@ -126,7 +126,7 @@ Add the following property to the `jasws` endpoint in the endpoint's `blueprint. ===== Verifying Revocation -A *Warning* similar to the following will be displayed in the logs of the source and endpoint showing the exception encountered during certificate validation: +A *Warning* similar to the following is displayed in the logs of the source and endpoint showing the exception encountered during certificate validation: [source] ---- @@ -148,7 +148,7 @@ Caused by: java.security.cert.CertPathValidatorException: Certificate has been r === Managing an Online Certificate Status Protocol (OCSP) Server -An Online Certificate Status Protocol is a protocol used to verify the revocation status of a certificate. +An ((Online Certificate Status Protocol)) is a protocol used to verify the revocation status of a certificate. An OCSP server can be queried with a certificate to verify if it is revoked. The advantage of using an OCSP Server over a CRL is the fact that a local copy of the revoked certificates is not needed. @@ -164,6 +164,6 @@ The advantage of using an OCSP Server over a CRL is the fact that a local copy o [NOTE] ==== -If an error occurs while communicating with the OCSP server, an alert will be posted to the ${admin-console}. -Until the error is resolved, certificates will not be verified against the server. -==== \ No newline at end of file +If an error occurs while communicating with the OCSP server, an alert is posted to the ${admin-console}. +Until the error is resolved, certificates are not verified against the server. +==== diff --git a/distribution/docs/src/main/resources/content/_managing/_securing/managing-keystores.adoc b/distribution/docs/src/main/resources/content/_managing/_securing/managing-keystores.adoc index 90b25785fe83..fe6ce5defbd1 100644 --- a/distribution/docs/src/main/resources/content/_managing/_securing/managing-keystores.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_securing/managing-keystores.adoc @@ -7,16 +7,16 @@ === {title} -Certificates, and sometimes their associated private keys, are stored in keystore files. +(((Keystores)))Certificates, and sometimes their associated private keys, are stored in keystore files. ${branding} includes two default keystore files, the server key store and the server trust store. The server keystore holds ${branding}'s certificate and private key. -It will also hold the certificates of other nodes whose signature ${branding} will accept. -The truststore holds the certificates of nodes or other entities that ${branding} needs to trust. +It also holds the certificates of other nodes whose signature ${branding} accept. +(((Truststore)))The truststore holds the certificates of nodes or other entities that ${branding} needs to trust. [NOTE] ==== Individual certificates of other nodes should be added to the keystore instead of CA certificates. -If a CA's certificate is added, ${branding} will automatically trust any certificate that is signed by that CA. +If a CA's certificate is added, ${branding} automatically trusts any certificate that is signed by that CA. ==== ==== Adding an Existing Server Keystore @@ -124,7 +124,7 @@ Additionally, the password that ${branding} uses to decrypt (unlock) the key and ${branding} assumes that password used to unlock the keystore is the same password that unlocks private keys in the keystore. ==== -The location, file name, passwords and type of the server and trust key stores can be set in the `custom.system.properties` file: +The location, file name, passwords, type of the server, and trust key stores can be set in the `custom.system.properties` file: . Setting the Keystore and Truststore Java Properties [source] diff --git a/distribution/docs/src/main/resources/content/_managing/_securing/securing-intro.adoc b/distribution/docs/src/main/resources/content/_managing/_securing/securing-intro.adoc index c5f0d425b979..e457fa564235 100644 --- a/distribution/docs/src/main/resources/content/_managing/_securing/securing-intro.adoc +++ b/distribution/docs/src/main/resources/content/_managing/_securing/securing-intro.adoc @@ -12,12 +12,12 @@ Security is an important consideration for ${branding}, so it is imperative to u .Securing ${branding} Components [IMPORTANT] ==== -${branding} is enabled with an Insecure Defaults Service which will warn users/admins if the system is configured with insecure defaults. +${branding} is enabled with an ((Insecure Defaults Service)) which warns users/admins if the system is configured with insecure defaults. A banner is displayed on the admin console notifying "The system is insecure because default configuration values are in use." A detailed view is available of the properties to update. ==== -Security concerns will be highlighted in the configuration sections to follow. +Security concerns are highlighted in the configuration sections to follow. diff --git a/distribution/docs/src/main/resources/content/_managing/managing-intro.adoc b/distribution/docs/src/main/resources/content/_managing/managing-intro.adoc index fb491b84da94..35d22d1eee85 100644 --- a/distribution/docs/src/main/resources/content/_managing/managing-intro.adoc +++ b/distribution/docs/src/main/resources/content/_managing/managing-intro.adoc @@ -3,5 +3,5 @@ :status: published :priority: 1 -Administrators will be installing, maintaining, and supporting existing applications. +Administrators install, maintain, and support existing applications. Use this section to prepare, install, configure, run, and monitor a ${branding}. diff --git a/distribution/docs/src/main/resources/content/_metadataReference/associations-attributes-table.adoc b/distribution/docs/src/main/resources/content/_metadataReference/associations-attributes-table.adoc index b023f745e76e..0edf63d2e7cb 100644 --- a/distribution/docs/src/main/resources/content/_metadataReference/associations-attributes-table.adoc +++ b/distribution/docs/src/main/resources/content/_metadataReference/associations-attributes-table.adoc @@ -7,7 +7,7 @@ == {title} -.Associations: Attributes in this group represent associations between resources. *Injected by default.* +.Associations (Attributes in this group represent associations between resources.) *Injected by default.* [cols="1,2,1,1,1" options="header"] |=== diff --git a/distribution/docs/src/main/resources/content/_metadataReference/catalog-taxonomy-intro.adoc b/distribution/docs/src/main/resources/content/_metadataReference/catalog-taxonomy-intro.adoc index 83f77d7207f5..c7be8a74094f 100644 --- a/distribution/docs/src/main/resources/content/_metadataReference/catalog-taxonomy-intro.adoc +++ b/distribution/docs/src/main/resources/content/_metadataReference/catalog-taxonomy-intro.adoc @@ -6,6 +6,7 @@ :summary: Introduction to catalog taxonomy appendix. == {title} +((({title}))) To facilitate data sharing while maximizing the usefulness of metadata, the attributes on resources are normalized into a common taxonomy that maps to attributes in the desired output format. diff --git a/distribution/docs/src/main/resources/content/_metadataReference/complete-list-file-types.adoc b/distribution/docs/src/main/resources/content/_metadataReference/complete-list-file-types.adoc index e1bc19dd2066..b5631d5ee381 100644 --- a/distribution/docs/src/main/resources/content/_metadataReference/complete-list-file-types.adoc +++ b/distribution/docs/src/main/resources/content/_metadataReference/complete-list-file-types.adoc @@ -13,7 +13,7 @@ If adding or removing items, be sure to add or subtract empty cells at the end o .Supported File Types Using the various input transformers, ${branding} supports ingest of the following MIME types. -While ingest is possible for these files, metadata will be limited unless otherwise noted. +While ingest is possible for these files, metadata is limited unless otherwise noted. .Application File Types [cols="3"] diff --git a/distribution/docs/src/main/resources/content/_metadataReference/contact-attributes-table.adoc b/distribution/docs/src/main/resources/content/_metadataReference/contact-attributes-table.adoc index d6c915af8b42..7c4bbce20b4f 100644 --- a/distribution/docs/src/main/resources/content/_metadataReference/contact-attributes-table.adoc +++ b/distribution/docs/src/main/resources/content/_metadataReference/contact-attributes-table.adoc @@ -7,7 +7,7 @@ == {title} -.Contact: Attributes in this group reflect metadata about different kinds of people/groups/units/organizations that can be associated with a metacard. *Injected by default.* +.Contact (Attributes in this group reflect metadata about different kinds of people/groups/units/organizations that can be associated with a metacard.) *Injected by default.* [cols="1,2,1,1,1" options="header"] |=== |Term @@ -17,99 +17,99 @@ |Example Value |[[_contact.creator-name]]contact.creator-name -|The name(s) of this metacard’s creator(s). +|The names of this metacard’s creators. |List of Strings |< 1024 characters per entry |   |[[_contact.creator-address]]contact.creator-address -|The physical address(es) of this metacard’s creator(s). +|The physical addresses of this metacard’s creators. |List of Strings |< 1024 characters per entry |    |[[_contact.creator-email]]contact.creator-email -|The email address(es) of this metacard’s creator(s). +|The email addresses of this metacard’s creators. |List of Strings |A valid email address per RFC 5322. |    |[[_contact.creator-phone]]contact.creator-phone -|The phone number(s) of this metacard’s creator(s). +|The phone numbers of this metacard’s creators. |List of Strings |< 1024 characters per entry |   |[[_contact.publisher-name]]contact.publisher-name -| The name(s) of this metacard’s publisher(s). +| The names of this metacard’s publishers. |List of Strings |< 1024 characters per entry |    |[[_contact.publisher-address]]contact.publisher-address -| The physical address(es) of this metacard’s publisher(s). +| The physical addresses of this metacard’s publishers. |List of Strings |< 1024 characters per entry |    |[[_contact.publisher-email]]contact.publisher-email -| The email address(es) of this metacard’s publisher(s). +| The email addresses of this metacard’s publishers. |List of Strings |A valid email address per RFC 5322. |    |[[_contact.publisher-phone]]contact.publisher-phone -| The phone number(s) of this metacard’s publisher(s). +| The phone numbers of this metacard’s publishers. |List of Strings |< 1024 characters per entry |    |[[_contact.contributor-name]]contact.contributor-name -| The name of the contributor(s) to this metacard. +| The name of the contributors to this metacard. |List of Strings |< 1024 characters per entry |    |[[_contact.contributor-address]]contact.contributor-address -| The physical address(es) of the contributor(s) to this metacard. +| The physical addresses of the contributors to this metacard. |List of Strings |< 1024 characters per entry |    |[[_contact.contributor-email]]contact.contributor-email -| The email address(es) of the contributor(s) to this metacard. +| The email addresses of the contributors to this metacard. |List of Strings |A valid email address per RFC 5322. |    |[[_contact.contributor-phone]]contact.contributor-phone -| The phone number(s) of the contributor(s) to this metacard. +| The phone numbers of the contributors to this metacard. |List of Strings |< 1024 characters per entry |    |[[_contact.point-of-contact-name]]contact.point-of-contact-name -| The name(s) of the point(s) of contact for this metacard. +| The names of the points of contact for this metacard. |List of Strings |< 1024 characters per entry |    |[[_contact.point-of-contact-address]]contact.point-of-contact-address -|The physical address(es) of a point(s) of contact for this +|The physical addresses of a points of contact for this metacard. |List of Strings |< 1024 characters per entry |    |[[_contact.point-of-contact-email]]contact.point-of-contact-email -|The email address(es) of the point(s) of contact for this +|The email addresses of the points of contact for this metacard. |List of Strings |A valid email address per RFC 5322. |  |[[_contact.point-of-contact-phone]]contact.point-of-contact-phone -|The phone number(s) of the point(s) of contact for this metacard. +|The phone numbers of the points of contact for this metacard. |List of Strings |< 1024 characters per entry | diff --git a/distribution/docs/src/main/resources/content/_metadataReference/core-attributes-table.adoc b/distribution/docs/src/main/resources/content/_metadataReference/core-attributes-table.adoc index 622d836cb8a5..caa4273d241b 100644 --- a/distribution/docs/src/main/resources/content/_metadataReference/core-attributes-table.adoc +++ b/distribution/docs/src/main/resources/content/_metadataReference/core-attributes-table.adoc @@ -133,25 +133,25 @@ a|The modification date of the resource http://dublincore.org/documents/dcmi-ter | |[[_language]]language -|The language(s) of the resource. http://dublincore.org/documents/2012/06/14/dcmi-terms/?v=elements#language[Dublin Core language] {external-link}. +|The languages of the resource. http://dublincore.org/documents/2012/06/14/dcmi-terms/?v=elements#language[Dublin Core language] {external-link}. |List of Strings -|Alpha-3 language code(s) per ISO_639-2 +|Alpha-3 language codes per ISO_639-2 | |[[_resource.derived-uri]]resource.derived-uri -|Catalog-specific Location(s) for accessing the resources derived from another source (for example, an overlay of a larger image). This URI is used for internal catalog requests. +|Catalog-specific Locations for accessing the resources derived from another source (for example, an overlay of a larger image). This URI is used for internal catalog requests. |List of Strings |Valid URI per RFC 2396 | |[[_resource.derived-download-url]]resource.derived-download-url -|Download URL(s) for accessing the resources derived from another source (for example, an overlay of a larger image). Clients should use this URL for download requests. +|Download URLs for accessing the resources derived from another source (for example, an overlay of a larger image). Clients should use this URL for download requests. |List of Strings -|Valid URL(s) per RFC 2396 +|Valid URLs per RFC 2396 | |[[_datatype]]datatype -a|The generic type(s) of the resource including the http://dublincore.org/documents/dcmi-type-vocabulary/[Dublin Core terms-type] {external-link}. DCMI Type term labels are expected here as opposed to term names. +a|The generic types of the resource including the http://dublincore.org/documents/dcmi-type-vocabulary/[Dublin Core terms-type] {external-link}. DCMI Type term labels are expected here as opposed to term names. |List of Strings |`Collection`, `Dataset`, `Event`, `Image`, `Interactive Resource`, `Moving Image`, `Physical Object`, `Service`, `Software`, `Sound`, `Still Image`, and/or `Text` | diff --git a/distribution/docs/src/main/resources/content/_metadataReference/datetime-attributes-table.adoc b/distribution/docs/src/main/resources/content/_metadataReference/datetime-attributes-table.adoc index 88c8f49eb0bf..9843451b2882 100644 --- a/distribution/docs/src/main/resources/content/_metadataReference/datetime-attributes-table.adoc +++ b/distribution/docs/src/main/resources/content/_metadataReference/datetime-attributes-table.adoc @@ -7,7 +7,7 @@ == {title} -.DateTime: Attributes in this group reflect temporal aspects about the resource. *Injected by default.* +.DateTime (Attributes in this group reflect temporal aspects about the resource.) *Injected by default.* [cols="5" options="header"] |=== |Term @@ -17,13 +17,13 @@ |Example Value   |[[_datetime.start]]datetime.start -|Start time(s) for the resource. +|Start times for the resource. |List of Dates |  |  |[[_datetime.end]]datetime.end -|End time(s) for the resource. +|End times for the resource. |List of Dates |  |  diff --git a/distribution/docs/src/main/resources/content/_metadataReference/history-attributes-table.adoc b/distribution/docs/src/main/resources/content/_metadataReference/history-attributes-table.adoc index 7108f24035c6..d19310540ecf 100644 --- a/distribution/docs/src/main/resources/content/_metadataReference/history-attributes-table.adoc +++ b/distribution/docs/src/main/resources/content/_metadataReference/history-attributes-table.adoc @@ -7,7 +7,7 @@ == {title} -.History: Attributes in this group describe the history/versioning of the metacard. *Injected by default.* +.History (Attributes in this group describe the history/versioning of the metacard.) *Injected by default.* [cols="1,2,1,1,1" options="header"] |=== |Term diff --git a/distribution/docs/src/main/resources/content/_metadataReference/location-attributes-table.adoc b/distribution/docs/src/main/resources/content/_metadataReference/location-attributes-table.adoc index 26dd61580dc1..28c4db085880 100644 --- a/distribution/docs/src/main/resources/content/_metadataReference/location-attributes-table.adoc +++ b/distribution/docs/src/main/resources/content/_metadataReference/location-attributes-table.adoc @@ -7,7 +7,7 @@ == {title} -.Location: Attributes in this group reflect location aspects about the resource. *Injected by default.* +.Location (Attributes in this group reflect location aspects about the resource.) *Injected by default.* [cols="1,2,1,1,1" options="header"] |=== |Term diff --git a/distribution/docs/src/main/resources/content/_metadataReference/media-attributes-table.adoc b/distribution/docs/src/main/resources/content/_metadataReference/media-attributes-table.adoc index a48a944a21ef..3ca70ddd1c9f 100644 --- a/distribution/docs/src/main/resources/content/_metadataReference/media-attributes-table.adoc +++ b/distribution/docs/src/main/resources/content/_metadataReference/media-attributes-table.adoc @@ -7,7 +7,7 @@ == {title} -.Media: Attributes in this group reflect metadata about media in general. *Injected by default.* +.Media (Attributes in this group reflect metadata about media in general.) *Injected by default.* [cols="1,2,1,1,1" options="header"] |=== |Term diff --git a/distribution/docs/src/main/resources/content/_metadataReference/metacard-attributes-table.adoc b/distribution/docs/src/main/resources/content/_metadataReference/metacard-attributes-table.adoc index 414cfe35fca4..2e5a51a5223e 100644 --- a/distribution/docs/src/main/resources/content/_metadataReference/metacard-attributes-table.adoc +++ b/distribution/docs/src/main/resources/content/_metadataReference/metacard-attributes-table.adoc @@ -7,7 +7,7 @@ == {title} -.Metacard: Attributes in this group describe the metacard itself. *Injected by default.* +.Metacard (Attributes in this group describe the metacard itself.) *Injected by default.* [cols="5" options="header"] |=== |Term diff --git a/distribution/docs/src/main/resources/content/_metadataReference/metadata-attributes-intro.adoc b/distribution/docs/src/main/resources/content/_metadataReference/metadata-attributes-intro.adoc index 38647af9a00c..d6bc22c202f2 100644 --- a/distribution/docs/src/main/resources/content/_metadataReference/metadata-attributes-intro.adoc +++ b/distribution/docs/src/main/resources/content/_metadataReference/metadata-attributes-intro.adoc @@ -6,6 +6,7 @@ :summary: Introduction to metadata attributes. == {title} +(((Catalog Taxonomy))) ${branding} extracts basic metadata from the resources ingested. Many file types contain additional <<_file_format_specific_attributes,file format-specific metadata attributes>>. diff --git a/distribution/docs/src/main/resources/content/_metadataReference/security-attributes-table.adoc b/distribution/docs/src/main/resources/content/_metadataReference/security-attributes-table.adoc index bef55546b949..070d5b1a3866 100644 --- a/distribution/docs/src/main/resources/content/_metadataReference/security-attributes-table.adoc +++ b/distribution/docs/src/main/resources/content/_metadataReference/security-attributes-table.adoc @@ -7,7 +7,7 @@ == {title} -.Security: Attributes in this group relate to security of the resource and metadata. *Injected by default.* +.Security (Attributes in this group relate to security of the resource and metadata.) *Injected by default.