!!JSPWiki Installation with Container Managed Authentication

!Tomcat installation

I install Tomcat in the JSPWiki tree on the machine with the pretty name {{linda}}.

{{{
linda:/projekte/JSPWiki tar -xzf apache-tomcat-8.0.12.tar.gz
linda:/projekte/JSPWiki unzip -d JSPWiki-2.10.1 JSPWiki-2.10.1.war
linda:/projekte/JSPWiki unzip -j -d wikipages jspwiki-wikipages-de-2.10.1.zip
}}}

!Add JSPWiki to Tomcat

create {{/projekte/JSPWiki/apache-tomcat-8.0.12/conf/Catalina/localhost/JSPWiki.xml}}
{{{
<Context path="/JSPWiki"
docBase="/projekte/JSPWiki/JSPWiki-2.10.1">
</Context>
}}}

!!create jspwiki-custom.properties
create {{/projekte/JSPWiki/apache-tomcat-8.0.12/lib/jspwiki-custom.properties}}

{{{
jspwiki.applicationName = JSPWiki
jspwiki.baseURL=http://linda:8080/JSPWiki
jspwiki.urlConstructor = ShortViewURLConstructor
jspwiki.pageProvider = VersioningFileProvider
jspwiki.fileSystemProvider.pageDir = /projekte/JSPWiki/wikipages
jspwiki.basicAttachmentProvider.storageDir =
/projekte/JSPWiki/wikiattachments
#
log4j.appender.FileLog = org.apache.log4j.RollingFileAppender
log4j.appender.FileLog.MaxFileSize    = 10MB
log4j.appender.FileLog.MaxBackupIndex = 14
log4j.appender.FileLog.File = /projekte/JSPWiki/jspwiki.log
}}}

!Give the tomcat user Wiki Admin roles
edit {{/projekte/JSPWiki/apache-tomcat-8.0.12/conf/tomcat-users.xml}}
{{{
  <role rolename="Authenticated"/>
  <role rolename="Admin"/>

  <user username="tomcat" password="tomcat" roles="tomcat, Admin,
Authenticated"/>
}}}

Add further users with role Authenticated only 

!Enable Container Managed Authentication
edit {{/projekte/JSPWiki/JSPWiki-2.10.1/WEB-INF/web.xml}}

* enable CONTAINER-MANAGED AUTHENTICATION & AUTHORIZATION

* remove all annoying and useless ([JSPWIKI-212|https://issues.apache.org/jira/browse/JSPWIKI-212]) {{<user-data-constraint>}}

!Restrict default jspwiki.policy
edit {{/projekte/JSPWiki/JSPWiki-2.10.1/WEB-INF/jspwiki.policy}}

remove grants for Anonymous and Asserted

!Start Tomcat

{{{linda:/projekte/JSPWiki/apache-tomcat-8.0.12/bin ./catalina.sh start
}}}

!Open the Wiki
{{http://linda:8080/JSPWiki}} 
and login as tomcat

!LDAP
* use Realm className="org.apache.catalina.realm.JNDIRealm"
* to make the Wiki display real user names:
** extend org.apache.wiki.auth.user.AbstractUserDatabase
** add this to the Wiki properties with jspwiki.userdatabase =  

!use httpd

* add Tomcat to Apache httpd with mod_jk
* enable ssl on httpd
* in Tomcat config leave the jk connector and remove all other connectors