* [cols="1,2,1,1,1" options="header"] |=== @@ -19,28 +19,28 @@ |[[security.access-groups]]security.access-groups |Attribute name for storing groups to enforce access -controls upon that will enable a user to read and write a metacard. +controls upon that enable a user to read and write a metacard. |List of Strings |< 1024 characters per entry | |[[security.access-individuals]]security.access-individuals |Attribute name for storing the email addresses of users to -enforce access controls upon that will enable the ability to read and write a metacard. +enforce access controls upon that enable the ability to read and write a metacard. |List of Strings |A valid email address per RFC 5322. -|  +| |[[security.access-individuals-read]]security.access-individuals-read |Attribute name for storing the email addresses of users to enforce access controls upon that can read, but not explicitly write to a metacard. |List of Strings |A valid email address per RFC 5322. -|  +| |[[security.access-groups-read]]security.access-groups-read |Attribute name for storing groups to enforce access -controls upon that will enable a user to read, but not necessarily write to a metacard. +controls upon that enable a user to read, but not necessarily write to a metacard. |List of Strings |< 1024 characters per entry | diff --git a/distribution/docs/src/main/resources/content/_metadataReference/supported-file-formats.adoc b/distribution/docs/src/main/resources/content/_metadataReference/supported-file-formats.adoc index c2a423ebbf1a..0d2ca72f2206 100644 --- a/distribution/docs/src/main/resources/content/_metadataReference/supported-file-formats.adoc +++ b/distribution/docs/src/main/resources/content/_metadataReference/supported-file-formats.adoc @@ -9,12 +9,12 @@ ${branding} supports a wide variety of file types and data types for ingest. The ${branding}'s internal Input Transformers extract the necessary data into a <<{metadata-prefix}catalog_taxonomy_definitions,generalized format>>. -${branding} supports ingest of many datatypes and commonly used file formats, such as Microsoft office products: Word documents, Excel spreadsheets, and PowerPoint presentations as well as .pdf files, GeoJson and others. See <<{metadata-prefix}all_file_formats_supported,complete list>>. +${branding} supports ingest of many datatypes and commonly used file formats, such as Microsoft office products: including Word documents, Excel spreadsheets, and PowerPoint presentations, as well as .pdf files, GeoJson, and others. See <<{metadata-prefix}all_file_formats_supported,complete list>>. Many of these file types support additional <<_file_format_specific_attributes,file format-specific attributes>> from which additional metadata can be extracted. [NOTE] ==== -These attributes will be available in all the specified file formats; however, values will only be present if present in the original document/resource. +These attributes are available in all the specified file formats; however, values are only present if present in the original document/resource. ==== These attributes are supported by any file type ingested into ${branding}: diff --git a/distribution/docs/src/main/resources/content/_metadataReference/topic-attributes-table.adoc b/distribution/docs/src/main/resources/content/_metadataReference/topic-attributes-table.adoc index 398bc5d53777..58adcc835fae 100644 --- a/distribution/docs/src/main/resources/content/_metadataReference/topic-attributes-table.adoc +++ b/distribution/docs/src/main/resources/content/_metadataReference/topic-attributes-table.adoc @@ -7,7 +7,7 @@ == {title} -.Topic: Attributes in this group describe the topic of the resource. *Injected by default.* +.Topic (Attributes in this group describe the topic of the resource.) *Injected by default.* [cols="1,2,1,1,1" options="header"] |=== diff --git a/distribution/docs/src/main/resources/content/_metadataReference/validation-attributes-table.adoc b/distribution/docs/src/main/resources/content/_metadataReference/validation-attributes-table.adoc index ab6df72b3b8e..c3c2ba2ea45a 100644 --- a/distribution/docs/src/main/resources/content/_metadataReference/validation-attributes-table.adoc +++ b/distribution/docs/src/main/resources/content/_metadataReference/validation-attributes-table.adoc @@ -1,4 +1,4 @@ -:title: Validation Attributes +:title: Validation Attributes :type: subMetadataReference :order: 10 :parent: Catalog Taxonomy Definitions @@ -7,7 +7,7 @@ == {title} -.Validation: Attributes in this group identify validation issues with the metacard and/or resource. *Injected by default.* +.Validation (Attributes in this group identify validation issues with the metacard and/or resource.) *Injected by default.* [cols="1,2,1,1,1" options="header"] |=== diff --git a/distribution/docs/src/main/resources/content/_quickstart/quickstart-adding-roles.adoc b/distribution/docs/src/main/resources/content/_quickstart/quickstart-adding-roles.adoc new file mode 100644 index 000000000000..6d2121902a76 --- /dev/null +++ b/distribution/docs/src/main/resources/content/_quickstart/quickstart-adding-roles.adoc @@ -0,0 +1,38 @@ +:title: Adding New User Roles +:type: quickStart +:level: section +:section: quickStart +:parent: Quick Start Tutorial +:status: published +:summary: Adding new user roles for limiting access to specific contexts +:order: 03 + +== {title} +((({title}))) + +Users or user groups can be customized to enable or restrict access to specific certain system functions. +Define a custom role and assign it to users who need specific access. + +For an example, limit the replication admin view to users with a `sr_analyst` role. + +.Define a new role +. Navigate to the ${admin-console}. +. Navigate to the ${ddf-security} app. +. Navigate to the *Configuration* tab. +. Select the *Web Context Policy Manager* Configuration. +. Select *Required Attributes*. +. Define the contexts to be restricted. +.. Enter `={http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role=` +... For example, enter `/admin/replication={http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role=sr_analyst}` +... Select the *+* sign to add another required attribute. +... Enter `/admin/hub/graphql={http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role=sr_analyst}` + +.Assign the new role to users +. Add the new role (`sr_analyst`) to selected users in the `users.properties` file. Add the role to the line of each chosen user. +.. For example, `user1=password,sr_analyst` +. Restart Alliance to apply the changes. +.. `/app/bin/stop` +.. `/app/bin/start` + +In the example given, the `/admin/replication` context is only accessible to users with the `sr_analyst` role. +Other roles can be designated as needed by substituting the `` and the `` as needed. diff --git a/distribution/docs/src/main/resources/content/_quickstart/quickstart-certificates.adoc b/distribution/docs/src/main/resources/content/_quickstart/quickstart-certificates.adoc index 6b6472523949..4e43a2322f85 100644 --- a/distribution/docs/src/main/resources/content/_quickstart/quickstart-certificates.adoc +++ b/distribution/docs/src/main/resources/content/_quickstart/quickstart-certificates.adoc @@ -8,17 +8,18 @@ :order: 01 == Certificates (Quick Start) +(((Quick Start Certificates))) ${branding} comes with a default keystore that contains certificates. This allows the distribution to be unzipped and run immediately. If these certificates are sufficient for testing purposes, proceed to <<{quickstart-prefix}configuring_quick_start,Configuring (Quick Start)>>. -To test federation using 2-way TLS, the default keystore certificates will need to be replaced, using either the included <<{quickstart-prefix}demo_certificate_authority_ca,Demo Certificate Authority>> or by <<{quickstart-prefix}creating_self_signed_certificates,Creating Self-signed Certificates>>. +To test federation using 2-way TLS, the default keystore certificates needs to be replaced, using either the included <<{quickstart-prefix}demo_certificate_authority_ca,Demo Certificate Authority>> or by <<{quickstart-prefix}creating_self_signed_certificates,Creating Self-signed Certificates>>. -If the installer was used to install the ${branding} and a hostname other than "localhost" was given, the user will be prompted to upload new trust/key stores. +If the installer was used to install the ${branding} and a hostname other than "localhost" was given, the user is prompted to upload new trust/key stores. -If the hostname is `localhost` or, if the hostname was changed _after_ installation, the default certificates will not allow access to the ${branding} instance from another machine over HTTPS (now the default for many services). -The Demo Certificate Authority will need to be replaced with certificates that use the fully-qualified hostname of the server running the ${branding} instance. +If the hostname is `localhost` or, if the hostname was changed _after_ installation, the default certificates do not allow access to the ${branding} instance from another machine over HTTPS (now the default for many services). +The Demo Certificate Authority needs to be replaced with certificates that use the fully qualified hostname of the server running the ${branding} instance. === Demo Certificate Authority (CA) @@ -31,7 +32,7 @@ This entry must be removed from the truststore before ${branding} can operate se ==== Creating New Server Keystore Entry with the CertNew Scripts -To create a private key and certificate signed by the Demo Certificate Authority, use the provided scripts. +To create a private key and certificate signed by the ((Demo Certificate Authority)), use the provided scripts. To use the scripts, run them out of the `${home_directory}/etc/certs` directory. @@ -44,9 +45,9 @@ For *NIX, use the `CertNew.sh` script. where: -* `` represents a fully qualified common name (e.g. "", where could be something like cluster.yoyo.com) -* `` represents a distinguished name as a comma-delimited string (e.g. "c=US, st=California, o=Yoyodyne, l=San Narciso, cn=") -* `` represents optional subject alternative names to be added to the generated certificate (e.g. "DNS:,DNS:node1.,DNS:node2."). The format for subject alternative names is similar to the OpenSSL X509 configuration format. Supported tags are: +* `` represents a fully qualified common name (such as `""`, where `` could be something like `cluster.yoyo.com`) +* `` represents a distinguished name as a comma-delimited string (such as `"c=US, st=California, o=Yoyodyne, l=San Narciso, cn="`) +* `` represents optional subject alternative names to be added to the generated certificate (such as `"DNS:,DNS:node1.,DNS:node2."`). The format for subject alternative names is similar to the OpenSSL X509 configuration format. Supported tags are: ** `email` - email subject ** `URI` - uniformed resource identifier ** `RID` - registered id @@ -65,9 +66,9 @@ For Windows, use the `CertNew.cmd` script. where: -* `` represents a fully qualified common name (e.g. "", where could be something like cluster.yoyo.com) -* `` represents a distinguished name as a comma-delimited string (e.g. "c=US, st=California, o=Yoyodyne, l=San Narciso, cn=") -* `` represents optional subject alternative names to be added to the generated certificate (e.g. "DNS:,DNS:node1.,DNS:node2."). The format for subject alternative names is similar to the OpenSSL X509 configuration format. Supported tags are: +* `` represents a fully qualified common name (such as `""`, where `` could be something like `cluster.yoyo.com`) +* `` represents a distinguished name as a comma-delimited string (such as `"c=US, st=California, o=Yoyodyne, l=San Narciso, cn="`) +* `` represents optional subject alternative names to be added to the generated certificate (such as `"DNS:,DNS:node1.,DNS:node2."`). The format for subject alternative names is similar to the OpenSSL X509 configuration format. Supported tags are: ** `email` - email subject ** `URI` - uniformed resource identifier ** `RID` - registered id @@ -81,7 +82,7 @@ The `CertNew` scripts: * Create a new entry in the server keystore. * Use the hostname as the fully qualified domain name (FQDN) when creating the certificate. * Adds the specified subject alternative names if any. -* Use the Demo Certificate Authority to sign the certificate so that it will be trusted by the default configuration. +* Use the Demo Certificate Authority to sign the certificate so that it is trusted by the default configuration. To install a certificate signed by a different Certificate Authority, see <<{managing-prefix}managing_keystores,Managing Keystores>>. @@ -94,9 +95,9 @@ If the server's fully qualified domain name is not recognized, the name may need ==== Dealing with Lack of DNS -In some cases DNS may not be available and the system will need to be configured to work with IP addresses. +In some cases DNS may not be available, and the system needs to be configured to work with IP addresses. -Options can be given to the CertNew Scripts to generate certs that will work in this scenario. +Options can be given to the `CertNew` Scripts to generate certs that work in this scenario. .*NIX **** @@ -115,6 +116,7 @@ From ${home_directory}/etc/certs/ run: After this proceed to <<{quickstart-prefix}updating_settings_after_changing_certificates,Updating Settings After Changing Certificates>>, and be sure to use the IP address instead of the FQDN. === Creating Self-Signed Certificates +(((Self-Signed Certificates))) If using the Demo CA is not desired, ${branding} supports creating self-signed certificates with a self-signed certificate authority. This is considered an advanced configuration. @@ -148,11 +150,11 @@ The following steps demonstrate signing a certificate for the `tokenissuer` user . Sign the certificate by the CA. + `$> openssl ca -out tokenissuer.crt -infiles tokenissuer.req` -These certificates will be used during system configuration to replace the default certificates. +These certificates are used during system configuration to replace the default certificates. === Updating Settings After Changing Certificates -After changing the certificates it will be necessary to update the system user and the `org.codice.ddf.system.hostname` property with the value of either the FQDN or the IP. +After changing the certificates, it is necessary to update the system user and the `org.codice.ddf.system.hostname` property with the value of either the FQDN or the IP. FQDNs should be used wherever possible. In the absence of DNS, however, IP addresses can be used. @@ -164,4 +166,4 @@ On linux this can be accomplished with a single command: `sed -i 's/localhost//g' ${home_directory}/etc/users.* ${home_directory}/etc/custom.system.properties` ==== -Finally, restart the ${branding} instance. Navigate to the ${admin-console} to test changes. \ No newline at end of file +Finally, restart the ${branding} instance. Navigate to the ${admin-console} to test changes. diff --git a/distribution/docs/src/main/resources/content/_quickstart/quickstart-configuring.adoc b/distribution/docs/src/main/resources/content/_quickstart/quickstart-configuring.adoc index 35ab00799557..6ba642a19cd2 100644 --- a/distribution/docs/src/main/resources/content/_quickstart/quickstart-configuring.adoc +++ b/distribution/docs/src/main/resources/content/_quickstart/quickstart-configuring.adoc @@ -8,6 +8,7 @@ :order: 02 == Configuring (Quick Start) +(((Quick start configuration))) Set the configurations needed to run ${branding}. @@ -18,9 +19,9 @@ Set the configurations needed to run ${branding}. .. Click start to begin the setup process. .. Configure <<{managing-prefix}guest_interceptor,guest claims attributes>> or use defaults. ... See <<{managing-prefix}configuring_guest_access,Configuring Guest Access>> for more information about the Guest user. -... *All users will be automatically granted these permissions.* -... *Guest users will not be able to ingest data with more restrictive markings than the guest claims.* -... *Any data ingested that has more restrictive markings than these guest claims will not be visible to Guest users.* +... *All users are automatically granted these permissions.* +... *Guest users are not able to ingest data with more restrictive markings than the guest claims.* +... *Any data ingested that has more restrictive markings than these guest claims is not visible to Guest users.* .. Select *Standard Installation*. ... This step may take several minutes to complete. .. On the System Configuration page, configure any port or protocol changes desired and add any keystores/truststores needed. diff --git a/distribution/docs/src/main/resources/content/_quickstart/quickstart-installing.adoc b/distribution/docs/src/main/resources/content/_quickstart/quickstart-installing.adoc index ecedf7ca2ca0..155595d37034 100644 --- a/distribution/docs/src/main/resources/content/_quickstart/quickstart-installing.adoc +++ b/distribution/docs/src/main/resources/content/_quickstart/quickstart-installing.adoc @@ -13,17 +13,19 @@ These are the basic requirements to set up the environment to run a ${branding}. [WARNING] ==== -For security reasons, ${branding} cannot be started from a user's home directory. If attempted, the system will automatically shut down. +For security reasons, ${branding} cannot be started from a user's home directory. If attempted, the system automatically shuts down. ==== === Quick Install Prerequisites +(((Quick Install Prerequisites))) + .Hardware Requirements (Quick Install) -* At least 4096MB of memory for ${branding}. +* At least 4096 MB of memory for ${branding}. ** This amount can be increased to support memory-intensive applications. See <<{managing-prefix}jvm_memory_configuration, Memory Considerations>>. .Java Requirements (Quick Install) -Follow the instructions outlined here: <<{managing-prefix}java_requirements, Java Requirements>>. +Follow the instructions outlined in <<{managing-prefix}java_requirements, Java Requirements>>. .Check System Time [WARNING] @@ -32,6 +34,7 @@ Prior to installing ${branding}, ensure the system time is accurate to prevent f ==== === Quick Install of SolrCloud +(((Quick Install of SolrCloud))) . Download a preconfigured Solr distribution http://artifacts.codice.org/service/local/repositories/releases/content/ddf/solr-distro/${ddf.version}/solr-distro-${ddf.version}-assembly.zip[zip file] {external-link}. . Unzip the Solr zip file. @@ -42,8 +45,9 @@ Prior to installing ${branding}, ensure the system time is accurate to prevent f .. Press enter for all other prompts to accept defaults. === Quick Install of ${branding} +(((Quick Install of ${branding}))) -WARNING: The ${branding} installation will not succeed unless SolrCloud is running. +WARNING: The ${branding} installation cannot succeed unless SolrCloud is running. See <<_quick_install_of_solrcloud>> for instructions. . Download the ${branding} {download-url}[zip file] {external-link}. @@ -56,7 +60,7 @@ The Windows Zip implementation, which is invoked when a user double-clicks on a This is a consequence of its inability to process long file paths. Instead, use the java jar command line utility to unzip the distribution (see example below) or use a third party utility such as 7-Zip. -Note: If and only if a JDK is installed, the jar command may be used; otherwise, another archiving utility that does not have issue with long paths should be installed +NOTE: If and only if a JDK is installed, the jar command may be used; otherwise, another archiving utility that does not have issue with long paths should be installed .Use Java to Unzip in Windows(Replace `` with correct path `and ` with current version.) ---- @@ -64,14 +68,14 @@ Note: If and only if a JDK is installed, the jar command may be used; otherwise, ---- ==== + -. This will create an installation directory, which is typically created with the name and version of the application. -This installation directory will be referred to as `${home_directory}`. +. This creates an installation directory, which is typically created with the name and version of the application. +This installation directory is referred to as `${home_directory}`. (Substitute the actual directory name.) . Edit `${home_directory}/etc/custom.system.properties` and update `solr.cloud.zookeeper=localhost:2181` to `solr.cloud.zookeeper=localhost:9994` . Start ${branding} by running the `${home_directory}/bin/${branding-lowercase}` script (or `${branding-lowercase}.bat` on Windows). . Startup may take a few minutes. .. Optionally, a `system:wait-for-ready` command (aliased to `wfr`) can be used to wait for startup to complete. -. The ${command-console} will display. +. The ${command-console} displays. .${command-console} Prompt ---- @@ -80,8 +84,9 @@ ${branding-lowercase}${at-symbol}local> ---- === Quick Install of ${branding} on a remote headless server +(((Quick Install of ${branding} on a remote headless server))) -If ${branding} is being installed on a remote server that has no user interface, the hostname will need to be updated in the configuration files and certificates. +If ${branding} is being installed on a remote server that has no user interface, the hostname must be updated in the configuration files and certificates. [NOTE] ==== @@ -91,7 +96,7 @@ Do not replace _all_ instances of `localhost`, only those specified. .Configuring with a new hostname . Update the ${home_directory}/etc/custom.system.properties file. The entry `org.codice.ddf.system.hostname=localhost` should be updated to `org.codice.ddf.system.hostname=`. . Update the ${home_directory}/etc/users.properties file. Change the `localhost=localhost[...]` entry to =. (Keep the rest of the line as is.) -. Update the ${home_directory}/etc/users.attributes file. Change the "localhost" entry to "". +. Update the ${home_directory}/etc/users.attributes file. Change the `"localhost"` entry to `""`. . From the console go to ${home_directory}/etc/certs and run the appropriate script. .. *NIX: `sh CertNew.sh -cn -san "DNS:"`. .. Windows: `CertNew -cn -san "DNS:"`. @@ -99,8 +104,8 @@ Do not replace _all_ instances of `localhost`, only those specified. .Configuring with an IP address . Update the ${home_directory}/etc/custom.system.properties file. The entry `org.codice.ddf.system.hostname=localhost` should be updated to `org.codice.ddf.system.hostname=`. -. Update the ${home_directory}/etc/users.properties file. Change the `localhost=localhost[...]` entry to =. (Keep the rest of the line as is.) -. Update the ${home_directory}/etc/users.attributes file. Change the "localhost" entry to "". +. Update the ${home_directory}/etc/users.properties file. Change the `localhost=localhost[...]` entry to `=`. (Keep the rest of the line as is.) +. Update the ${home_directory}/etc/users.attributes file. Change the `"localhost"` entry to `""`. . From the console go to ${home_directory}/etc/certs and run the appropriate script. .. *NIX: `sh CertNew.sh -cn -san "IP:"`. .. Windows: `CertNew -cn -san "IP:"`. @@ -123,4 +128,4 @@ fs.file-max = 6815744 ---- init 6 ---- -==== \ No newline at end of file +==== diff --git a/distribution/docs/src/main/resources/content/_quickstart/quickstart-intro.adoc b/distribution/docs/src/main/resources/content/_quickstart/quickstart-intro.adoc index bdaf8cd13f65..9f7d906a0b40 100644 --- a/distribution/docs/src/main/resources/content/_quickstart/quickstart-intro.adoc +++ b/distribution/docs/src/main/resources/content/_quickstart/quickstart-intro.adoc @@ -9,7 +9,7 @@ == {title} -This quick tutorial will enable install, configuring and using a basic instance of ${branding}. +(((Quick start guide)))This quick tutorial enables installation, configuration, and usage of a basic instance of ${branding}. [NOTE] ==== @@ -17,7 +17,7 @@ This tutorial is intended for setting up a test, demonstration, or trial install For complete installation and configuration steps, see <<{managing-prefix}installing,Installing>>. ==== -These steps will demonstrate: +These steps demonstrate: - [*] <<{quickstart-prefix}quick_install_prerequisites,Prerequisites>>. - [*] <<{quickstart-prefix}quick_install_of_solrcloud,Quick Install of SolrCloud>>. diff --git a/distribution/docs/src/main/resources/content/_reference/_appReferences/mg-admin.adoc b/distribution/docs/src/main/resources/content/_reference/_appReferences/mg-admin.adoc index fdd44d12f8be..9fb7f207db97 100644 --- a/distribution/docs/src/main/resources/content/_reference/_appReferences/mg-admin.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_appReferences/mg-admin.adoc @@ -5,6 +5,7 @@ :order: 01 == {title} Application Reference +((({title}))) The ${ddf-admin} Application contains components that are integral for the configuration of ${branding} applications. It contains various services and interfaces that allow administrators control over their systems and enhances administrative capabilities. diff --git a/distribution/docs/src/main/resources/content/_reference/_appReferences/mg-catalog.adoc b/distribution/docs/src/main/resources/content/_reference/_appReferences/mg-catalog.adoc index b422b40727c1..8f8015b32fad 100644 --- a/distribution/docs/src/main/resources/content/_reference/_appReferences/mg-catalog.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_appReferences/mg-catalog.adoc @@ -5,6 +5,7 @@ :order: 03 == {title} Application Reference +((({title}))) The ${ddf-catalog} provides a framework for storing, searching, processing, and transforming information. diff --git a/distribution/docs/src/main/resources/content/_reference/_appReferences/mg-platform.adoc b/distribution/docs/src/main/resources/content/_reference/_appReferences/mg-platform.adoc index 217ab124c119..4a5dcc3b1860 100644 --- a/distribution/docs/src/main/resources/content/_reference/_appReferences/mg-platform.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_appReferences/mg-platform.adoc @@ -5,6 +5,7 @@ :order: 06 == {title} Application Reference +((({title}))) The ${ddf-platform} application is considered to be a core application of the distribution. The Platform application provides the fundamental building blocks that the distribution needs to run. diff --git a/distribution/docs/src/main/resources/content/_reference/_appReferences/mg-security.adoc b/distribution/docs/src/main/resources/content/_reference/_appReferences/mg-security.adoc index 8fa76c3b336e..582581541051 100644 --- a/distribution/docs/src/main/resources/content/_reference/_appReferences/mg-security.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_appReferences/mg-security.adoc @@ -5,6 +5,7 @@ :order: 09 == {title} Application Reference +((({title}))) The Security application provides authentication, authorization, and auditing services for the ${branding}. These services comprise both a framework that developers and integrators can extend as well as a reference implementation that meets security requirements. diff --git a/distribution/docs/src/main/resources/content/_reference/_appReferences/mg-solr.adoc b/distribution/docs/src/main/resources/content/_reference/_appReferences/mg-solr.adoc index eec2339718c5..f9861e790648 100644 --- a/distribution/docs/src/main/resources/content/_reference/_appReferences/mg-solr.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_appReferences/mg-solr.adoc @@ -5,6 +5,7 @@ :order: 10 == {title} Application Reference +((({title}))) {branding} uses http://lucene.apache.org/solr/[Solr] for data storage, by default. diff --git a/distribution/docs/src/main/resources/content/_reference/_appReferences/mg-spatial.adoc b/distribution/docs/src/main/resources/content/_reference/_appReferences/mg-spatial.adoc index 53760833ad6b..a1c3e02eb219 100644 --- a/distribution/docs/src/main/resources/content/_reference/_appReferences/mg-spatial.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_appReferences/mg-spatial.adoc @@ -5,6 +5,7 @@ :order: 11 == {title} Application Reference +((({title}))) The ${ddf-spatial} Application provides KML transformer and a KML network link endpoint that allows a user to generate a View-based KML Query Results Network Link. @@ -13,7 +14,7 @@ The ${ddf-spatial} Application provides KML transformer and a KML network link e In the ${ddf-spatial} Application, the `offline-gazetteer` is installed by default. This feature enables you to use an offline source of GeoNames data (as an alternative to the GeoNames Web service enabled by the `webservice-gazetteer` feature) to perform searches via the gazetteer search box in the Search UI. -Installing the `offline-gazetteer-index` feature will provide a small set of GeoNames data to use with the offline gazetteer. The GeoNames data is stored as metacards in the core catalog and are tagged with `geonames` and `gazetteer`. This collection of GeoNames metacards can be expanded or updated by using the `gazetteer:update` command. +Installing the `offline-gazetteer-index` feature provides a small set of GeoNames data to use with the offline gazetteer. The GeoNames data is stored as metacards in the core catalog and are tagged with `geonames` and `gazetteer`. This collection of GeoNames metacards can be expanded or updated by using the `gazetteer:update` command. ==== ${ddf-spatial} Gazetteer Console Commands @@ -30,12 +31,12 @@ The `gazetteer` commands provide the ability to interact with the local GeoNames The resource argument can be one of three types: -* a local file path to a `.txt`, `.zip`, or `.geo.json` GeoNames data file. If a path to a file ends in .geo.json, it will processed as a geoJSON feature collection and imported as supplementary shape data for GeoNames entries. +* a local file path to a `.txt`, `.zip`, or `.geo.json` GeoNames data file. If a path to a file ends in .geo.json, it is processed as a geoJSON feature collection and imported as supplementary shape data for GeoNames entries. * a URL to a `.txt` or `.zip` GeoNames data file. GeoJSON URLs are not supported. * a keyword to automatically process a GeoNames file from from http://download.geonames.org/export/dump. Valid keywords include - ** a country code, which will add the country as GeoNames metacards in the core catalog. The full list of country codes available can be found in http://download.geonames.org/export/dump/countryInfo.txt. - ** `cities1000`, `cities5000`, and `cities15000`, which will add cities to the index that have at least 1000, 5000, or 15000 people, respectively. - ** `all`, which will download all of the current country codes. This process may take some time. + ** a country code, which adds the country as GeoNames metacards in the core catalog. The full list of country codes available can be found in http://download.geonames.org/export/dump/countryInfo.txt. + ** `cities1000`, `cities5000`, and `cities15000`, which adds cities to the index that have at least 1000, 5000, or 15000 people, respectively. + ** `all`, which downloads all of the current country codes. This process may take some time. The `-c` or `--create` flag can be used to clear out the existing gazetteer metacards before adding new entries. @@ -58,27 +59,27 @@ much quicker than for the entire catalog collection. ==== Installing Standalone Solr Offline Gazetteer The Standalone Solr Offline Gazetteer is not installed by default but can be installed by running -`feature:install catalog-solr-offline-gazetteer`. This will install: +`feature:install catalog-solr-offline-gazetteer`. This installs: * The plugin that intercepts gazetteer metacard creates/updates/deletes to the catalog collection (and stores them in the standalone solr gazetteer collection) * The gazetteer query service which registers the Query component that responds to requests from the UI gazetteer search box -* The `offline-solr-gazetteer:removeall` command which will delete all records in the gazetteer +* The `offline-solr-gazetteer:removeall` command which deletes all records in the gazetteer collection. -* The `offline-solr-gazetteer:synccatalog` command which will sync with the catalog and update all +* The `offline-solr-gazetteer:synccatalog` command which syncs with the catalog and updates all records in the gazetteer collection to reflect it (or add them if they are not yet created) ==== Special Note Regarding Installation If the Spatial Geocoding Offline Catalog bundle and the bundle using the Gazetteer query service -(for example, Intrigue) are both already running, you will need to restart the bundles consuming the service +(for example, Intrigue) are both already running, you must restart the bundles consuming the service (for example, Intrigue) in order to pick up the correct one. ==== Building the suggester index on Standalone Solr Offline Gazetteer -The suggester index will be built when any of the other methods of building the catalog gazetteer +The suggester index is built when any of the other methods of building the catalog gazetteer are run, along with on initial install. So you can run `gazetteer:build-suggester-index` or `offline-solr-gazetteer:build-suggester-index` to build the suggester. diff --git a/distribution/docs/src/main/resources/content/_reference/_appReferences/mg-ui.adoc b/distribution/docs/src/main/resources/content/_reference/_appReferences/mg-ui.adoc index af9e10501a9e..dd33a608f922 100644 --- a/distribution/docs/src/main/resources/content/_reference/_appReferences/mg-ui.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_appReferences/mg-ui.adoc @@ -5,6 +5,7 @@ :order: 12 == {title} Application Reference +((({title}))) The Search UI is a user interface that enables users to search a catalog and associated sites for content and metadata. @@ -15,7 +16,7 @@ To use the ${ddf-ui} application, the following applications/features must be in * ${ddf-platform} * ${ddf-catalog} -=== Installing ${ddf-ui} +=== Installing ${ddf-ui} Install the ${ddf-ui} application through the ${admin-console}. diff --git a/distribution/docs/src/main/resources/content/_reference/_dependencyList/ddf-dependency-list.adoc b/distribution/docs/src/main/resources/content/_reference/_dependencyList/ddf-dependency-list.adoc index be25165e2084..0def906cdbbe 100644 --- a/distribution/docs/src/main/resources/content/_reference/_dependencyList/ddf-dependency-list.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_dependencyList/ddf-dependency-list.adoc @@ -1,345 +1,311 @@ -:title: Dependency List +:title: Java Dependency List :type: reference :status: published :parent: ${ddf-branding} Dependency List :order: 00 -:summary: ${ddf-branding} ${project.version} Dependency List. +:summary: ${ddf-branding} ${project.version} Dependency List == {summary} -* c3p0:c3p0:jar:0.9.1.1 -* ca.juliusdavies:not-yet-commons-ssl:jar:0.3.11 -* ch.qos.logback:logback-access:jar:1.2.3 -* ch.qos.logback:logback-classic:jar:1.2.3 -* ch.qos.logback:logback-core:jar:1.2.3 -* com.auth0:java-jwt:jar:3.8.1 -* com.codahale.metrics:metrics-core:jar:3.0.1 -* com.connexta.arbitro:arbitro-core:jar:1.0.0 -* com.fasterxml.jackson.core:jackson-annotations:jar:2.9.8 -* com.fasterxml.jackson.core:jackson-core:jar:2.9.8 -* com.fasterxml.jackson.core:jackson-databind:jar:2.9.8 -* com.fasterxml.woodstox:woodstox-core:jar:5.3.0 -* com.github.drapostolos:type-parser:jar:0.5.0 -* com.github.jai-imageio:jai-imageio-core:jar:1.3.1 -* com.github.jai-imageio:jai-imageio-jpeg2000:jar:1.3.1_CODICE_3 -* com.github.jknack:handlebars:jar:2.0.0 -* com.github.lookfirst:sardine:jar:5.7 -* com.google.code.gson:gson:jar:2.8.5 -* com.google.crypto.tink:tink:jar:1.2.2 -* com.google.guava:guava:jar:25.1-jre -* com.google.http-client:google-http-client:jar:1.22.0 -* com.google.protobuf:protobuf-java:jar:3.6.1 -* com.googlecode.json-simple:json-simple:jar:1.1.1 -* com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer:jar:20171016.1 -* com.hazelcast:hazelcast:jar:3.2.1 -* com.jayway.restassured:rest-assured:jar:2.9.0 -* com.jhlabs:filters:jar:2.0.235-1 -* com.nimbusds:lang-tag:jar:1.4.4 -* com.nimbusds:nimbus-jose-jwt:jar:6.5 -* com.nimbusds:oauth2-oidc-sdk:jar:6.5 -* com.rometools:rome-utils:jar:1.9.0 -* com.rometools:rome:jar:1.9.0 -* com.sparkjava:spark-core:jar:2.5.5 -* com.sun.xml.bind:jaxb-core:jar:2.2.11 -* com.sun.xml.bind:jaxb-impl:jar:2.2.11 -* com.thoughtworks.xstream:xstream:jar:1.4.9 -* com.unboundid:unboundid-ldapsdk:jar:3.2.1 -* com.vividsolutions:jts-core:jar:1.14.0 -* com.vividsolutions:jts-io:jar:1.14.0 -* com.xebialabs.restito:restito:jar:0.8.2 -* com.zensols.jrtf:tutego.jrtf:jar:0.1.0 -* commons-beanutils:commons-beanutils:jar:1.9.4 -* commons-codec:commons-codec:jar:1.12 -* commons-collections:commons-collections:jar:3.2.2 -* commons-configuration:commons-configuration:jar:1.10 -* commons-digester:commons-digester:jar:1.8.1 -* commons-fileupload:commons-fileupload:jar:1.3.3 -* commons-io:commons-io:jar:2.1 -* commons-io:commons-io:jar:2.4 -* commons-io:commons-io:jar:2.6 -* commons-lang:commons-lang:jar:2.6 -* commons-logging:commons-logging:jar:1.2 -* commons-net:commons-net:jar:3.5 -* commons-validator:commons-validator:jar:1.6 -* de.micromata.jak:JavaAPIforKml:jar:2.2.0 -* de.micromata.jak:JavaAPIforKml:jar:2.2.1_CODICE_1 -* io.dropwizard.metrics:metrics-core:jar:3.2.6 -* io.sgr:s2-geometry-library-java:jar:1.0.0 -* javax.annotation:javax.annotation-api:jar:1.2 -* javax.inject:javax.inject:jar:1 -* javax.mail:javax.mail-api:jar:1.6.2 -* javax.servlet:javax.servlet-api:jar:3.1.0 -* javax.servlet:servlet-api:jar:2.5 -* javax.validation:validation-api:jar:1.1.0.Final -* javax.ws.rs:javax.ws.rs-api:jar:2.1 -* javax.xml.bind:jaxb-api:jar:2.2.11 -* joda-time:joda-time:jar:2.10.3 -* junit:junit:jar:4.12 -* log4j:log4j:jar:1.2.17 -* net.jodah:failsafe:jar:0.9.3 -* net.jodah:failsafe:jar:0.9.5 -* net.jodah:failsafe:jar:1.0.0 -* net.minidev:accessors-smart:jar:1.2 -* net.minidev:asm:jar:1.0.2 -* net.minidev:json-smart:jar:2.3 -* net.sf.saxon:Saxon-HE:jar:9.5.1-3 -* net.sf.saxon:Saxon-HE:jar:9.6.0-4 -* org.antlr:antlr4-runtime:jar:4.3 -* org.apache.abdera:abdera-extensions-geo:jar:1.1.3 -* org.apache.abdera:abdera-extensions-opensearch:jar:1.1.3 -* org.apache.ant:ant-launcher:jar:1.9.7 -* org.apache.ant:ant:jar:1.9.7 -* org.apache.aries.jmx:org.apache.aries.jmx.api:jar:1.1.5 -* org.apache.aries.jmx:org.apache.aries.jmx.core:jar:1.1.8 -* org.apache.aries.proxy:org.apache.aries.proxy:jar:1.1.4 -* org.apache.aries:org.apache.aries.util:jar:1.1.3 -* org.apache.camel:camel-aws:jar:2.24.2 -* org.apache.camel:camel-blueprint:jar:2.24.2 -* org.apache.camel:camel-context:jar:2.24.2 -* org.apache.camel:camel-core-osgi:jar:2.24.2 -* org.apache.camel:camel-core:jar:2.24.2 -* org.apache.camel:camel-http-common:jar:2.24.2 -* org.apache.camel:camel-http4:jar:2.24.2 -* org.apache.camel:camel-http:jar:2.24.2 -* org.apache.camel:camel-quartz:jar:2.24.2 -* org.apache.camel:camel-saxon:jar:2.24.2 -* org.apache.camel:camel-servlet:jar:2.24.2 -* org.apache.commons:commons-collections4:jar:4.1 -* org.apache.commons:commons-compress:jar:1.18 -* org.apache.commons:commons-csv:jar:1.4 -* org.apache.commons:commons-exec:jar:1.3 -* org.apache.commons:commons-lang3:jar:3.0 -* org.apache.commons:commons-lang3:jar:3.3.2 -* org.apache.commons:commons-lang3:jar:3.4 -* org.apache.commons:commons-lang3:jar:3.9 -* org.apache.commons:commons-math3:jar:3.6.1 -* org.apache.commons:commons-math:jar:2.2 -* org.apache.commons:commons-pool2:jar:2.5.0 -* org.apache.commons:commons-text:jar:1.6 -* org.apache.cxf:cxf-core:jar:3.2.9 -* org.apache.cxf:cxf-rt-frontend-jaxrs:jar:3.2.9 -* org.apache.cxf:cxf-rt-frontend-jaxws:jar:3.2.9 -* org.apache.cxf:cxf-rt-rs-client:jar:3.2.9 -* org.apache.cxf:cxf-rt-rs-security-jose-jaxrs:jar:3.2.9 -* org.apache.cxf:cxf-rt-rs-security-jose:jar:3.2.9 -* org.apache.cxf:cxf-rt-rs-security-sso-saml:jar:3.2.9 -* org.apache.cxf:cxf-rt-rs-security-xml:jar:3.2.9 -* org.apache.cxf:cxf-rt-transports-http:jar:3.2.9 -* org.apache.cxf:cxf-rt-ws-policy:jar:3.2.9 -* org.apache.cxf:cxf-rt-ws-security:jar:3.2.9 -* org.apache.felix:org.apache.felix.configadmin:jar:1.9.14 -* org.apache.felix:org.apache.felix.fileinstall:jar:3.6.4 -* org.apache.felix:org.apache.felix.framework:jar:5.6.12 -* org.apache.felix:org.apache.felix.scr:jar:2.0.14 -* org.apache.felix:org.apache.felix.utils:jar:1.11.2 -* org.apache.ftpserver:ftplet-api:jar:1.0.6 -* org.apache.ftpserver:ftpserver-core:jar:1.0.6 -* org.apache.httpcomponents:httpclient:jar:4.5.3 -* org.apache.httpcomponents:httpclient:jar:4.5.6 -* org.apache.httpcomponents:httpcore:jar:4.4.10 -* org.apache.httpcomponents:httpmime:jar:4.5.3 -* org.apache.httpcomponents:httpmime:jar:4.5.6 -* org.apache.karaf.bundle:org.apache.karaf.bundle.core:jar:4.2.6 -* org.apache.karaf.features:org.apache.karaf.features.core:jar:4.2.6 -* org.apache.karaf.features:standard:xml:features:4.2.6 -* org.apache.karaf.itests:common:jar:4.2.6 -* org.apache.karaf.jaas:org.apache.karaf.jaas.boot:jar:4.2.6 -* org.apache.karaf.jaas:org.apache.karaf.jaas.config:jar:4.2.6 -* org.apache.karaf.jaas:org.apache.karaf.jaas.modules:jar:4.2.6 -* org.apache.karaf.log:org.apache.karaf.log.core:jar:4.2.6 -* org.apache.karaf.shell:org.apache.karaf.shell.console:jar:4.2.6 -* org.apache.karaf.shell:org.apache.karaf.shell.core:jar:4.2.6 -* org.apache.karaf.system:org.apache.karaf.system.core:jar:4.2.6 -* org.apache.karaf:apache-karaf:tar.gz:4.2.6 -* org.apache.karaf:apache-karaf:zip:4.2.6 -* org.apache.karaf:org.apache.karaf.util:jar:4.2.6 -* org.apache.logging.log4j:log4j-1.2-api:jar:2.11.0 -* org.apache.logging.log4j:log4j-api:jar:2.11.0 -* org.apache.logging.log4j:log4j-api:jar:2.8.2 -* org.apache.logging.log4j:log4j-core:jar:2.11.0 -* org.apache.logging.log4j:log4j-slf4j-impl:jar:2.11.0 -* org.apache.lucene:lucene-analyzers-common:jar:7.7.2 -* org.apache.lucene:lucene-core:jar:3.0.2 -* org.apache.lucene:lucene-core:jar:7.7.2 -* org.apache.lucene:lucene-queries:jar:7.7.2 -* org.apache.lucene:lucene-queryparser:jar:7.7.2 -* org.apache.lucene:lucene-sandbox:jar:7.7.2 -* org.apache.lucene:lucene-spatial-extras:jar:7.7.2 -* org.apache.lucene:lucene-spatial3d:jar:7.7.2 -* org.apache.lucene:lucene-spatial:jar:7.7.2 -* org.apache.mina:mina-core:jar:2.0.6 -* org.apache.pdfbox:fontbox:jar:2.0.11 -* org.apache.pdfbox:pdfbox-tools:jar:2.0.11 -* org.apache.pdfbox:pdfbox:jar:2.0.11 -* org.apache.poi:poi-ooxml:jar:3.17 -* org.apache.poi:poi-scratchpad:jar:3.17 -* org.apache.poi:poi:jar:3.17 -* org.apache.servicemix.bundles:org.apache.servicemix.bundles.poi:jar:3.17_1 -* org.apache.servicemix.specs:org.apache.servicemix.specs.jsr339-api-2.0:jar:2.6.0 -* org.apache.shiro:shiro-core:jar:1.4.0 -* org.apache.solr:solr-core:jar:7.7.2 -* org.apache.solr:solr-solrj:jar:7.7.2 -* org.apache.tika:tika-core:jar:1.18 -* org.apache.tika:tika-parsers:jar:1.18 -* org.apache.ws.commons.axiom:axiom-api:jar:1.2.14 -* org.apache.ws.xmlschema:xmlschema-core:jar:2.2.2 -* org.apache.ws.xmlschema:xmlschema-core:jar:2.2.3 -* org.apache.wss4j:wss4j-bindings:jar:2.2.3 -* org.apache.wss4j:wss4j-policy:jar:2.2.3 -* org.apache.wss4j:wss4j-ws-security-common:jar:2.2.3 -* org.apache.wss4j:wss4j-ws-security-dom:jar:2.2.3 -* org.apache.wss4j:wss4j-ws-security-policy-stax:jar:2.2.3 -* org.apache.wss4j:wss4j-ws-security-stax:jar:2.2.3 -* org.apache.zookeeper:zookeeper:jar:3.4.14 -* org.asciidoctor:asciidoctorj-diagram:jar:1.5.4.1 -* org.asciidoctor:asciidoctorj:jar:1.5.6 -* org.assertj:assertj-core:jar:2.1.0 -* org.awaitility:awaitility:jar:3.1.5 -* org.bouncycastle:bcmail-jdk15on:jar:1.61 -* org.bouncycastle:bcpkix-jdk15on:jar:1.61 -* org.bouncycastle:bcprov-jdk15on:jar:1.61 -* org.codehaus.woodstox:stax2-api:jar:4.2 -* org.codice.acdebugger:acdebugger-api:jar:1.7 -* org.codice.acdebugger:acdebugger-backdoor:jar:1.7 -* org.codice.countrycode:converter:jar:0.1.8 -* org.codice.httpproxy:proxy-camel-route:jar:2.21.0-SNAPSHOT -* org.codice.httpproxy:proxy-camel-servlet:jar:2.21.0-SNAPSHOT -* org.codice.opendj.embedded:opendj-embedded-app:xml:features:1.3.3 -* org.codice.pro-grade:pro-grade:jar:1.1.3 -* org.codice.thirdparty:commons-httpclient:jar:3.1.0_1 -* org.codice.thirdparty:ffmpeg:zip:bin:4.0_2 -* org.codice.thirdparty:geotools-suite:jar:19.1_2 -* org.codice.thirdparty:gt-opengis:jar:19.1_1 -* org.codice.thirdparty:jts:jar:1.14.0_1 -* org.codice.thirdparty:lucene-core:jar:3.0.2_1 -* org.codice.thirdparty:ogc-filter-v_1_1_0-schema:jar:1.1.0_5 -* org.codice.thirdparty:picocontainer:jar:1.3_1 -* org.codice.thirdparty:tika-bundle:jar:1.18.0_5 -* org.codice.usng4j:usng4j-api:jar:0.4 -* org.codice.usng4j:usng4j-impl:jar:0.4 -* org.codice:lux:jar:1.2 -* org.cryptomator:siv-mode:jar:1.2.2 -* org.eclipse.jetty:jetty-http:jar:9.4.18.v20190429 -* org.eclipse.jetty:jetty-security:jar:9.4.18.v20190429 -* org.eclipse.jetty:jetty-server:jar:9.4.18.v20190429 -* org.eclipse.jetty:jetty-servlet:jar:9.4.18.v20190429 -* org.eclipse.jetty:jetty-servlets:jar:9.2.19.v20160908 -* org.eclipse.jetty:jetty-util:jar:9.4.18.v20190429 -* org.eclipse.platform:org.eclipse.osgi:jar:3.13.0 -* org.forgerock.commons:forgerock-util:jar:3.0.2 -* org.forgerock.commons:i18n-core:jar:1.4.2 -* org.forgerock.commons:i18n-slf4j:jar:1.4.2 -* org.forgerock.opendj:opendj-core:jar:3.0.0 -* org.forgerock.opendj:opendj-grizzly:jar:3.0.0 -* org.fusesource.jansi:jansi:jar:1.18 -* org.geotools.xsd:gt-xsd-gml3:jar:19.1 -* org.geotools:gt-cql:jar:19.1 -* org.geotools:gt-epsg-hsql:jar:19.1 -* org.geotools:gt-jts-wrapper:jar:19.1 -* org.geotools:gt-main:jar:19.1 -* org.geotools:gt-opengis:jar:19.1 -* org.geotools:gt-referencing:jar:19.1 -* org.geotools:gt-shapefile:jar:19.1 -* org.geotools:gt-xml:jar:19.1 -* org.glassfish.grizzly:grizzly-framework:jar:2.3.30 -* org.glassfish.grizzly:grizzly-http-server:jar:2.3.25 -* org.hamcrest:hamcrest-all:jar:1.3 -* org.hisrc.w3c:xlink-v_1_0:jar:1.4.0 -* org.hisrc.w3c:xmlschema-v_1_0:jar:1.4.0 -* org.imgscalr:imgscalr-lib:jar:4.2 -* org.jasypt:jasypt:jar:1.9.0 -* org.jasypt:jasypt:jar:1.9.2 -* org.jcodec:jcodec:jar:0.2.0_1 -* org.jdom:jdom2:jar:2.0.6 -* org.joda:joda-convert:jar:1.2 -* org.jolokia:jolokia-osgi:jar:1.2.3 -* org.jruby:jruby-complete:jar:9.0.4.0 -* org.jscience:jscience:jar:4.3.1 -* org.json:json:jar:20170516 -* org.jsoup:jsoup:jar:1.11.3 -* org.jvnet.jaxb2_commons:jaxb2-basics-runtime:jar:0.10.0 -* org.jvnet.jaxb2_commons:jaxb2-basics-runtime:jar:0.11.0 -* org.jvnet.jaxb2_commons:jaxb2-basics-runtime:jar:0.6.0 -* org.jvnet.ogc:filter-v_1_1_0:jar:2.6.1 -* org.jvnet.ogc:filter-v_2_0:jar:2.6.1 -* org.jvnet.ogc:filter-v_2_0_0-schema:jar:1.1.0 -* org.jvnet.ogc:gml-v_3_1_1-schema:jar:1.1.0 -* org.jvnet.ogc:gml-v_3_1_1:jar:2.6.1 -* org.jvnet.ogc:gml-v_3_2_1-schema:jar:1.1.0 -* org.jvnet.ogc:gml-v_3_2_1:pom:1.1.0 -* org.jvnet.ogc:ogc-tools-gml-jts:jar:1.0.3 -* org.jvnet.ogc:ows-v_1_0_0-schema:jar:1.1.0 -* org.jvnet.ogc:ows-v_1_0_0:jar:2.6.1 -* org.jvnet.ogc:ows-v_1_1_0-schema:jar:1.1.0 -* org.jvnet.ogc:ows-v_2_0:jar:2.6.1 -* org.jvnet.ogc:wcs-v_1_0_0-schema:jar:1.1.0 -* org.jvnet.ogc:wfs-v_1_1_0:jar:2.6.1 -* org.la4j:la4j:jar:0.6.0 -* org.locationtech.jts:jts-core:jar:1.15.0 -* org.locationtech.spatial4j:spatial4j:jar:0.6 -* org.locationtech.spatial4j:spatial4j:jar:0.7 -* org.mindrot:jbcrypt:jar:0.4 -* org.mockito:mockito-core:jar:1.10.19 -* org.objenesis:objenesis:jar:2.5.1 -* org.opensaml:opensaml-core:jar:3.3.0 -* org.opensaml:opensaml-messaging-api:jar:3.3.0 -* org.opensaml:opensaml-profile-api:jar:3.3.0 -* org.opensaml:opensaml-saml-api:jar:3.3.0 -* org.opensaml:opensaml-saml-impl:jar:3.3.0 -* org.opensaml:opensaml-security-api:jar:3.3.0 -* org.opensaml:opensaml-security-impl:jar:3.3.0 -* org.opensaml:opensaml-soap-api:jar:3.3.0 -* org.opensaml:opensaml-soap-impl:jar:3.3.0 -* org.opensaml:opensaml-storage-api:jar:3.3.0 -* org.opensaml:opensaml-xacml-api:jar:3.3.0 -* org.opensaml:opensaml-xacml-impl:jar:3.3.0 -* org.opensaml:opensaml-xacml-saml-api:jar:3.3.0 -* org.opensaml:opensaml-xacml-saml-impl:jar:3.3.0 -* org.opensaml:opensaml-xmlsec-api:jar:3.3.0 -* org.opensaml:opensaml-xmlsec-impl:jar:3.3.0 -* org.ops4j.pax.exam:pax-exam-container-karaf:jar:4.13.2.CODICE -* org.ops4j.pax.exam:pax-exam-features:xml:4.13.2.CODICE -* org.ops4j.pax.exam:pax-exam-junit4:jar:4.13.2.CODICE -* org.ops4j.pax.exam:pax-exam-link-mvn:jar:4.13.2.CODICE -* org.ops4j.pax.exam:pax-exam:jar:4.13.2.CODICE -* org.ops4j.pax.swissbox:pax-swissbox-extender:jar:1.8.2 -* org.ops4j.pax.tinybundles:tinybundles:jar:2.1.1 -* org.ops4j.pax.url:pax-url-aether:jar:2.4.5 -* org.ops4j.pax.url:pax-url-wrap:jar:2.4.5 -* org.ops4j.pax.web:pax-web-api:jar:7.2.11 -* org.ops4j.pax.web:pax-web-jsp:jar:7.2.11 -* org.osgi:org.osgi.compendium:jar:4.3.1 -* org.osgi:org.osgi.compendium:jar:5.0.0 -* org.osgi:org.osgi.core:jar:5.0.0 -* org.osgi:org.osgi.enterprise:jar:5.0.0 -* org.ow2.asm:asm-analysis:jar:6.2.1 -* org.ow2.asm:asm-tree:jar:6.2.1 -* org.ow2.asm:asm:jar:5.2 -* org.ow2.asm:asm:jar:6.2.1 -* org.pac4j:pac4j-core:jar:3.8.2 -* org.pac4j:pac4j-jwt:jar:3.8.2 -* org.pac4j:pac4j-oauth:jar:3.8.2 -* org.pac4j:pac4j-oidc:jar:3.8.2 -* org.parboiled:parboiled-core:jar:1.2.0 -* org.parboiled:parboiled-java:jar:1.2.0 -* org.quartz-scheduler:quartz-jobs:jar:2.2.3 -* org.quartz-scheduler:quartz:jar:2.1.7 -* org.quartz-scheduler:quartz:jar:2.2.3 -* org.rrd4j:rrd4j:jar:3.3.1 -* org.slf4j:jcl-over-slf4j:jar:1.7.24 -* org.slf4j:jul-to-slf4j:jar:1.7.24 -* org.slf4j:slf4j-api:jar:1.7.1 -* org.slf4j:slf4j-api:jar:1.7.24 -* org.slf4j:slf4j-ext:jar:1.7.1 -* org.slf4j:slf4j-log4j12:jar:1.7.24 -* org.slf4j:slf4j-simple:jar:1.7.1 -* org.springframework.ldap:spring-ldap-core:jar:2.3.2.RELEASE -* org.springframework.osgi:spring-osgi-core:jar:1.2.1 -* org.springframework:spring-core:jar:5.1.7.RELEASE -* org.taktik:mpegts-streamer:jar:0.1.0_2 -* org.xmlunit:xmlunit-matchers:jar:2.5.1 -* xalan:serializer:jar:2.7.2 -* xalan:xalan:jar:2.7.2 -* xerces:xercesImpl:jar:2.11.0 -* xerces:xercesImpl:jar:2.9.1 -* xml-apis:xml-apis:jar:1.4.01 -* xpp3:xpp3:jar:1.1.4c \ No newline at end of file +((({title}))) + +* `ca.juliusdavies:not-yet-commons-ssl:jar:0.3.11` +* `ch.qos.logback:logback-access:jar:1.2.3` +* `ch.qos.logback:logback-classic:jar:1.2.3` +* `ch.qos.logback:logback-core:jar:1.2.3` +* `com.connexta.arbitro:arbitro-core:jar:1.0.0` +* `com.fasterxml.jackson.core:jackson-annotations:jar:2.11.0` +* `com.fasterxml.jackson.core:jackson-core:jar:2.11.0` +* `com.fasterxml.jackson.core:jackson-databind:jar:2.11.0` +* `com.fasterxml.woodstox:woodstox-core:jar:6.2.1` +* `com.github.drapostolos:type-parser:jar:0.5.0` +* `com.github.jai-imageio:jai-imageio-core:jar:1.4.0` +* `com.github.jai-imageio:jai-imageio-jpeg2000:jar:1.3.1_CODICE_3` +* `com.github.jknack:handlebars:jar:2.0.0` +* `com.github.lookfirst:sardine:jar:5.7` +* `com.github.luben:zstd-jni:jar:1.4.5-4` +* `com.github.openjson:openjson:jar:1.0.12` +* `com.google.code.findbugs:jsr305:jar:3.0.2` +* `com.google.code.gson:gson:jar:2.8.5` +* `com.google.crypto.tink:tink:jar:1.4.0` +* `com.google.guava:guava:jar:29.0-jre` +* `com.google.http-client:google-http-client:jar:1.22.0` +* `com.google.protobuf:protobuf-java:jar:3.12.4` +* `com.googlecode.json-simple:json-simple:jar:1.1.1` +* `com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer:jar:20191001.1` +* `com.hazelcast:hazelcast:jar:3.12.10` +* `com.jayway.restassured:rest-assured:jar:2.9.0` +* `com.jhlabs:filters:jar:2.0.235-1` +* `com.mchange:c3p0:jar:0.9.5.5` +* `com.nimbusds:lang-tag:jar:1.4.4` +* `com.nimbusds:nimbus-jose-jwt:jar:8.14.1` +* `com.nimbusds:oauth2-oidc-sdk:jar:8.3` +* `com.rometools:rome-utils:jar:1.9.0` +* `com.rometools:rome:jar:1.9.0` +* `com.sparkjava:spark-core:jar:2.9.2` +* `com.thoughtworks.xstream:xstream:jar:1.4.11.1` +* `com.unboundid:unboundid-ldapsdk:jar:3.2.1` +* `com.xebialabs.restito:restito:jar:0.8.2` +* `com.zensols.jrtf:tutego.jrtf:jar:0.1.0` +* `commons-beanutils:commons-beanutils:jar:1.9.4` +* `commons-codec:commons-codec:jar:1.15` +* `commons-collections:commons-collections:jar:3.2.2` +* `commons-configuration:commons-configuration:jar:1.10` +* `commons-digester:commons-digester:jar:1.8.1` +* `commons-fileupload:commons-fileupload:jar:1.3.3` +* `commons-io:commons-io:jar:2.1` +* `commons-io:commons-io:jar:2.6` +* `commons-io:commons-io:jar:2.7` +* `commons-lang:commons-lang:jar:2.6` +* `commons-logging:commons-logging:jar:1.2` +* `commons-net:commons-net:jar:3.5` +* `commons-validator:commons-validator:jar:1.6` +* `de.micromata.jak:JavaAPIforKml:jar:2.2.0` +* `de.micromata.jak:JavaAPIforKml:jar:2.2.1_CODICE_1` +* `io.github.soc:ogc-tools-gml-jts:jar:1.1.90` +* `io.micrometer:micrometer-registry-prometheus:jar:1.5.1` +* `jakarta.activation:jakarta.activation-api:jar:1.2.1` +* `jakarta.mail:jakarta.mail-api:jar:1.6.5` +* `javax.activation:activation:jar:1.1.1` +* `javax.annotation:javax.annotation-api:jar:1.2` +* `javax.cache:cache-api:jar:1.1.1` +* `javax.inject:javax.inject:jar:1` +* `javax.measure:unit-api:jar:1.0` +* `javax.servlet:javax.servlet-api:jar:3.1.0` +* `javax.servlet:servlet-api:jar:2.5` +* `javax.validation:validation-api:jar:1.1.0.Final` +* `javax.ws.rs:javax.ws.rs-api:jar:2.1` +* `javax.xml.bind:jaxb-api:jar:2.2.11` +* `javax.xml.stream:stax-api:jar:1.0-2` +* `joda-time:joda-time:jar:2.10.6` +* `junit:junit:jar:4.12` +* `net.bytebuddy:byte-buddy-agent:jar:1.6.14` +* `net.bytebuddy:byte-buddy:jar:1.6.14` +* `net.jodah:failsafe:jar:0.9.3` +* `net.jodah:failsafe:jar:0.9.5` +* `net.jodah:failsafe:jar:1.0.0` +* `net.minidev:accessors-smart:jar:1.2` +* `net.minidev:asm:jar:1.0.2` +* `net.minidev:json-smart:jar:2.3` +* `net.sf.jwordnet:jwnl:jar:1.3.3` +* `net.sf.saxon:Saxon-HE:jar:9.6.0-4` +* `org.antlr:antlr4-runtime:jar:4.3` +* `org.apache.abdera:abdera-extensions-geo:jar:1.1.3` +* `org.apache.abdera:abdera-extensions-opensearch:jar:1.1.3` +* `org.apache.ant:ant-launcher:jar:1.9.7` +* `org.apache.ant:ant:jar:1.9.7` +* `org.apache.aries.jmx:org.apache.aries.jmx.api:jar:1.1.5` +* `org.apache.aries.jmx:org.apache.aries.jmx.core:jar:1.1.8` +* `org.apache.aries.proxy:org.apache.aries.proxy:jar:1.1.7` +* `org.apache.aries:org.apache.aries.util:jar:1.1.3` +* `org.apache.camel:camel-aws-s3:jar:3.4.0` +* `org.apache.camel:camel-core:jar:3.4.0` +* `org.apache.camel:camel-http-common:jar:3.4.0` +* `org.apache.camel:camel-servlet:jar:3.4.0` +* `org.apache.camel:camel-support:jar:3.4.0` +* `org.apache.commons:commons-collections4:jar:4.1` +* `org.apache.commons:commons-compress:jar:1.20` +* `org.apache.commons:commons-csv:jar:1.4` +* `org.apache.commons:commons-exec:jar:1.3` +* `org.apache.commons:commons-lang3:jar:3.0` +* `org.apache.commons:commons-lang3:jar:3.11` +* `org.apache.commons:commons-lang3:jar:3.3.2` +* `org.apache.commons:commons-lang3:jar:3.4` +* `org.apache.commons:commons-math3:jar:3.6.1` +* `org.apache.commons:commons-pool2:jar:2.5.0` +* `org.apache.commons:commons-text:jar:1.6` +* `org.apache.cxf:cxf-core:jar:3.4.0` +* `org.apache.cxf:cxf-rt-bindings-soap:jar:3.4.0` +* `org.apache.cxf:cxf-rt-features-logging:jar:3.4.0` +* `org.apache.cxf:cxf-rt-frontend-jaxrs:jar:3.4.0` +* `org.apache.cxf:cxf-rt-frontend-jaxws:jar:3.4.0` +* `org.apache.cxf:cxf-rt-rs-client:jar:3.4.0` +* `org.apache.cxf:cxf-rt-rs-security-jose-jaxrs:jar:3.4.0` +* `org.apache.cxf:cxf-rt-rs-security-jose:jar:3.4.0` +* `org.apache.cxf:cxf-rt-rs-security-oauth2:jar:3.4.0` +* `org.apache.cxf:cxf-rt-rs-security-sso-saml:jar:3.4.0` +* `org.apache.cxf:cxf-rt-rs-security-xml:jar:3.4.0` +* `org.apache.cxf:cxf-rt-transports-http:jar:3.4.0` +* `org.apache.cxf:cxf-rt-ws-security:jar:3.4.0` +* `org.apache.felix:org.apache.felix.configadmin:jar:1.9.16` +* `org.apache.felix:org.apache.felix.fileinstall:jar:3.6.6` +* `org.apache.felix:org.apache.felix.framework:jar:5.6.12` +* `org.apache.felix:org.apache.felix.scr:jar:2.0.14` +* `org.apache.felix:org.apache.felix.utils:jar:1.11.2` +* `org.apache.httpcomponents:httpclient:jar:4.5.10` +* `org.apache.httpcomponents:httpclient:jar:4.5.12` +* `org.apache.httpcomponents:httpcore:jar:4.4.12` +* `org.apache.httpcomponents:httpcore:jar:4.4.13` +* `org.apache.httpcomponents:httpmime:jar:4.5.10` +* `org.apache.karaf.bundle:org.apache.karaf.bundle.core:jar:4.2.9` +* `org.apache.karaf.features:enterprise:xml:features:4.2.9` +* `org.apache.karaf.features:org.apache.karaf.features.core:jar:4.2.9` +* `org.apache.karaf.features:standard:xml:features:4.2.9` +* `org.apache.karaf.itests:common:jar:4.2.9` +* `org.apache.karaf.jaas:org.apache.karaf.jaas.boot:jar:4.2.9` +* `org.apache.karaf.jaas:org.apache.karaf.jaas.config:jar:4.2.9` +* `org.apache.karaf.jaas:org.apache.karaf.jaas.modules:jar:4.2.9` +* `org.apache.karaf.log:org.apache.karaf.log.core:jar:4.2.9` +* `org.apache.karaf.shell:org.apache.karaf.shell.console:jar:4.2.9` +* `org.apache.karaf.shell:org.apache.karaf.shell.core:jar:4.2.9` +* `org.apache.karaf.system:org.apache.karaf.system.core:jar:4.2.9` +* `org.apache.karaf:apache-karaf:tar.gz:4.2.9` +* `org.apache.karaf:apache-karaf:zip:4.2.9` +* `org.apache.karaf:org.apache.karaf.util:jar:4.2.9` +* `org.apache.logging.log4j:log4j-1.2-api:jar:2.11.2` +* `org.apache.logging.log4j:log4j-api:jar:2.11.2` +* `org.apache.logging.log4j:log4j-api:jar:2.8.2` +* `org.apache.logging.log4j:log4j-core:jar:2.11.2` +* `org.apache.logging.log4j:log4j-slf4j-impl:jar:2.11.2` +* `org.apache.lucene:lucene-analyzers-common:jar:8.6.1` +* `org.apache.lucene:lucene-core:jar:3.0.2` +* `org.apache.lucene:lucene-core:jar:8.6.1` +* `org.apache.lucene:lucene-queryparser:jar:8.6.1` +* `org.apache.pdfbox:fontbox:jar:2.0.19` +* `org.apache.pdfbox:pdfbox-tools:jar:2.0.19` +* `org.apache.pdfbox:pdfbox:jar:2.0.19` +* `org.apache.poi:poi-ooxml-schemas:jar:4.1.2` +* `org.apache.poi:poi-ooxml:jar:4.1.2` +* `org.apache.poi:poi-scratchpad:jar:4.1.2` +* `org.apache.poi:poi:jar:4.1.2` +* `org.apache.servicemix.bundles:org.apache.servicemix.bundles.jaxb-runtime:jar:2.3.2_2` +* `org.apache.servicemix.bundles:org.apache.servicemix.bundles.jdom:jar:2.0.6_1` +* `org.apache.servicemix.bundles:org.apache.servicemix.bundles.poi:jar:4.1.2_1` +* `org.apache.servicemix.specs:org.apache.servicemix.specs.jaxb-api-2.3:jar:2.3_3` +* `org.apache.servicemix.specs:org.apache.servicemix.specs.jsr339-api-2.0:jar:2.6.0` +* `org.apache.shiro:shiro-core:jar:1.6.0` +* `org.apache.solr:solr-core:jar:8.6.1` +* `org.apache.solr:solr-solrj:jar:8.6.1` +* `org.apache.tika:tika-core:jar:1.24.1` +* `org.apache.tika:tika-parsers:jar:1.24.1` +* `org.apache.ws.commons.axiom:axiom-api:jar:1.2.14` +* `org.apache.ws.xmlschema:xmlschema-core:jar:2.2.3` +* `org.apache.wss4j:wss4j-ws-security-common:jar:2.3.0` +* `org.apache.wss4j:wss4j-ws-security-dom:jar:2.3.0` +* `org.apache.xmlbeans:xmlbeans:jar:3.1.0` +* `org.apache.zookeeper:zookeeper-jute:jar:3.5.7` +* `org.apache.zookeeper:zookeeper:jar:3.5.7` +* `org.assertj:assertj-core:jar:2.1.0` +* `org.awaitility:awaitility:jar:3.1.5` +* `org.bouncycastle:bcmail-jdk15on:jar:1.66` +* `org.bouncycastle:bcpkix-jdk15on:jar:1.66` +* `org.bouncycastle:bcprov-jdk15on:jar:1.66` +* `org.codehaus.woodstox:stax2-api:jar:4.2.1` +* `org.codice.acdebugger:acdebugger-api:jar:1.7` +* `org.codice.acdebugger:acdebugger-backdoor:jar:1.7` +* `org.codice.countrycode:converter:jar:0.1.8` +* `org.codice.opendj.embedded:opendj-embedded-app:xml:features:1.3.3` +* `org.codice.pro-grade:pro-grade:jar:1.1.3` +* `org.codice.thirdparty:commons-httpclient:jar:3.1.0_1` +* `org.codice.thirdparty:geotools-suite:jar:20.1_2` +* `org.codice.thirdparty:gt-opengis:jar:20.1_3` +* `org.codice.thirdparty:jts:jar:1.16.0_2` +* `org.codice.thirdparty:lucene-core:jar:3.0.2_1` +* `org.codice.thirdparty:ogc-filter-v_1_1_0-schema:jar:1.1.0_5` +* `org.codice.thirdparty:picocontainer:jar:1.3_1` +* `org.codice.thirdparty:tika-bundle:jar:1.24.1_1` +* `org.codice.usng4j:usng4j-api:jar:0.4` +* `org.codice.usng4j:usng4j-impl:jar:0.4` +* `org.cryptomator:siv-mode:jar:1.2.2` +* `org.eclipse.jetty.websocket:websocket-common:jar:9.4.28.v20200408` +* `org.eclipse.jetty.websocket:websocket-servlet:jar:9.4.28.v20200408` +* `org.eclipse.jetty:jetty-http:jar:9.4.28.v20200408` +* `org.eclipse.jetty:jetty-security:jar:9.4.28.v20200408` +* `org.eclipse.jetty:jetty-server:jar:9.4.28.v20200408` +* `org.eclipse.jetty:jetty-servlet:jar:9.4.28.v20200408` +* `org.eclipse.jetty:jetty-util:jar:9.4.28.v20200408` +* `org.eclipse.platform:org.eclipse.osgi:jar:3.13.0` +* `org.forgerock.commons:forgerock-util:jar:3.0.2` +* `org.forgerock.commons:i18n-core:jar:1.4.2` +* `org.forgerock.commons:i18n-slf4j:jar:1.4.2` +* `org.forgerock.opendj:opendj-core:jar:3.0.0` +* `org.forgerock.opendj:opendj-grizzly:jar:3.0.0` +* `org.fusesource.jansi:jansi:jar:1.18` +* `org.geotools.xsd:gt-xsd-gml3:jar:20.1` +* `org.geotools:gt-cql:jar:20.1` +* `org.geotools:gt-epsg-hsql:jar:20.1` +* `org.geotools:gt-jts-wrapper:jar:20.1` +* `org.geotools:gt-main:jar:20.1` +* `org.geotools:gt-opengis:jar:20.1` +* `org.geotools:gt-referencing:jar:20.1` +* `org.geotools:gt-shapefile:jar:20.1` +* `org.geotools:gt-xml:jar:20.1` +* `org.glassfish.grizzly:grizzly-framework:jar:2.3.30` +* `org.glassfish.grizzly:grizzly-http-server:jar:2.3.25` +* `org.glassfish.jaxb:jaxb-runtime:jar:2.3.3` +* `org.hamcrest:hamcrest-all:jar:1.3` +* `org.hisrc.w3c:xlink-v_1_0:jar:1.4.0` +* `org.imgscalr:imgscalr-lib:jar:4.2` +* `org.jasypt:jasypt:jar:1.9.3` +* `org.jcodec:jcodec:jar:0.2.0_1` +* `org.joda:joda-convert:jar:1.2` +* `org.jolokia:jolokia-osgi:jar:1.6.2` +* `org.json:json:jar:20170516` +* `org.jsoup:jsoup:jar:1.11.3` +* `org.jvnet.jaxb2_commons:jaxb2-basics-runtime:jar:0.10.0` +* `org.jvnet.jaxb2_commons:jaxb2-basics-runtime:jar:0.11.0` +* `org.jvnet.jaxb2_commons:jaxb2-basics-runtime:jar:0.6.0` +* `org.jvnet.ogc:filter-v_1_1_0:jar:2.6.1` +* `org.jvnet.ogc:filter-v_2_0_0-schema:jar:1.1.0` +* `org.jvnet.ogc:gml-v_3_1_1-schema:jar:1.1.0` +* `org.jvnet.ogc:gml-v_3_1_1:jar:2.6.1` +* `org.jvnet.ogc:gml-v_3_2_1-schema:jar:1.1.0` +* `org.jvnet.ogc:gml-v_3_2_1:pom:1.1.0` +* `org.jvnet.ogc:ows-v_1_0_0-schema:jar:1.1.0` +* `org.jvnet.ogc:ows-v_1_0_0:jar:2.6.1` +* `org.jvnet.ogc:ows-v_1_1_0-schema:jar:1.1.0` +* `org.jvnet.ogc:wcs-v_1_0_0-schema:jar:1.1.0` +* `org.jvnet.ogc:wfs-v_1_1_0:jar:2.6.1` +* `org.la4j:la4j:jar:0.6.0` +* `org.locationtech.jts:jts-core:jar:1.16.0` +* `org.locationtech.spatial4j:spatial4j:jar:0.7` +* `org.mindrot:jbcrypt:jar:0.4` +* `org.mockito:mockito-core:jar:2.8.47` +* `org.objenesis:objenesis:jar:2.6` +* `org.opengis:geoapi:jar:3.0.1` +* `org.opensaml:opensaml-core:jar:3.4.5` +* `org.opensaml:opensaml-soap-impl:jar:3.4.5` +* `org.opensaml:opensaml-xmlsec-api:jar:3.4.5` +* `org.opensaml:opensaml-xmlsec-impl:jar:3.4.5` +* `org.ops4j.pax.exam:pax-exam-container-karaf:jar:4.13.2.CODICE` +* `org.ops4j.pax.exam:pax-exam-features:xml:4.13.2.CODICE` +* `org.ops4j.pax.exam:pax-exam-junit4:jar:4.13.2.CODICE` +* `org.ops4j.pax.exam:pax-exam-link-mvn:jar:4.13.2.CODICE` +* `org.ops4j.pax.exam:pax-exam:jar:4.13.2.CODICE` +* `org.ops4j.pax.swissbox:pax-swissbox-extender:jar:1.8.2` +* `org.ops4j.pax.tinybundles:tinybundles:jar:2.1.1` +* `org.ops4j.pax.url:pax-url-aether:jar:2.4.5` +* `org.ops4j.pax.url:pax-url-wrap:jar:2.4.5` +* `org.ops4j.pax.web:pax-web-api:jar:7.2.16` +* `org.ops4j.pax.web:pax-web-jsp:jar:7.2.18` +* `org.osgi:org.osgi.compendium:jar:4.3.1` +* `org.osgi:org.osgi.compendium:jar:5.0.0` +* `org.osgi:org.osgi.core:jar:5.0.0` +* `org.osgi:org.osgi.enterprise:jar:5.0.0` +* `org.ow2.asm:asm-analysis:jar:7.1` +* `org.ow2.asm:asm-tree:jar:7.1` +* `org.ow2.asm:asm:jar:7.1` +* `org.ow2.asm:asm:jar:8.0.1` +* `org.pac4j:pac4j-core:jar:4.0.1` +* `org.pac4j:pac4j-jwt:jar:4.0.1` +* `org.pac4j:pac4j-oauth:jar:4.0.1` +* `org.pac4j:pac4j-oidc:jar:4.0.1` +* `org.parboiled:parboiled-core:jar:1.3.1` +* `org.parboiled:parboiled-java:jar:1.3.1` +* `org.quartz-scheduler:quartz:jar:2.3.2` +* `org.slf4j:jcl-over-slf4j:jar:1.7.24` +* `org.slf4j:jul-to-slf4j:jar:1.7.24` +* `org.slf4j:slf4j-api:jar:1.7.24` +* `org.slf4j:slf4j-api:jar:1.7.29` +* `org.slf4j:slf4j-ext:jar:1.7.29` +* `org.slf4j:slf4j-log4j12:jar:1.7.24` +* `org.slf4j:slf4j-simple:jar:1.7.29` +* `org.springframework.ldap:spring-ldap-core:jar:2.3.3.RELEASE` +* `org.springframework.osgi:spring-osgi-core:jar:1.2.1` +* `org.springframework:spring-core:jar:5.2.5.RELEASE` +* `org.taktik:mpegts-streamer:jar:0.1.0_2` +* `org.xmlunit:xmlunit-matchers:jar:2.5.1` +* `xalan:serializer:jar:2.7.2` +* `xalan:xalan:jar:2.7.2` +* `xerces:xercesImpl:jar:2.12.0` +* `xml-apis:xml-apis:jar:1.4.01` +* `xpp3:xpp3:jar:1.1.4c` diff --git a/distribution/docs/src/main/resources/content/_reference/_dependencyList/js-dependency-list.adoc b/distribution/docs/src/main/resources/content/_reference/_dependencyList/js-dependency-list.adoc deleted file mode 100644 index de6e1e2e08df..000000000000 --- a/distribution/docs/src/main/resources/content/_reference/_dependencyList/js-dependency-list.adoc +++ /dev/null @@ -1,505 +0,0 @@ -:title: JavaScript Dependency List -:type: reference -:status: published -:parent: ${branding} Dependency List -:order: 01 -:summary: ${branding} ${project.version} Javascript Dependency List. - -== {summary} -* amdefine: 1.0.1 -* are-we-there-yet: 1.1.5 -* asn1: 0.2.4 -* atob: 2.1.2 -* base: 0.11.2 -* bcrypt-pbkdf: 1.0.2 -* builtins: 1.0.3 -* byline: 5.0.0 -* caller-path: 2.0.0 -* co: 4.6.0 -* code-point-at: 1.1.0 -* copy-descriptor: 0.1.1 -* cyclist: 1.0.1 -* dashdash: 1.14.1 -* debuglog: 1.0.1 -* decode-uri-component: 0.2.0 -* deep-is: 0.1.3 -* defaults: 1.0.3 -* define-properties: 1.1.3 -* dependency-tree: 7.0.2 -* detect-indent: 5.0.0 -* detective-amd: 3.0.0 -* detective-cjs: 3.1.1 -* detective-es6: 2.1.0 -* detective-less: 1.0.2 -* detective-postcss: 3.0.1 -* detective-sass: 3.0.1 -* detective-scss: 2.0.1 -* detective-stylus: 1.0.0 -* detective-typescript: 5.6.1 -* dezalgo: 1.0.3 -* doctrine: 1.5.0 -* duplexer: 0.1.1 -* ecc-jsbn: 0.1.2 -* err-code: 1.1.2 -* es-abstract: 1.16.0 -* es6-set: 0.1.5 -* es6-weak-map: 2.0.3 -* espree: 3.5.4 -* esrecurse: 4.2.1 -* exit-hook: 1.1.1 -* fast-levenshtein: 2.0.6 -* figures: 2.0.0 -* find-up: 2.1.0 -* flat-cache: 1.3.0 -* flatten: 1.0.2 -* front-matter: 2.1.2 -* fs-minipass: 1.2.6 -* gauge: 2.7.4 -* generate-function: 2.3.1 -* generate-object-property: 1.2.0 -* genfun: 5.0.0 -* get-own-enumerable-property-symbols: 3.0.1 -* getpass: 0.1.7 -* gonzales-pe-sl: 4.2.3 -* ignore: 4.0.6 -* ignore-walk: 3.0.3 -* indent-string: 2.1.0 -* indexes-of: 1.0.1 -* ip: 1.1.5 -* is-finite: 1.0.2 -* is-fullwidth-code-point: 2.0.0 -* is-my-ip-valid: 1.0.0 -* is-promise: 2.1.0 -* is-regexp: 1.0.0 -* is-resolvable: 1.1.0 -* isexe: 2.0.0 -* js-base64: 2.4.3 -* jsonify: 0.0.0 -* jsonpointer: 4.0.1 -* known-css-properties: 0.3.0 -* lcid: 1.0.0 -* levn: 0.3.0 -* lodash.capitalize: 4.2.1 -* lodash.kebabcase: 4.1.1 -* macos-release: 2.3.0 -* make-dir: 1.3.0 -* map-age-cleaner: 0.1.3 -* merge: 1.2.0 -* mimic-fn: 1.2.0 -* minizlib: 1.2.1 -* node-gyp: 3.8.0 -* bootstrap-sass: 3.3.6 -* bootswatch: 3.3.7 -* compass-mixins: 0.12.10 -* cpr: 3.0.1 -* lerna: 3.16.4 -* node-sass: 4.12.0 -* npm: 6.11.3 -* react: 16.8.6 -* react-dom: 16.8.6 -* graceful-fs: 4.1.11 -* minimist: 1.2.0 -* mkdirp: 0.5.1 -* rimraf: 2.6.2 -* : octokit/request-error -* import-local: 2.0.0 -* npmlog: 0 -* dedent: 0.7.0 -* npm-package-arg: 6.1.0 -* p-map: 2.1.0 -* semver: 2 -* glob: 7.1.2 -* safe-buffer: 5.1.2 -* bluebird: 3.7.1 -* cacache: 12.0.3 -* chownr: 1.1.3 -* figgy-pudding: 3.5.1 -* get-stream: 4.1.0 -* infer-owner: 1.0.4 -* lru-cache: 4.1.5 -* make-fetch-happen: 5.0.1 -* minimatch: 3.0.4 -* minipass: 2.9.0 -* mississippi: 3.0.0 -* normalize-package-data: 2.5.0 -* npm-packlist: 1.4.4 -* npm-pick-manifest: 3.0.0 -* osenv: 0 -* promise-inflight: 1.0.1 -* promise-retry: 1.1.1 -* protoduck: 5.0.1 -* ssri: 6.0.1 -* tar: 4.4.10 -* unique-filename: 1.1.1 -* which: 1.3.1 -* fs.realpath: 1.0.0 -* inflight: 1.0.6 -* inherits: 2.0.3 -* once: 1.3.0 -* path-is-absolute: 1.0.0 -* move-concurrently: 1.0.1 -* y18n: 4.0.0 -* aproba: 2.0.0 -* copy-concurrently: 1.0.5 -* fs-write-stream-atomic: 1.0.10 -* run-queue: 1.0.0 -* iferr: 0.1.5 -* imurmurhash: 0.1.4 -* readable-stream: 3.4.0 -* pump: 3.0.0 -* yallist: 3.0.0 -* agentkeepalive: 3.5.2 -* http-cache-semantics: 3.8.1 -* http-proxy-agent: 2.1.0 -* https-proxy-agent: 2.2.3 -* node-fetch-npm: 2.0.2 -* socks-proxy-agent: 4.0.0 -* humanize-ms: 1.2.1 -* ms: 2.0.0 -* agent-base: 4.3.0 -* debug: 2.6.9 -* es6-promisify: 5.0.0 -* es6-promise: 4.2.8 -* encoding: 0.1.12 -* json-parse-better-errors: 1.0.2 -* iconv-lite: 0.4.24 -* concat-stream: 2.0.0 -* duplexify: 3.7.1 -* end-of-stream: 1.4.4 -* flush-write-stream: 1.1.1 -* from2: 2.3.0 -* parallel-transform: 1.1.0 -* pumpify: 1.3.3 -* stream-each: 1.1.0 -* through2: 2.0.0 -* buffer-from: 1.1.1 -* typedarray: 0.0.6 -* stream-shift: 1.0.0 -* core-util-is: 1.0.2 -* isarray: 1.0.0 -* process-nextick-args: 2.0.0 -* string_decoder: 1.1.1 -* util-deprecate: 1.0.1 -* is-ci: 1.1.0 -* execa: 1.0.0 -* lodash: 4.17.15 -* ci-info: 2.0.0 -* globby: 9.2.0 -* cosmiconfig: 5.2.1 -* dot-prop: 3.0.0 -* glob-parent: 3.1.0 -* load-json-file: 1.1.0 -* resolve-from: 4.0.0 -* write-json-file: 3.2.0 -* dir-glob: 2.2.2 -* array-union: 1.0.2 -* fast-glob: 2.2.7 -* pify: 2.3.0 -* slash: 1.0.0 -* path-type: 1.1.0 -* js-yaml: 3.13.1 -* import-fresh: 2.0.0 -* is-directory: 0.3.1 -* parse-json: 2.2.0 -* argparse: 1.0.10 -* esprima: 4.0.1 -* sprintf-js: 1.0.3 -* caller-callsite: 2.0.0 -* callsites: 2.0.0 -* is-obj: 1.0.1 -* is-glob: 3.1.0 -* strip-bom: 2.0.0 -* type-fest: 0.3.0 -* write-file-atomic: 2.3.0 -* cross-spawn: 3.0.1 -* is-stream: 1.1.0 -* npm-run-path: 2.0.0 -* p-finally: 1.0.0 -* signal-exit: 3.0.0 -* strip-eof: 1.0.0 -* nice-try: 1.0.5 -* path-key: 2.0.1 -* shebang-command: 1.2.0 -* multimatch: 3.0.0 -* array-differ: 2.1.0 -* arrify: 1.0.1 -* config-chain: 1.1.12 -* ini: 1.3.5 -* proto-list: 1.2.1 -* get-port: 4.2.0 -* p-map-series: 1.0.0 -* p-waterfall: 1.0.0 -* read-package-tree: 5.1.6 -* array-uniq: 1.0.3 -* fs-extra: 8.1.0 -* write-pkg: 3.1.0 -* path-exists: 2.1.0 -* npm-lifecycle: 3.1.2 -* is-windows: 1.0.2 -* mkdirp-promise: 5.0.1 -* mz: 2.7.0 -* any-promise: 1.3.0 -* object-assign: 4.0.1 -* thenify-all: 1.0.0 -* read-cmd-shim: 1.0.1 -* chalk: 1.1.3 -* columnify: 1.5.4 -* strip-ansi: 3.0.0 -* wcwidth: 1.0.0 -* inquirer: 6.5.2 -* ansi-escapes: 3.2.0 -* cli-cursor: 2.1.0 -* cli-width: 2.2.0 -* external-editor: 3.1.0 -* rxjs: 6.5.3 -* string-width: 2.1.1 -* mute-stream: 0.0.7 -* run-async: 2.2.0 -* through: >=2.2.7 -* restore-cursor: 2.0.0 -* chardet: 0.7.0 -* tmp: 0.0.33 -* safer-buffer: >= -* escape-string-regexp: 1.0.5 -* tslib: 1.9.0 -* ansi-regex: 2.1.1 -* yargs: 11.0.0 -* yargs-parser: 11.1.1 -* cliui: 4.1.0 -* decamelize: 1.2.0 -* get-caller-file: 1.0.2 -* os-locale: 2.1.0 -* require-directory: 2.1.1 -* require-main-filename: 1.0.1 -* set-blocking: 2.0.0 -* which-module: 2.0.0 -* locate-path: 3.0.0 -* p-locate: 3.0.0 -* p-limit: 2.2.1 -* p-try: 2.2.0 -* camelcase: 2.1.1 -* wrap-ansi: 2.0.0 -* whatwg-url: 7.1.0 -* init-package-json: 1.10.3 -* p-reduce: 1.0.0 -* validate-npm-package-license: 3.0.3 -* validate-npm-package-name: 3.0.0 -* strong-log-transformer: 2.0.0 -* merge2: 1.3.0 -* micromatch: 3.1.10 -* call-me-maybe: 1.0.1 -* glob-to-regexp: 0.3.0 -* path-dirname: 1.0.0 -* is-extglob: 2.1.1 -* arr-diff: 4.0.0 -* array-unique: 0.3.2 -* braces: 2.3.2 -* define-property: 2.0.2 -* extend-shallow: 3.0.2 -* extglob: 2.0.4 -* fragment-cache: 0.2.1 -* kind-of: 6.0.2 -* nanomatch: 1.2.13 -* object.pick: 1.3.0 -* regex-not: 1.0.0 -* snapdragon: 0.8.1 -* to-regex: 3.0.1 -* arr-flatten: 1.1.0 -* fill-range: 4.0.0 -* isobject: 4.0.0 -* repeat-element: 1.1.2 -* snapdragon-node: 2.0.1 -* split-string: 3.0.2 -* is-extendable: 0.1.1 -* is-number: 3.0.0 -* repeat-string: 1.6.1 -* to-regex-range: 2.1.0 -* is-buffer: 1.1.6 -* is-descriptor: 1.0.2 -* is-accessor-descriptor: 1.0.0 -* is-data-descriptor: 1.0.0 -* assign-symbols: 1.0.0 -* is-plain-object: 3.0.0 -* expand-brackets: 2.1.4 -* posix-character-classes: 0.1.0 -* map-cache: 0.2.2 -* lodash.sortby: 4.7.0 -* tr46: 1.0.1 -* webidl-conversions: 4.0.2 -* jsonfile: 4.0.0 -* universalify: 0.1.0 -* promzard: 0.3.0 -* read: 1.0.1 -* read-package-json: 2.0.13 -* p-queue: 4.0.0 -* p-pipe: 1.2.0 -* JSONStream: 1.3.5 -* jsonparse: 1.3.1 -* byte-size: 5.0.1 -* has-unicode: 2.0.1 -* lodash.clonedeep: 4.5.0 -* temp-write: 3.4.0 -* conventional-changelog-angular: 5.0.5 -* conventional-changelog-core: 3.2.3 -* conventional-recommended-bump: 5.0.1 -* lodash.template: 4.5.0 -* compare-func: 1.3.2 -* q: 1.5.1 -* array-ify: 1.0.0 -* conventional-changelog-writer: 4.0.9 -* conventional-commits-parser: 3.0.5 -* dateformat: 3.0.3 -* get-pkg-repo: 1.4.0 -* git-raw-commits: 2.0.0 -* git-remote-origin-url: 2.0.0 -* git-semver-tags: 2.0.3 -* read-pkg: 1.1.0 -* read-pkg-up: 1.0.1 -* split: 1.0.1 -* conventional-commits-filter: 2.0.2 -* handlebars: 4.4.5 -* json-stringify-safe: 5.0.1 -* meow: 3.7.0 -* neo-async: 2.6.1 -* optimist: 0.6.1 -* source-map: 0.6.1 -* uglify-js: 3.1.4 -* is-text-path: 2.0.0 -* split2: 2.0.0 -* trim-off-newlines: 1.0.0 -* text-extensions: 2.0.0 -* hosted-git-info: 2.6.0 -* parse-github-repo-url: 1.3.0 -* camelcase-keys: 2.1.0 -* map-obj: 1.0.1 -* redent: 1.0.0 -* trim-newlines: 1.0.0 -* loud-rejection: 1.6.0 -* pinkie-promise: 2.0.0 -* error-ex: 1.3.2 -* is-utf8: 0.2.1 -* strip-indent: 1.0.1 -* repeating: 2.0.0 -* get-stdin: 4.0.1 -* dargs: 4.1.0 -* number-is-nan: 1.0.0 -* gitconfiglocal: 1.0.0 -* conventional-changelog-preset-loader: 2.2.0 -* lodash.ismatch: 4.4.0 -* modify-values: 1.0.1 -* decamelize-keys: 1.1.0 -* minimist-options: 3.0.2 -* quick-lru: 1.0.0 -* is-plain-obj: 1.1.0 -* lodash._reinterpolate: 3.0.0 -* lodash.templatesettings: 4.2.0 -* git-url-parse: 11.1.2 -* atob-lite: 2.0.0 -* before-after-hook: 2.1.0 -* btoa-lite: 1.0.0 -* deprecation: 2.3.1 -* lodash.get: 4.4.2 -* lodash.set: 4.3.2 -* lodash.uniq: 4.5.0 -* octokit-pagination-methods: 1.1.0 -* universal-user-agent: 4.0.0 -* node-fetch: 2.6.0 -* git-up: 4.0.1 -* is-ssh: 1.3.1 -* parse-url: 5.0.0 -* protocols: 1.1.0 -* ansi-styles: 2.2.1 -* supports-color: 2.0.0 -* color-convert: 1.9.3 -* color-name: 1.1.3 -* brace-expansion: 1.1.11 -* balanced-match: 1.0.0 -* concat-map: 0.0.1 -* pkg-dir: 3.0.0 -* resolve-cwd: 2.0.0 -* async-foreach: 0.1.3 -* gaze: 1.1.2 -* in-publish: 2.0.0 -* nan: 2.14.0 -* request: 2.88.0 -* sass-graph: 2.2.4 -* stdout-stream: 1.4.0 -* true-case-path: 1.0.2 -* globule: 1.2.0 -* has-ansi: 2.0.0 -* pseudomap: 1.0.2 -* wrappy: 1 -* currently-unhandled: 0.4.1 -* array-find-index: 1.0.2 -* is-arrayish: 0.2.1 -* resolve: 1.10.0 -* fstream: 1.0.12 -* nopt: 3.0.6 -* block-stream: 0.0.9 -* abbrev: 1.1.1 -* aws-sign2: 0.7.0 -* aws4: 1.8.0 -* caseless: 0.12.0 -* combined-stream: 1.0.8 -* extend: 3.0.2 -* forever-agent: 0.6.1 -* form-data: 2.3.3 -* http-signature: 1.2.0 -* is-typedarray: 1.0.0 -* isstream: 0.1.2 -* mime-types: 2.1.18 -* har-validator: 5.1.3 -* qs: 6.5.2 -* uuid: 3.3.2 -* oauth-sign: 0.9.0 -* performance-now: 2.1.0 -* tough-cookie: 2.4.3 -* tunnel-agent: 0.6.0 -* delayed-stream: 1.0.0 -* asynckit: 0.4.0 -* assert-plus: 1.0.0 -* jsprim: 1.4.1 -* sshpk: 1.7.0 -* extsprintf: 1.3.0 -* json-schema: 0.2.3 -* verror: 1.10.0 -* mime-db: 1.33.0 -* ajv: 6.10.2 -* har-schema: 2.0.0 -* fast-deep-equal: 2.0.1 -* fast-json-stable-stringify: 2.0.0 -* json-schema-traverse: 0.4.1 -* uri-js: 4.2.2 -* retry: 0.12.0 -* sha: 3.0.0 -* slide: 1.1.3 -* sorted-object: 2.0.1 -* sorted-union-stream: 2.1.3 -* stringify-package: 1.0.0 -* text-table: 0.2.0 -* tiny-relative-date: 1.3.0 -* uid-number: 0.0.6 -* umask: 1.1.0 -* unpipe: 1.0.0 -* update-notifier: 2.3.0 -* worker-farm: 1.6.0 -* boxen: 1.3.0 -* configstore: 3.1.2 -* crypto-random-string: 1.0.0 -* errno: 0.1.7 -* has-flag: 3.0.0 -* import-lazy: 2.1.0 -* is-installed-globally: 0.1.0 -* is-npm: 1.0.0 -* latest-version: 3.1.0 -* object.getownpropertydescriptors: 2.0.3 -* prepend-http: 1.0.4 -* psl: 1.1.29 -* punycode: 1.4.1 -* spdx-correct: 3.0.0 -* spdx-expression-parse: 3.0.0 -* wide-align: 1.1.0 -* split-on-first: 1.0.0 -* strict-uri-encode: 2.0.0 -* util-extend: 1.0.1 -* util-promisify: 2.1.0 diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/AdminConfigPolicy.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/AdminConfigPolicy.adoc index 5b81e9b2a57d..c80ac9c777a6 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/AdminConfigPolicy.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/AdminConfigPolicy.adoc @@ -19,7 +19,7 @@ |Feature and App Permissions |featurePolicies |String -|When enabled, the desired features or apps will only be modifiable and viewable to users with the set attributes. +|When enabled, the desired features or apps are only modifiable and viewable to users with the set attributes. The entry should be the format of: `feature name/app name = "user attribute name=user attribute value"` | |false @@ -27,7 +27,7 @@ The entry should be the format of: `feature name/app name = "user attribute name |Configuration Permissions |servicePolicies |String -|When enabled, the desired service will only be modifiable and viewable to users with the set attributes. +|When enabled, the desired service is only modifiable and viewable to users with the set attributes. The entry should be the format of: `configuration ID = "user attribute name=user attribute value"` |null |false diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/CachingFederationStrategy.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/CachingFederationStrategy.adoc index f0d38b336ecd..95fa1258feba 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/CachingFederationStrategy.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/CachingFederationStrategy.adoc @@ -19,7 +19,7 @@ |Maximum start index |maxStartIndex |Integer -|Sets a limit on the number of results this sorted federation strategy can handle from each federated source. A large start index in conjunction with several federated sources could yield a large result set, which the sorted federation strategy has a limited ability to do. The admin can make a rough calculation to decide what maximum start index to use based on the amount of memory in the system, the amount of federated sources, the number of threads, and the expected amount of query results requested ( (average # of threads) * (maximum # of federated sources) * (maxStartIndex + maximumQueryResults) ) must fit into the allocated memory of the running distribution. This field will be removed when sorted federation strategy has the ability to sort a larger amount of results. +|Sets a limit on the number of results this sorted federation strategy can handle from each federated source. A large start index in conjunction with several federated sources could yield a large result set, which the sorted federation strategy has a limited ability to do. The admin can make a rough calculation to decide what maximum start index to use based on the amount of memory in the system, the amount of federated sources, the number of threads, and the expected amount of query results requested ( (average # of threads) * (maximum # of federated sources) * (maxStartIndex + maximumQueryResults) ) must fit into the allocated memory of the running distribution. This field may be deprecated and removed when sorted federation strategy has the ability to sort a larger amount of results. |50000 |true @@ -33,7 +33,7 @@ |Expiration Age |expirationAgeInMinutes |Long -|The number of minutes a document will remain in the cache before it will expire. Default is 7 days. +|The number of minutes a document remains in the cache before it expires . Default is 7 days. |10080 |true diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/CatalogBackupPlugin.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/CatalogBackupPlugin.adoc index 88ecddb74939..f71273c8b519 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/CatalogBackupPlugin.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/CatalogBackupPlugin.adoc @@ -26,7 +26,7 @@ |Subdirectory levels |subDirLevels |Integer -|Number of subdirectory levels to create. Two characters from the ID will be used to name each subdirectory level. +|Number of subdirectory levels to create. Two characters from the ID are used to name each subdirectory level. |2 |true diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/CatalogFrameworkImpl.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/CatalogFrameworkImpl.adoc index b26c29bd5c71..47c9b86489d2 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/CatalogFrameworkImpl.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/CatalogFrameworkImpl.adoc @@ -34,7 +34,7 @@ |Fanout tag blacklist |fanoutTagBlacklist |String -|Ingest operations with tags in this list will be rejected. +|Ingest operations with tags in this list are rejected. | |true diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/Claims_Handler_Manager.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/Claims_Handler_Manager.adoc index 0342d3a0dfd7..f3bd7541eb11 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/Claims_Handler_Manager.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/Claims_Handler_Manager.adoc @@ -67,7 +67,7 @@ |Override User Certificate DN |overrideCertDn |Boolean -|When checked, this setting will ignore the DN of a user and instead use the LDAP Base User DN value. +|When checked, this setting ignores the DN of a user and instead uses the LDAP Base User DN value. |`false` |true diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/Confluence_Federated_Source.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/Confluence_Federated_Source.adoc index 67f378d24c16..9c2a6435f20f 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/Confluence_Federated_Source.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/Confluence_Federated_Source.adoc @@ -74,14 +74,14 @@ |Confluence Spaces |confluenceSpaces |String cardinality=1000 -|The confluence spaces to include/exclude from searches. If no spaces are specified, all visible spaces will be searched. +|The confluence spaces to include/exclude from searches. If no spaces are specified, all visible spaces are searched. | |No |Attribute Overrides |additionalAttributes |String cardinality=100 -|Attribute Overrides - Optional: Metacard attribute overrides (Key-Value pairs) that can be set on the results comming from this source. If an attribute is specified here, it will overwrite the metacard’s attribute that was created from the Confluence source. The format should be 'key=value'. The maximum allowed size of an attribute override is 65,535 bytes. All attributes in the <<{metadata-prefix}catalog_taxonomy_definitions, catalog taxonomy tables>> are injected into all metacards by default and can be overridden. +|Attribute Overrides - Optional: Metacard attribute overrides (Key-Value pairs) that can be set on the results comming from this source. If an attribute is specified here, it overwrites the metacard’s attribute that was created from the Confluence source. The format should be 'key=value'. The maximum allowed size of an attribute override is 65,535 bytes. All attributes in the <<{metadata-prefix}catalog_taxonomy_definitions, catalog taxonomy tables>> are injected into all metacards by default and can be overridden. | |No diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/ContentDirectoryMonitor.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/ContentDirectoryMonitor.adoc index ed6b35c578a2..2aa790dc0c12 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/ContentDirectoryMonitor.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/ContentDirectoryMonitor.adoc @@ -26,28 +26,28 @@ |Maximum Concurrent Files |numThreads |Integer -|Specifies the maximum number of concurrent files to be processed within a directory (maximum of 8). If this number exceeds 8, 8 will be used in order to preserve system resources. Make sure that your system has enough memory to support the number of concurrent processing threads across all directory monitors. +|Specifies the maximum number of concurrent files to be processed within a directory (maximum of 8). If this number exceeds 8, 8 is used in order to preserve system resources. Make sure that your system has enough memory to support the number of concurrent processing threads across all directory monitors. |1 |true |ReadLock Time Interval |readLockIntervalMilliseconds |Integer -|Specifies the time to wait (in milliseconds) before acquiring a lock on a file in the monitored directory. This interval is used for sleeping between attempts to acquire the read lock on a file to be ingested. The default value of 100 milliseconds is recommended. +|Specifies the time to wait (in milliseconds) before acquiring a lock on a file in the monitored directory. This interval is used for sleeping between attempts to acquire the read lock on a file to be ingested. The default value of 100 milliseconds is recommended. |100 |true |Processing Mechanism |processingMechanism |String -|Choose what happens to the content item after it is ingested. Delete will remove the original file after storing it in the content store. Move will store the item in the content store, and a copy under ./ingested, then remove the original file. (NOTE: this will double the amount of disk space used.) Monitor in place will index the file and serve it from its original location. If in place is used, then the URLResourceReader root resource directories configuration must be updated to allow downloading from the monitored directory (See <<{developing-prefix}url_resource_reader, URL Resource Reader>>). +|Choose what happens to the content item after it is ingested. Delete removes the original file after storing it in the content store. Move stores the item in the content store, and a copy under ./ingested, then removes the original file. (NOTE: this doubles the amount of disk space used.) Monitor in place indexes the file and serves it from its original location. If in place is used, then the URLResourceReader root resource directories configuration must be updated to allow downloading from the monitored directory (See <<{developing-prefix}url_resource_reader, URL Resource Reader>>). |in_place |false |Attribute Overrides |attributeOverrides |String -|Optional: Metacard attribute overrides (Key-Value pairs) that can be set on the content monitor. If an attribute is specified here, it will overwrite the metacard's attribute that was created from the content directory. The format should be 'key=value'. The maximum allowed size of an attribute override is 65,535 bytes. All attributes in the <<{metadata-prefix}catalog_taxonomy_definitions, catalog taxonomy tables>> are injected into all metacards by default and can be overridden. +|Optional: Metacard attribute overrides (Key-Value pairs) that can be set on the content monitor. If an attribute is specified here, it overwrites the metacard's attribute that was created from the content directory. The format should be 'key=value'. The maximum allowed size of an attribute override is 65,535 bytes. All attributes in the <<{metadata-prefix}catalog_taxonomy_definitions, catalog taxonomy tables>> are injected into all metacards by default and can be overridden. |null |false diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/ContentFileSystemStorageProvider.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/ContentFileSystemStorageProvider.adoc index 8f2262f70e91..eea0ef43517c 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/ContentFileSystemStorageProvider.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/ContentFileSystemStorageProvider.adoc @@ -19,7 +19,7 @@ |Content Repository File Path |baseContentDirectory |String -|Specifies the directory to use for the content repository. A shutdown of the server is necessary for this property to take effect. If a filepath is provided with directories that don't exist, File System Provider will attempt to create them. +|Specifies the directory to use for the content repository. A shutdown of the server is necessary for this property to take effect. If a filepath is provided with directories that don't exist, File System Provider attempts to create them. |${home_directory}/data/content/store |true diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/DDF_Custom_Mime_Type_Resolver.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/DDF_Custom_Mime_Type_Resolver.adoc index 088797870969..f765a84c3316 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/DDF_Custom_Mime_Type_Resolver.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/DDF_Custom_Mime_Type_Resolver.adoc @@ -33,7 +33,7 @@ |File Extensions to Mime Types |customMimeTypes |String -|List of key/value pairs where key is the file extension and value is the mime type, e.g., nitf=image/nitf +|List of key/value pairs where key is the file extension and value is the mime type, for example, `nitf=image/nitf` |null |true diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/FacetWhitelist.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/FacetWhitelist.adoc index 6239ce8d8dde..3f1fd0ca481b 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/FacetWhitelist.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/FacetWhitelist.adoc @@ -20,8 +20,8 @@ |facetAttributeWhitelist |String |Attributes that can be faceted against through the catalog framework. -Caution: Suggestion values are not protected by any security. Only choose attributes whose values will be safe for all users to view. +Caution: Suggestion values are not protected by any security. Only choose attributes whose values are safe for all users to view. | |false -|=== \ No newline at end of file +|=== diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/GuestInterceptor.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/GuestInterceptor.adoc index 5a66dcb3bcc8..a71e4e176ddb 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/GuestInterceptor.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/GuestInterceptor.adoc @@ -19,7 +19,7 @@ |Deny Guest Access |guestAccessDenied |Boolean -|If set to true, no guest access will be allowed via this guest interceptor. If set to false, this interceptor will generate guest tokens for incoming requests that lack a WS-Security header. +|If set to true, no guest access is allowed via this guest interceptor. If set to false, this interceptor generates guest tokens for incoming requests that lack a WS-Security header. |false |false diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/IdpMetadata.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/IdpMetadata.adoc index d3695cb776f9..f76eea25701c 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/IdpMetadata.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/IdpMetadata.adoc @@ -24,7 +24,7 @@ |Perform User-Agent Check |userAgentCheck |Boolean -|If selected, this will allow clients that do not support ECP and are not browsers to fall back to PKI, BASIC, and potentially GUEST authentication, if enabled. +|If selected, this allows clients that do not support ECP and are not browsers to fall back to PKI, BASIC, and potentially GUEST authentication, if enabled. |true |=== diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/KmlEndpoint.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/KmlEndpoint.adoc index e4cbc4caef89..ffcf06b797e7 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/KmlEndpoint.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/KmlEndpoint.adoc @@ -19,7 +19,7 @@ |Style Document |styleUrl |String -|KML Document containing custom styling. This will be served up by the KmlEndpoint. (e.g. file:///path/to/kml/style/doc.kml) +|KML Document containing custom styling. This is served up by the KmlEndpoint. (for example, \file:///path/to/kml/style/doc.kml) | |false diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/LogoutRequestService.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/LogoutRequestService.adoc index 565f876fab34..b4e4cb3ba9f8 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/LogoutRequestService.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/LogoutRequestService.adoc @@ -18,7 +18,7 @@ |Logout Page Time Out |logOutPageTimeOut |Long -|This is the time limit that the SAML client will wait for a user to click log out on the logout page. Any requests that take longer than this time for the user to submit will be rejected."/> +|This is the time limit that the SAML client waits for a user to click log out on the logout page. Any requests that take longer than this time for the user to submit are rejected."/> |3600000 |=== diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/MetacardAttributePlugin.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/MetacardAttributePlugin.adoc index e17e808c1710..12b302fbfba4 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/MetacardAttributePlugin.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/MetacardAttributePlugin.adoc @@ -29,7 +29,7 @@ The strategy for combining the values is intersection, which means only the values common to all source attribute are added to the destination attribute. Note: Do not use the same destination attributes in both the Intersect and Union - rule sets. The plugin will behave unpredictably. + rule sets. The plugin behaves unpredictably. |none |false @@ -46,7 +46,7 @@ The strategy for combining the values is union, which means only all the values of the source attribute are added to the destination attribute (excluding duplicates) Note: Do not use the same destination attributes in both the Intersect and Union - rule sets. The plugin will behave unpredictably. + rule sets. The plugin behaves unpredictably. |none |false diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/MetacardIngestNetworkPlugin.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/MetacardIngestNetworkPlugin.adoc index 5979cd864068..662a572d6534 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/MetacardIngestNetworkPlugin.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/MetacardIngestNetworkPlugin.adoc @@ -19,7 +19,7 @@ |Criteria |criteriaKey |String -|Specifies the criteria for the test of equality; which value will be tested? IP Address? Hostname? +|Specifies the criteria for the test of equality; which value is tested? IP Address? Hostname? |remoteAddr |true diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/MetacardValidityFilterPlugin.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/MetacardValidityFilterPlugin.adoc index a8cd4bb8edda..3597e2144156 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/MetacardValidityFilterPlugin.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/MetacardValidityFilterPlugin.adoc @@ -19,7 +19,7 @@ |Attribute map |attributeMap |String -|Mapping of Metacard SECURITY attribute to user attribute. Users with this role will always receive metacards with errors and/or warnings. +|Mapping of Metacard SECURITY attribute to user attribute. Users with this role always receive metacards with errors and/or warnings. |invalid-state=localhost-data-manager |false diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/MetacardValidityMarkerPlugin.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/MetacardValidityMarkerPlugin.adoc index 19ce65a7c3ad..d2a766589199 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/MetacardValidityMarkerPlugin.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/MetacardValidityMarkerPlugin.adoc @@ -19,7 +19,7 @@ |Enforced Validators |enforcedMetacardValidators |String -|ID of Metacard Validator to enforce. Metacards that fail these validators will NOT be ingested. +|ID of Metacard Validator to enforce. Metacards that fail these validators are NOT ingested. |false |Enforce errors diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/Metacard_File_Storage_Route.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/Metacard_File_Storage_Route.adoc index 20469cc6e64c..dfac493b7495 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/Metacard_File_Storage_Route.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/Metacard_File_Storage_Route.adoc @@ -37,7 +37,7 @@ |true |true -|Metacard Backup Output Provider(s) +|Metacard Backup Output Providers |metacardOutputProviderIds |Comma delimited list of metacard output provider IDs. |Metacard Backup Provider IDs to use for this backup plugin. diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/Metacard_S3_Storage_Route.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/Metacard_S3_Storage_Route.adoc index ed5e3337ad0f..e02aee0bbe21 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/Metacard_S3_Storage_Route.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/Metacard_S3_Storage_Route.adoc @@ -77,7 +77,7 @@ |String |Template specifying the S3 object key for the metacard data. The template uses handlebars syntax. -Use [] to reference dotted attributes e.g. {{[attribute.name]}}. +Use [] to reference dotted attributes, as in {{[attribute.name]}}. If you wish to include date, you would use {{dateFormat created yyyy-MM-dd}} |data/backup/metacard/{{substring id 0 3}}/{{substring id 3 6}}/{{id}}.xml diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/PdfInputTransformer.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/PdfInputTransformer.adoc index df519beab6f6..35b627ff3b98 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/PdfInputTransformer.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/PdfInputTransformer.adoc @@ -14,7 +14,7 @@ |Use PDF Title |usePdfTitleAsTitle |Boolean -|Use the PDF's metadata to determine the metacard title. If this is not enabled, the metacard title will be the file name. +|Use the PDF's metadata to determine the metacard title. If this is not enabled, the metacard title is the file name. |false |true diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/PolicyManager.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/PolicyManager.adoc index fc1f86cdcb09..60ede5dd9dfe 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/PolicyManager.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/PolicyManager.adoc @@ -19,7 +19,7 @@ |Context Traversal Depth |traversalDepth |Integer -|Depth to which paths will be traversed. Any value greater than 500 will be set to 500. +|Depth to which paths are traversed. Any value greater than 500 is set to 500. |20 |true @@ -61,7 +61,7 @@ |White Listed Contexts |whiteListContexts |String -|List of contexts that will not use security. Note that sub-contexts to ones listed here will also skip security, unless authentication types are provided for it. For example: if /foo is listed here, then /foo/bar will also not require any sort of authentication. However, if /foo is listed and /foo/bar has authentication types provided in the 'Authentication Types' field, then that more specific policy will be used. +|List of contexts that do not use security. Note that sub-contexts to ones listed here also skip security, unless authentication types are provided for it. For example: if /foo is listed here, then /foo/bar also does not require any sort of authentication. However, if /foo is listed and /foo/bar has authentication types provided in the 'Authentication Types' field, then that more specific policy is used. |${variable-prefix}org.codice.ddf.system.rootContext}/SecurityTokenService,${variable-prefix}org.codice.ddf.system.rootContext}/internal/metrics,/proxy,${variable-prefix}org.codice.ddf.system.rootContext}/saml,${variable-prefix}org.codice.ddf.system.rootContext}/idp,/idp,${variable-prefix}org.codice.ddf.system.rootContext}/platform/config/ui,/logout |true diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/ReliableResourceDownload.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/ReliableResourceDownload.adoc index 670b86e72d8a..1a5e1ada930c 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/ReliableResourceDownload.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/ReliableResourceDownload.adoc @@ -18,10 +18,10 @@ |Product Cache Directory |productCacheDirectory |String -|Directory where retrieved products will be cached for faster, future retrieval. +|Directory where retrieved products are cached for faster, future retrieval. If a directory path is specified with directories that do not exist, -Product Download feature will attempt to create those directories. -Without configuration, the product cache directory is ${home_directory}/data/product-cache. If a relative path is provided it will be relative to the ${home_directory}. It is recommended to enter an absolute directory path such as /opt/product-cache in Linux or C:\product-cache in Windows. +Product Download feature attempts to create those directories. +Without configuration, the product cache directory is ${home_directory}/data/product-cache. If a relative path is provided it must be relative to the ${home_directory}. It is recommended to enter an absolute directory path such as /opt/product-cache in Linux or C:\product-cache in Windows. | |false diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/Session.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/Session.adoc index 6484bb25ab9c..9a03782c35b3 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/Session.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/Session.adoc @@ -19,10 +19,10 @@ |Session Timeout (in minutes) |expirationTime |Integer -|Specifies the length of inactivity (in minutes) between client requests before the servlet container will invalidate the session (this applies to all client sessions). +|Specifies the length of inactivity (in minutes) between client requests before the servlet container invalidates the session (this applies to all client sessions). This value must be 2 minutes or greater, as users are warned when only 1 minute remains. If a value of less than 2 minutes is used, the timeout is set to the default time of 31 minutes. -See also: <<_ddf.platform.ui.config,Platform UI Config>>. +See also <<_ddf.platform.ui.config,Platform UI Config>>. |31 |true diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/TikaInputTransformer.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/TikaInputTransformer.adoc index 67b155a56789..39aec7fe43db 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/TikaInputTransformer.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/TikaInputTransformer.adoc @@ -19,7 +19,7 @@ |Use Resource Title |useResourceTitleAsTitle |Boolean -|Use the resource's metadata to determine the metacard title. If this is not enabled, the metacard title will be the file name. +|Use the resource's metadata to determine the metacard title. If this is not enabled, the metacard title is the file name. |false |true diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/TransformerDescriptors.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/TransformerDescriptors.adoc index 33d0822175e8..29a6897a3a85 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/TransformerDescriptors.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/TransformerDescriptors.adoc @@ -19,15 +19,15 @@ |Metacard Transformer Blacklist |blackListedMetacardTransformerIds |String -|The IDs of all Metacard Transformers services that will not show up as export actions in the UI. Every ID in this set will remove that transformer as an export option in the UI. +|The IDs of all Metacard Transformers services that do not show up as export actions in the UI. Every ID in this set removes that transformer as an export option in the UI. |[] |false |Query Response Transformer Blacklist |blackListedQueryResponseTransformerIds |String -|The IDs of all Query Response Transformers services that will not show up as export actions in the UI. Every ID in this set will remove that transformer as an export option in the UI. +|The IDs of all Query Response Transformers services that do not show up as export actions in the UI. Every ID in this set removes that transformer as an export option in the UI. |[`zipCompression`] |false -|=== \ No newline at end of file +|=== diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/Wfs_v1_1_0_Federated_Source.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/Wfs_v1_1_0_Federated_Source.adoc index 9aede244b6ee..367634f15120 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/Wfs_v1_1_0_Federated_Source.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/Wfs_v1_1_0_Federated_Source.adoc @@ -75,7 +75,7 @@ |Non Queryable Properties |nonQueryableProperties |String -|Properties listed here will NOT be queryable and any attempt to filter on these properties will result in an exception. +|Properties listed here are NOT queryable and any attempt to filter on these properties results in an exception. |null |false diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/Wfs_v2_0_0_Connected_Source.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/Wfs_v2_0_0_Connected_Source.adoc index 8799bf0d9cfc..eb85163a8edd 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/Wfs_v2_0_0_Connected_Source.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/Wfs_v2_0_0_Connected_Source.adoc @@ -47,7 +47,7 @@ |Disable Sorting |disableSorting |Boolean -|When selected, the system will not specify sort criteria with the query. This should only be used if the remote source is unable to handle sorting even when the capabilities states 'ImplementsSorting' is supported. +|When selected, the system does not specify sort criteria with the query. This should only be used if the remote source is unable to handle sorting even when the capabilities states 'ImplementsSorting' is supported. |false |true @@ -75,7 +75,7 @@ |Non Queryable Properties |nonQueryableProperties |String -|Properties listed here will NOT be queryable and any attempt to filter on these properties will result in an exception. +|Properties listed here are NOT queryable and any attempt to filter on these properties results in an exception. |null |false diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/Wfs_v2_0_0_Federated_Source.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/Wfs_v2_0_0_Federated_Source.adoc index fdada134ac0f..88a2335cacf4 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/Wfs_v2_0_0_Federated_Source.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/Wfs_v2_0_0_Federated_Source.adoc @@ -54,7 +54,7 @@ |Disable Sorting |disableSorting |Boolean -|When selected, the system will not specify sort criteria with the query. This should only be used if the remote source is unable to handle sorting even when the capabilities states 'ImplementsSorting' is supported. +|When selected, the system does not specify sort criteria with the query. This should only be used if the remote source is unable to handle sorting even when the capabilities states 'ImplementsSorting' is supported. |false |true @@ -82,7 +82,7 @@ |Non Queryable Properties |nonQueryableProperties |String -|Properties listed here will NOT be queryable and any attempt to filter on these properties will result in an exception. +|Properties listed here are NOT queryable and any attempt to filter on these properties results in an exception. |null |false diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/WorkspaceQueryService.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/WorkspaceQueryService.adoc index 64045f4e296f..371387396093 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/WorkspaceQueryService.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/WorkspaceQueryService.adoc @@ -27,7 +27,7 @@ |queryTimeInterval |Integer |Set the Relative Time Search (past X minutes up to 24 hours). -Note: This will query for results from the interval to the time the query is sent out. +Note: This queries for results from the interval to the time the query is sent out. |1440 |true diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/XmlAttributePlugin.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/XmlAttributePlugin.adoc index f2fefbe65a4f..74fa5ff8ec1f 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/XmlAttributePlugin.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/XmlAttributePlugin.adoc @@ -19,21 +19,21 @@ |XML Elements: |xmlElements |String -|XML elements within the metadata that will be searched for security attributes. If these elements contain matching attributes, the values of the attributes will be combined. +|XML elements within the metadata that are searched for security attributes. If these elements contain matching attributes, the values of the attributes are combined. | |true |Security Attributes (union): |securityAttributeUnions |String -|Security Attributes. These attributes, if they exist on any of the XML elements listed above, will have their values extracted and the union of all of the values will be saved to the metacard. For example: if element1 and element2 both contain the attribute 'attr' and that attribute has values X,Y and X,Z, respectively, then the final result will be the union of those values: X,Y,Z. The X,Y,Z value will be the value that is placed within the security attribute on the metacard. +|Security Attributes. These attributes, if they exist on any of the XML elements listed above, have their values extracted and the union of all of the values is saved to the metacard. For example: if element1 and element2 both contain the attribute 'attr' and that attribute has values X,Y and X,Z, respectively, then the final result is the union of those values: X,Y,Z. The X,Y,Z value is the value that is placed within the security attribute on the metacard. | |false |Security Attributes (intersection): |securityAttributeIntersections |String -|Security Attributes. These attributes, if they exist on any of the XML elements listed above, will have their values extracted and the intersection of all of the values will be saved to the metacard. For example: if element1 and element2 both contain the attribute 'attr' and that attribute has values X,Y and X,Z, respectively, then the final result will be the intersection of those values: X. The X value will be the value that is placed within the security attribute on the metacard. +|Security Attributes. These attributes, if they exist on any of the XML elements listed above, have their values extracted and the intersection of all of the values is saved to the metacard. For example: if element1 and element2 both contain the attribute 'attr' and that attribute has values X,Y and X,Z, respectively, then the final result is the intersection of those values: X. The X value is the value that is placed within the security attribute on the metacard. |null |false diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/admin.ui.configuration.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/admin.ui.configuration.adoc index 6501252d02cc..14324bde6534 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/admin.ui.configuration.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/admin.ui.configuration.adoc @@ -40,14 +40,14 @@ |Show System Usage Message once per session |systemUsageOncePerSession |Boolean -|With this selected,the system usage message will be shown once for each browser session. Uncheck this to have the usage message appear every time the admin page is opened or refreshed. +|With this selected,the system usage message is shown once for each browser session. Uncheck this to have the usage message appear every time the admin page is opened or refreshed. |true |true |Ignored Installer Applications |disabledInstallerApps |String -|Comma delimited list (appName, appName2, ...appNameN) of applications that will be disabled in the installer. +|Comma delimited list (appName, appName2, ...appNameN) of applications that are disabled in the installer. |admin-app,platform-app |null diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/ddf.catalog.transformer.input.pdf.PdfInputTransformer.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/ddf.catalog.transformer.input.pdf.PdfInputTransformer.adoc index a5051e39b442..8a865b564bda 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/ddf.catalog.transformer.input.pdf.PdfInputTransformer.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/ddf.catalog.transformer.input.pdf.PdfInputTransformer.adoc @@ -20,7 +20,7 @@ |Use PDF Title |usePdfTitleAsTitle |Boolean -|Use the PDF's metadata to determine the metacard title. If this is not enabled, the metacard title will be the file name. +|Use the PDF's metadata to determine the metacard title. If this is not enabled, the metacard title is the file name. |false |true diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/landingpage.properties.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/landingpage.properties.adoc index 4597803da160..615347114223 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/landingpage.properties.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/landingpage.properties.adoc @@ -47,7 +47,7 @@ |Announcements |announcements |String -|Announcements that will be displayed on the landing page. +|Announcements to display on the landing page. |null |true @@ -75,7 +75,7 @@ |Additional Links |links |String -|Additional links to be displayed on the landing page. Use the format , (e.g. `example`, `http://www.example.com`). Empty entries are ignored. +|Additional links to be displayed on the landing page. Use the format , (such as `example,http://www.example.com`). Empty entries are ignored. | |yes |=== diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/org.codice.ddf.transformer.preview.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/org.codice.ddf.transformer.preview.adoc index 482e22007e7d..21420ec90f47 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/org.codice.ddf.transformer.preview.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/org.codice.ddf.transformer.preview.adoc @@ -27,7 +27,7 @@ |Element Names to Preview |previewElements |String -|Specify element names to preview from XML. Will take the text content of the first available element for preview. Note: This list will not be used unless Preview From Metadata is enabled. +|Specify element names to preview from XML. Takes the text content of the first available element for preview. Note: This list is not used unless Preview From Metadata is enabled. |text,TEXT |true -|=== \ No newline at end of file +|=== diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/platform.ui.config.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/platform.ui.config.adoc index 92518b508af4..b87b534fd8e9 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/platform.ui.config.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/platform.ui.config.adoc @@ -40,7 +40,7 @@ |Show System Usage Message once per session |systemUsageOncePerSession |Boolean -|With this selected, the system usage message will be shown once for each browser session. Uncheck this to have the usage message appear every time the search window is opened or refreshed. +|With this selected, the system usage message is shown once for each browser session. Uncheck this to have the usage message appear every time the search window is opened or refreshed. |true |true @@ -75,7 +75,7 @@ |Session Timeout |timeout |Integer -|Specifies the length of inactivity (in minutes) that will cause a user to be logged out automatically. This value must be 2 minutes or greater, as users are warned when only 1 minute remains. If a value of less than 2 minutes is used, the timeout is set to the default time of 15 minutes. +|Specifies the length of inactivity (in minutes) that causes a user to be logged out automatically. This value must be 2 minutes or greater, as users are warned when only 1 minute remains. If a value of less than 2 minutes is used, the timeout is set to the default time of 15 minutes. |15 |true diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/scheduler.Command.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/scheduler.Command.adoc index e6860a3bef00..c9c0c305b227 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/scheduler.Command.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/scheduler.Command.adoc @@ -26,7 +26,7 @@ |Interval |intervalString |String -|The Interval String for each execution. Based on the Interval Type, this will either be a Cron String or a Second Interval. (e.x. '0 0 0 1/1 * ? *' or '12') +|The Interval String for each execution. Based on the Interval Type, this can be either a Cron String or a Second Interval. (e.x. '0 0 0 1/1 * ? *' or '12') | |true diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/service.SecurityManager.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/service.SecurityManager.adoc index 0f39e1c9e122..4321a0de6b88 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/service.SecurityManager.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/service.SecurityManager.adoc @@ -19,7 +19,7 @@ |SAML NameID Policy |usernameAttributeList |String -|List of attributes that are considered for replacing the username of the logged in user. If any of these attributes match any of the attributes within the SecurityAssertion, the value of the first matching attribute will be used as the username. (Does not apply when NameIDFormat is of the following: X509, persistent, kerberos or unspecified, and the username is not empty). +|List of attributes that are considered for replacing the username of the logged in user. If any of these attributes match any of the attributes within the SecurityAssertion, the value of the first matching attribute is used as the username. (Does not apply when NameIDFormat is of the following: X509, persistent, kerberos or unspecified, and the username is not empty). |http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier, uid |true diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/sourcePoller.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/sourcePoller.adoc index 0b6ff4851d05..2256babf195a 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/sourcePoller.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/sourcePoller.adoc @@ -19,10 +19,9 @@ |Poll Interval (minutes) |pollIntervalMinutes |Integer -|The interval (in minutes) at which to recheck the availability of all sources. Must be at least 1 minute. +a|The interval (in minutes) at which to recheck the availability of all sources. Must be at least 1 minute. -WARNING: -There is a maximum delay of 2*`pollIntervalMinutes` for the Source Poller to be updated after the availability of a source changes or a source is created/modified/deleted. +WARNING: There is a maximum delay of 2*`pollIntervalMinutes` for the Source Poller to be updated after the availability of a source changes or a source is created/modified/deleted. Currently the <<{developing-prefix}standard_catalog_framework,Standard Catalog Framework>> and the <<{integrating-prefix}catalog_rest_endpoint,Catalog REST Endpoint>> use the Source Poller to get source availabilities. The `pollIntervalMinutes` should not be set to value a which results in an unacceptable maximum delay. |1 diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/spatial.kml.style.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/spatial.kml.style.adoc index 61f42bc7601b..e4cc411fbd59 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/spatial.kml.style.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/spatial.kml.style.adoc @@ -19,7 +19,7 @@ |Attribute Name |attributeName |String -|The name of the Metacard Attribute to match against. e.g. title, metadata-content-type, etc +|The name of the Metacard Attribute to match against. For example, title, metadata-content-type, etc |null |true @@ -33,7 +33,7 @@ |Style URL |styleUrl |String -|The full qualified URL to the KML Style. e.g. http://example.com/styles#myStyle +|The full qualified URL to the KML Style, for example, \http://example.com/styles#myStyle |null |true diff --git a/distribution/docs/src/main/resources/content/_reference/_tables/sts.adoc b/distribution/docs/src/main/resources/content/_reference/_tables/sts.adoc index 72fe6c40b7c9..60efd9f0c309 100644 --- a/distribution/docs/src/main/resources/content/_reference/_tables/sts.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_tables/sts.adoc @@ -19,7 +19,7 @@ |SAML Assertion Lifetime |lifetime |Long -|Set the number of seconds that an issued SAML assertion will be good for. +|Set the number of seconds that an issued SAML assertion is valid. |1800 |true diff --git a/distribution/docs/src/main/resources/content/_reference/_whitelists/catalog-whitelist.adoc b/distribution/docs/src/main/resources/content/_reference/_whitelists/catalog-whitelist.adoc index d5c5b490d8b4..2ec66a6c69fc 100644 --- a/distribution/docs/src/main/resources/content/_reference/_whitelists/catalog-whitelist.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_whitelists/catalog-whitelist.adoc @@ -7,6 +7,7 @@ :summary: ${ddf-catalog} whitelist. == {title} +((({title}))) The following classes have been exported by the ${ddf-catalog} application and are approved for use by third parties: diff --git a/distribution/docs/src/main/resources/content/_reference/_whitelists/platform-whitelist.adoc b/distribution/docs/src/main/resources/content/_reference/_whitelists/platform-whitelist.adoc index 6df343867742..0e5fdb102c53 100644 --- a/distribution/docs/src/main/resources/content/_reference/_whitelists/platform-whitelist.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_whitelists/platform-whitelist.adoc @@ -6,6 +6,7 @@ :summary: ${ddf-platform} whitelist. == {title} +((({title}))) The following classes have been exported by the ${ddf-platform} application and are approved for use by third parties: diff --git a/distribution/docs/src/main/resources/content/_reference/_whitelists/removed-whitelist.adoc b/distribution/docs/src/main/resources/content/_reference/_whitelists/removed-whitelist.adoc index bf88aa98d01e..fbf7ea23103e 100644 --- a/distribution/docs/src/main/resources/content/_reference/_whitelists/removed-whitelist.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_whitelists/removed-whitelist.adoc @@ -6,6 +6,7 @@ :summary: List of packages removed from the whitelist == {title} +((({title}))) In the transition of the whitelist from the ambiguous package listing to the new class listing several errors were found. The packages originally listed that were removed either did not exist, contained experimental interfaces, or contained only internal implementations and should have never been included in the whitelist. The following is a list of packages that were listed in error and have been removed from the whitelist. diff --git a/distribution/docs/src/main/resources/content/_reference/_whitelists/security-whitelist.adoc b/distribution/docs/src/main/resources/content/_reference/_whitelists/security-whitelist.adoc index d51ce4ff9bc0..ad8f77feb51b 100644 --- a/distribution/docs/src/main/resources/content/_reference/_whitelists/security-whitelist.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_whitelists/security-whitelist.adoc @@ -6,6 +6,7 @@ :summary: ${ddf-security} whitelist. == {title} +((({title}))) The following classes have been exported by the ${ddf-security} application and are approved for use by third parties: diff --git a/distribution/docs/src/main/resources/content/_reference/_whitelists/solr-whitelist.adoc b/distribution/docs/src/main/resources/content/_reference/_whitelists/solr-whitelist.adoc index a945914b896d..59c5d6bad33c 100644 --- a/distribution/docs/src/main/resources/content/_reference/_whitelists/solr-whitelist.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_whitelists/solr-whitelist.adoc @@ -6,6 +6,7 @@ :summary: ${ddf-solr} whitelist. == {title} +((({title}))) The following classes have been exported by the ${ddf-solr} application and are approved for use by third parties: diff --git a/distribution/docs/src/main/resources/content/_reference/_whitelists/spatial-whitelist.adoc b/distribution/docs/src/main/resources/content/_reference/_whitelists/spatial-whitelist.adoc index 13d292242503..eeb30704245c 100644 --- a/distribution/docs/src/main/resources/content/_reference/_whitelists/spatial-whitelist.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_whitelists/spatial-whitelist.adoc @@ -6,6 +6,7 @@ :summary: ${ddf-spatial} whitelist. == {title} +((({title}))) The following classes have been exported by the ${ddf-spatial} application and are approved for use by third parties: diff --git a/distribution/docs/src/main/resources/content/_reference/_whitelists/ui-whitelist.adoc b/distribution/docs/src/main/resources/content/_reference/_whitelists/ui-whitelist.adoc index defad9118244..7b2e3df1010f 100644 --- a/distribution/docs/src/main/resources/content/_reference/_whitelists/ui-whitelist.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_whitelists/ui-whitelist.adoc @@ -6,6 +6,7 @@ :summary: ${ddf-ui} whitelist. == {title} +((({title}))) The following classes have been exported by the ${ddf-ui} application and are approved for use by third parties: diff --git a/distribution/docs/src/main/resources/content/_reference/_whitelists/whitelist-intro.adoc b/distribution/docs/src/main/resources/content/_reference/_whitelists/whitelist-intro.adoc index 9c60739120bc..89769d90f279 100644 --- a/distribution/docs/src/main/resources/content/_reference/_whitelists/whitelist-intro.adoc +++ b/distribution/docs/src/main/resources/content/_reference/_whitelists/whitelist-intro.adoc @@ -5,5 +5,6 @@ :summary: Introduction to application whitelists. == {title} +((({title}))) Within each ${branding} application, certain packages are exported for use by third parties. diff --git a/distribution/docs/src/main/resources/content/_reference/dependency-list-intro.adoc b/distribution/docs/src/main/resources/content/_reference/dependency-list-intro.adoc index 48b0d89c4092..ea11c3039545 100644 --- a/distribution/docs/src/main/resources/content/_reference/dependency-list-intro.adoc +++ b/distribution/docs/src/main/resources/content/_reference/dependency-list-intro.adoc @@ -4,7 +4,6 @@ :order: 02 :summary: Introduction to dependency list reference. -[{reference}] == {title} This list of ${branding} dependencies is automatically generated: diff --git a/distribution/docs/src/main/resources/content/_using/measure-distance.adoc b/distribution/docs/src/main/resources/content/_using/measure-distance.adoc index 9c8ad1719670..0e0a4c562357 100644 --- a/distribution/docs/src/main/resources/content/_using/measure-distance.adoc +++ b/distribution/docs/src/main/resources/content/_using/measure-distance.adoc @@ -17,4 +17,4 @@ then select *Measure Distance* and *Select end point*. Select *Copy current distance* to view and copy the distance. . Select *Clear all coordinates* to clear the points and line. -image::measure-distance.png[Measure Distance] \ No newline at end of file +image::measure-distance.png[Measure Distance] diff --git a/distribution/docs/src/main/resources/content/_using/notifications.adoc b/distribution/docs/src/main/resources/content/_using/notifications.adoc deleted file mode 100644 index e69de29bb2d1..000000000000 diff --git a/distribution/docs/src/main/resources/content/_using/using-simple-search-ui.adoc b/distribution/docs/src/main/resources/content/_using/using-simple-search-ui.adoc index 2d050974ce1c..7445af32f103 100644 --- a/distribution/docs/src/main/resources/content/_using/using-simple-search-ui.adoc +++ b/distribution/docs/src/main/resources/content/_using/using-simple-search-ui.adoc @@ -7,7 +7,7 @@ == {title} -The ${branding} Simple Search UI application provides a low-bandwidth option for searching records in the local Catalog (provider) and federated sources. +The ${branding} ((Simple Search UI)) application provides a low-bandwidth option for searching records in the local Catalog (provider) and federated sources. Results are returned in HTML format. === Search @@ -19,9 +19,9 @@ It also allows the user to select the sources to search and the number of result Enter one or more of the available search criteria to execute a query: -Keyword Search:: A text box allowing the user to enter a textual query. This supports the use of (*) wildcards. If blank, the query will contain a contextual component. +Keyword Search:: A text box allowing the user to enter a textual query. This supports the use of (*) wildcards. If blank, the query contains a contextual component. Temporal Query:: Select from *any*, *relative*, or *absolute*. Selecting *Any* results in no temporal restrictions on the query, selecting *relative* allows the user to query a period from some length of time in the past until now, and selecting *absolute* allows the user to specify a *start* and *stop* date range. -Spatial Search:: Select from *any*, *point-radius*, and *bounding box*. Selecting *Any* results in no spatial restrictions on the query, selecting *point-radius* allows the user to specify a *lat/lon* and *radius* to search, and selecting a *bounding box* allows the user to specify an *eastern*, *western*, *southern* and *northern* boundary to search within. +Spatial Search:: Select from *any*, *point-radius*, and *bounding box*. Selecting *Any* results in no spatial restrictions on the query, selecting *point-radius* allows the user to specify a *lat/lon* and *radius* to search, and selecting a *bounding box* allows the user to specify an *eastern*, *western*, *southern*, and *northern* boundary to search within. Type Search:: Select from *any*, or a specific type. Selecting *Any* results in no type restrictions on the query, and Selecting *Specific Types* shows a list of known content types on the federation, and allows the user to select a specific type to search for. Sources:: Select from *none*, *all sources*, or *specific sources*. Selelcting *None* results in querying only the local provider, Selecting *All Sources* results in an enterprise search where all federations are queried, and selecting *Specific Sources* allows the user to select which sources are queried. Results per Page:: Select the number of results to be returned by a single query. @@ -32,7 +32,7 @@ The table of results shows the details of the results found, as well as a link t ===== Results Summary -Total Results:: Total Number of Results available for this query. If there are more results than the number displayed per page then a page navigation links will appear to the right. +Total Results:: Total Number of Results available for this query. If there are more results than the number displayed per page then a page navigation link appears to the right. Pages:: Provides page navigation, which generate queries for requesting additional pages of results. ===== Results Table @@ -40,7 +40,7 @@ Pages:: Provides page navigation, which generate queries for requesting addition The Results table provides a preview of and links to the results. The table consists of these columns: -Title:: Displays title of the metacard. This will be a link which can clicked to view the metacard in the Metacard View. +Title:: Displays title of the metacard. This is a link which can clicked to view the metacard in the Metacard View. Source:: Displays where the metadata came from, which could be the local provider or a federated source. Location:: Displays the WKT Location of the metacard, if available. Time:: Shows the Received (Created) and Effective times of the metacard, if available. diff --git a/distribution/docs/src/main/resources/content/_using/view-histogram.adoc b/distribution/docs/src/main/resources/content/_using/view-histogram.adoc index 0a40ea6a5a57..f09bd12f6f5f 100644 --- a/distribution/docs/src/main/resources/content/_using/view-histogram.adoc +++ b/distribution/docs/src/main/resources/content/_using/view-histogram.adoc @@ -6,8 +6,9 @@ :order: 02 == {title} +((({title})))(((Histogram))) . Select a search, right click on the map view, and select *View Histogram* to view a histogram for the search. . Select an attribute to group and compare entries by. -image::view-histogram.png[View Histogram] \ No newline at end of file +image::view-histogram.png[View Histogram] diff --git a/distribution/docs/src/main/resources/templates/architectures.ftl b/distribution/docs/src/main/resources/templates/architectures.ftl index bc51951c27f8..9a581b9a89c9 100644 --- a/distribution/docs/src/main/resources/templates/architectures.ftl +++ b/distribution/docs/src/main/resources/templates/architectures.ftl @@ -1,6 +1,6 @@ = ${branding-expanded} Architecture -include::config.adoc[] :title: ${branding-expanded} Architecture +include::config.adoc[] :architecture-prefix: _ :developing-prefix: developing.adoc#_ :integrating-prefix: documentation.adoc#_ @@ -13,6 +13,15 @@ include::config.adoc[] <#include "build/developing.ftl"> +ifdef::backend-pdf[] + +<<< + +[index] +== Index + +endif::backend-pdf[] + ifdef::backend-html5[] include::${project.build.directory}/asciidoctor-ready-${project.version}/scripts.html[] diff --git a/distribution/docs/src/main/resources/templates/build/application-reference.ftl b/distribution/docs/src/main/resources/templates/build/application-reference.ftl index ec589595db38..8a33a0ddc13a 100644 --- a/distribution/docs/src/main/resources/templates/build/application-reference.ftl +++ b/distribution/docs/src/main/resources/templates/build/application-reference.ftl @@ -1,4 +1,4 @@ -[{reference}] + == Application Reference ==== diff --git a/distribution/docs/src/main/resources/templates/build/architectures.ftl b/distribution/docs/src/main/resources/templates/build/architectures.ftl index 56073cda12f6..57621ad2507a 100644 --- a/distribution/docs/src/main/resources/templates/build/architectures.ftl +++ b/distribution/docs/src/main/resources/templates/build/architectures.ftl @@ -4,7 +4,7 @@ == ${ai.title} -include::${ai.file}[] +include::${ai.file}[leveloffset=+1] ''' <#list architectures?sort_by("order") as architecture> @@ -12,13 +12,13 @@ include::${ai.file}[] === ${architecture.title} -include::${architecture.file}[] +include::${architecture.file}[leveloffset=+2] <#list subArchitectures?sort_by("order") as subArchitecture> <#if (subArchitecture.status == "published") && (architecture.title?contains (subArchitecture.parent))> ==== ${subArchitecture.title} -include::${subArchitecture.file}[] +include::${subArchitecture.file}[leveloffset=+3] diff --git a/distribution/docs/src/main/resources/templates/build/catalog-frameworks.ftl b/distribution/docs/src/main/resources/templates/build/catalog-frameworks.ftl index 3c94ad7303c8..a85caf6a861e 100644 --- a/distribution/docs/src/main/resources/templates/build/catalog-frameworks.ftl +++ b/distribution/docs/src/main/resources/templates/build/catalog-frameworks.ftl @@ -28,7 +28,7 @@ None. ==== ${catalogFramework.title} -include::${catalogFramework.file}[] +include::${catalogFramework.file}[leveloffset=+3] \ No newline at end of file diff --git a/distribution/docs/src/main/resources/templates/build/developing-components.ftl b/distribution/docs/src/main/resources/templates/build/developing-components.ftl index 5324812017b4..25ef9e634ebb 100644 --- a/distribution/docs/src/main/resources/templates/build/developing-components.ftl +++ b/distribution/docs/src/main/resources/templates/build/developing-components.ftl @@ -8,7 +8,7 @@ Create custom implementations of ${branding} components. === ${developingComponent.title} -include::${developingComponent.file}[] +include::${developingComponent.file}[leveloffset=+2] \ No newline at end of file diff --git a/distribution/docs/src/main/resources/templates/build/development-guidelines.ftl b/distribution/docs/src/main/resources/templates/build/development-guidelines.ftl index c2bb89a5313d..6717ebefcf0f 100644 --- a/distribution/docs/src/main/resources/templates/build/development-guidelines.ftl +++ b/distribution/docs/src/main/resources/templates/build/development-guidelines.ftl @@ -6,7 +6,7 @@ === ${developmentGuideline.title} -include::${developmentGuideline.file}[] +include::${developmentGuideline.file}[leveloffset=+2] \ No newline at end of file diff --git a/distribution/docs/src/main/resources/templates/build/managing.ftl b/distribution/docs/src/main/resources/templates/build/managing.ftl index 02cdcabfc887..862d8d4aa270 100644 --- a/distribution/docs/src/main/resources/templates/build/managing.ftl +++ b/distribution/docs/src/main/resources/templates/build/managing.ftl @@ -71,7 +71,7 @@ include::${ri.file}[] <#list startingIntros as si> <#if (si.status == "published")> -include::${si.file}[] +include::${si.file}[leveloffset=+2] @@ -104,7 +104,7 @@ include::${subMaintaining.file}[leveloffset=+4] <#list monitorings?sort_by("order") as monitoring> <#if (monitoring.status == "published")> -include::${monitoring.file}[] +include::${monitoring.file}[leveloffset=+2] @@ -113,7 +113,7 @@ include::${monitoring.file}[] <#list troubleshootings?sort_by("order") as troubleshooting> <#if (troubleshooting.status == "published")> -include::${troubleshooting.file}[] +include::${troubleshooting.file}[leveloffset=+2] diff --git a/distribution/docs/src/main/resources/templates/build/metadata-reference.ftl b/distribution/docs/src/main/resources/templates/build/metadata-reference.ftl index 2a743629f1b2..c842a969e707 100644 --- a/distribution/docs/src/main/resources/templates/build/metadata-reference.ftl +++ b/distribution/docs/src/main/resources/templates/build/metadata-reference.ftl @@ -1,4 +1,3 @@ -[{reference}] <#list metadataIntros?sort_by("order") as mi> <#if mi.status == "published"> include::${mi.file}[] diff --git a/distribution/docs/src/main/resources/templates/build/plugins.ftl b/distribution/docs/src/main/resources/templates/build/plugins.ftl index 4762471f2ccd..806eae9746e4 100644 --- a/distribution/docs/src/main/resources/templates/build/plugins.ftl +++ b/distribution/docs/src/main/resources/templates/build/plugins.ftl @@ -3,7 +3,7 @@ <#list pluginIntros?sort_by("order") as pi> <#if (pi.order == "00")> -include::${pi.file}[] +include::${pi.file}[leveloffset=+1] <#if (pi.plugintypes != "general")> <<${pi.link},${pi.title}>>:: ${pi.summary} @@ -100,9 +100,9 @@ include::${pi.file}[] <#list pluginIntros?sort_by ("order") as pi> <#if pi.status == "published" && pi.order != ("00") && pi.order != ("9999")> -==== ${pi.title} +==== ${pi.title} -include::${pi.file}[] +include::${pi.file}[leveloffset=+3] ===== Available ${pi.title} @@ -128,7 +128,7 @@ Installation and configuration details listed by plugin name. ==== ${plugin.title} -include::${plugin.file}[] +include::${plugin.file}[leveloffset=+3] ''' diff --git a/distribution/docs/src/main/resources/templates/build/reference.ftl b/distribution/docs/src/main/resources/templates/build/reference.ftl index bf498980d86c..f69fb7dee37f 100644 --- a/distribution/docs/src/main/resources/templates/build/reference.ftl +++ b/distribution/docs/src/main/resources/templates/build/reference.ftl @@ -1,6 +1,5 @@ <#list referenceIntros?sort_by("order") as ri> <#if ri.status == "published"> -[{reference}] include::${ri.file}[] <#list references?sort_by("order") as reference> diff --git a/distribution/docs/src/main/resources/templates/build/transformers.ftl b/distribution/docs/src/main/resources/templates/build/transformers.ftl index 36ef99514bbc..8631bac73048 100644 --- a/distribution/docs/src/main/resources/templates/build/transformers.ftl +++ b/distribution/docs/src/main/resources/templates/build/transformers.ftl @@ -63,7 +63,7 @@ Availability and configuration details of available transformers. ==== ${transformer.title} -include::${transformer.file}[] +include::${transformer.file}[leveloffset=+3] @@ -93,7 +93,7 @@ None. ==== ${mimeTypeMapper.title} -include::${mimeTypeMapper.file}[] +include::${mimeTypeMapper.file}[leveloffset=+3] @@ -124,7 +124,7 @@ None. ==== ${mimeTypeResolver.title} -include::${mimeTypeResolver.file}[] +include::${mimeTypeResolver.file}[leveloffset=+3] \ No newline at end of file diff --git a/distribution/docs/src/main/resources/templates/developing.ftl b/distribution/docs/src/main/resources/templates/developing.ftl index 17b34e1bbf46..9d531c484dd2 100644 --- a/distribution/docs/src/main/resources/templates/developing.ftl +++ b/distribution/docs/src/main/resources/templates/developing.ftl @@ -1,6 +1,6 @@ = Developing ${branding} Components: Developer's Guide +:title: Developing ${branding} Components: Developer's Guide include::config.adoc[] -:title: Developing ${branding} Components :architecture-prefix: architecture.adoc#_ :developing-prefix: _ :integrating-prefix: documentation.adoc#_ @@ -15,6 +15,15 @@ include::config.adoc[] <#include "build/development-guidelines.ftl"> +ifdef::backend-pdf[] + +<<< + +[index] +== Index + +endif::backend-pdf[] + ifdef::backend-html5[] include::${project.build.directory}/asciidoctor-ready-${project.version}/scripts.html[] diff --git a/distribution/docs/src/main/resources/templates/documentation.ftl b/distribution/docs/src/main/resources/templates/documentation.ftl index 7c236b4f8401..1a48ac885524 100644 --- a/distribution/docs/src/main/resources/templates/documentation.ftl +++ b/distribution/docs/src/main/resources/templates/documentation.ftl @@ -1,4 +1,5 @@ = ${branding-expanded} Documentation: Complete Documentation +:title: ${branding-expanded} Documentation: Complete Documentation include::config.adoc[] :architecture-prefix: _ :developing-prefix: _ @@ -64,10 +65,14 @@ include::config.adoc[] ifdef::backend-pdf[] +<<< + [index] == Index + endif::backend-pdf[] + ifdef::backend-html5[] include::${project.build.directory}/asciidoctor-ready-${project.version}/scripts.html[] diff --git a/distribution/docs/src/main/resources/templates/integrating.ftl b/distribution/docs/src/main/resources/templates/integrating.ftl index 91755882e522..8ea132520b72 100644 --- a/distribution/docs/src/main/resources/templates/integrating.ftl +++ b/distribution/docs/src/main/resources/templates/integrating.ftl @@ -1,6 +1,6 @@ -= Integrating ${branding} += Integrating with ${branding} +:title: Integrating with ${branding} include::config.adoc[] -:title: Integrating ${branding} :architecture-prefix: architecture.adoc#_ :developing-prefix: developing.adoc#_ :integrating-prefix: _ @@ -13,6 +13,15 @@ include::config.adoc[] <#include "build/integrating.ftl"> +ifdef::backend-pdf[] + +<<< + +[index] +== Index + +endif::backend-pdf[] + ifdef::backend-html5[] include::${project.build.directory}/asciidoctor-ready-${project.version}/scripts.html[] diff --git a/distribution/docs/src/main/resources/templates/managing.ftl b/distribution/docs/src/main/resources/templates/managing.ftl index db598a8f76f0..d1c51dd3116d 100644 --- a/distribution/docs/src/main/resources/templates/managing.ftl +++ b/distribution/docs/src/main/resources/templates/managing.ftl @@ -1,6 +1,6 @@ -= Managing += Managing ${branding-expanded} +:title: Managing ${branding-expanded} include::config.adoc[] -:title: Managing ${branding} :architecture-prefix: architecture.adoc#_ :developing-prefix: developing.adoc#_ :integrating-prefix: documentation.adoc#_ @@ -13,6 +13,15 @@ include::config.adoc[] <#include "build/managing.ftl"> +ifdef::backend-pdf[] + +<<< + +[index] +== Index + +endif::backend-pdf[] + ifdef::backend-html5[] include::${project.build.directory}/asciidoctor-ready-${project.version}/scripts.html[] diff --git a/distribution/docs/src/main/resources/templates/metadata.ftl b/distribution/docs/src/main/resources/templates/metadata.ftl index ee040721f6c5..3e5106066745 100644 --- a/distribution/docs/src/main/resources/templates/metadata.ftl +++ b/distribution/docs/src/main/resources/templates/metadata.ftl @@ -1,6 +1,6 @@ = ${branding} Metadata Reference Guide +:title: ${branding} Metadata Reference Guide include::config.adoc[] -:title: Metadata Reference Guide :toc: left :architecture-prefix: architecture.adoc#_ :developing-prefix: developing.adoc#_ @@ -14,6 +14,15 @@ include::config.adoc[] <#include "build/metadata-reference.ftl"> +ifdef::backend-pdf[] + +<<< + +[index] +== Index + +endif::backend-pdf[] + ifdef::backend-html5[] include::${project.build.directory}/asciidoctor-ready-${project.version}/scripts.html[] diff --git a/distribution/docs/src/main/resources/templates/overview.ftl b/distribution/docs/src/main/resources/templates/overview.ftl index 8348562392f5..51ae30244b70 100644 --- a/distribution/docs/src/main/resources/templates/overview.ftl +++ b/distribution/docs/src/main/resources/templates/overview.ftl @@ -1,6 +1,6 @@ -= ${branding-expanded} Overview += ${branding-expanded} Executive Summary: Core Concepts and Introduction +:title: ${branding-expanded} Introduction include::config.adoc[] -:title: ${branding-expanded} Executive Summary: Core Concepts and Introduction :architecture-prefix: architecture.adoc#_ :developing-prefix: developing.adoc#_ :integrating-prefix: documentation.adoc#_ @@ -13,6 +13,15 @@ include::config.adoc[] <#include "build/introduction.ftl"> +ifdef::backend-pdf[] + +<<< + +[index] +== Index + +endif::backend-pdf[] + ifdef::backend-html5[] include::${project.build.directory}/asciidoctor-ready-${project.version}/scripts.html[] diff --git a/distribution/docs/src/main/resources/templates/quickstart.ftl b/distribution/docs/src/main/resources/templates/quickstart.ftl index d947e3aeeed6..64dc5b594f1d 100644 --- a/distribution/docs/src/main/resources/templates/quickstart.ftl +++ b/distribution/docs/src/main/resources/templates/quickstart.ftl @@ -1,6 +1,6 @@ = ${branding-expanded}: Quick Start Guide +:title: ${branding-expanded}: Quick Start Guide include::config.adoc[] -:title: ${branding-expanded} Quick Start Guide :architecture-prefix: architecture.adoc#_ :developing-prefix: developing.adoc#_ :integrating-prefix: documentation.adoc#_ @@ -13,6 +13,15 @@ include::config.adoc[] <#include "build/quickstart.ftl"> +ifdef::backend-pdf[] + +<<< + +[index] +== Index + +endif::backend-pdf[] + ifdef::backend-html5[] include::${project.build.directory}/asciidoctor-ready-${project.version}/scripts.html[] diff --git a/distribution/docs/src/main/resources/templates/reference.ftl b/distribution/docs/src/main/resources/templates/reference.ftl index 63b7bf20e962..6d737e4e5f41 100644 --- a/distribution/docs/src/main/resources/templates/reference.ftl +++ b/distribution/docs/src/main/resources/templates/reference.ftl @@ -1,6 +1,6 @@ = ${branding} Reference Guide +:title: ${branding} Reference Guide include::config.adoc[] -:title: Reference :toc: left :architecture-prefix: architecture.adoc#_ :developing-prefix: developing.adoc#_ @@ -16,6 +16,14 @@ include::config.adoc[] <#include "build/reference.ftl"> +ifdef::backend-pdf[] + +<<< + +[index] +== Index + +endif::backend-pdf[] ifdef::backend-html5[] include::${project.build.directory}/asciidoctor-ready-${project.version}/scripts.html[] diff --git a/distribution/docs/src/main/resources/templates/using.ftl b/distribution/docs/src/main/resources/templates/using.ftl index facf1b8c531c..43449ca7b4d5 100644 --- a/distribution/docs/src/main/resources/templates/using.ftl +++ b/distribution/docs/src/main/resources/templates/using.ftl @@ -1,6 +1,6 @@ = ${branding} User's Guide +:title: ${branding} User's Guide include::config.adoc[] -:title: Using ${catalog-ui} :architecture-prefix: architecture.adoc#_ :developing-prefix: developing.adoc#_ :integrating-prefix: documentation.adoc#_ @@ -15,8 +15,11 @@ include::config.adoc[] ifdef::backend-pdf[] +<<< + [index] == Index + endif::backend-pdf[] ifdef::backend-html5[]