--- /dev/null
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" \r
+ "http://www.w3.org/TR/REC-html40/loose.dtd"> \r
+<HTML>\r
+<HEAD>\r
+ <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">\r
+ <link rel="stylesheet" type="text/css" href="../style/doc.css">\r
+ <TITLE>Jigsaw Configuration</TITLE>\r
+<!-- Created with AOLpress/2.0 -->\r
+</HEAD>\r
+<BODY TEXT="#000000" BGCOLOR="#FFFFFF" LINK="#0000EE" VLINK="#551A8B" ALINK="#FF0000">\r
+ <div class="icons-w3c">\r
+ <a href="../../../">\r
+ <img src="/Icons/w3c_home" \r
+ border="0" \r
+ alt="W3C logo"\r
+ height="48" \r
+ width="72">\r
+ </a>\r
+ </div>\r
+ <div class="icons-jigsaw">\r
+ <a href="../../">\r
+ <img src="/Icons/jigsaw" \r
+ border="0"\r
+ alt="Jigsaw"\r
+ height="49"\r
+ width="212">\r
+ </a>\r
+ </div>\r
+\r
+ <div class="title">\r
+ <h1 class="title">\r
+ Jigsaw<br>\r
+ <span class="subtitle">Configuration</span>\r
+ </h1>\r
+ <hr NOSHADE width="70%" align="left">\r
+ <a href="../../Overview.html">Jigsaw Home</a> /\r
+ <a href="../Overview.html">Documentation Overview</a>\r
+ </div>\r
+ <div class="body">\r
+<p>From the 1.0alpha5 release of <B>Jigsaw</B>, the best way to configure\r
+the server is to use the graphical application named <B>JigAdmin</B>. The\r
+form-based configuration is still here but is no longer maintained.\r
+<p>This document has the following sections:\r
+ <p>\r
+ <ul>\r
+ <li><a href="#start">How to start JigAdmin</a>\r
+ <li><a href="#security">Security considerations</a>\r
+ <li><a href="#resources">Resources & Frames</a>\r
+ <li><a href="#indexers">Indexers</a>\r
+ <li><a href="#filters">Filters</a>\r
+ <li><a href="#deletion">Deletion and reindexation</a>\r
+ </ul>\r
+<p>\r
+<a name="start"></a>\r
+<H1>\r
+How to start JigAdmin</H1>\r
+For a quickstart, you should read this <A HREF="AdminTools.html">little\r
+Howto</A>. The main command top start JigAdmin is:\r
+<PRE> java org.w3c.jigadm.Main -root INSTDIR/Jigsaw/Jigsaw</PRE>\r
+(change the '/' in '\' for Windows boxes)\r
+<a name="security"></a>\r
+<H1>\r
+Security considerations</H1>\r
+By default, Jigsaw comes with predefined usernames/password (admin/admin)\r
+for the administration server, and no protection on the Admin directory\r
+of the http server. If you care a little about your site, you must do the\r
+following:\r
+ <OL>\r
+ <LI>\r
+ Change the <A HREF="AdminTools.html#using">password</A> of the \r
+ administration server.</LI>\r
+ <LI>Put an authentification filter on the Admin directory of each\r
+ server managed by the admin server.\r
+ <UL>\r
+ <LI>Create an admin realm, if not already present.\r
+ <UL>\r
+ <LI>Click on the "realm" leaf</LI>\r
+ <LI>Add a realm</LI>\r
+ <LI>Open the "realm" node</LI>\r
+ <LI>Click on the realm node you just created</LI>\r
+ <LI>Add one user and change its password\r
+ (by default, there is no password)</LI>\r
+ </UL>\r
+ </LI>\r
+ <LI>Open the "space" node of the server</LI>\r
+ <LI>Click on the "Admin" directory</LI>\r
+ <LI>Click on the "Add an AuthFilter" icon</LI>\r
+ <LI>Set the realm of the filter to the realm you created</LI>\r
+ </UL>\r
+ <LI>Save everything\r
+ <UL>\r
+ <LI>Click on each "control" node</LI>\r
+ <LI>Click on the save button</LI>\r
+ </UL>\r
+ </LI>\r
+ </OL>\r
+If you really care about security, you can add IP filters to the AuthFilters\r
+set, you can do it in the attributes of the user entries in the administration\r
+realms.\r
+\r
+<P>On Unix, the best way is to run Jigsaw as root in a chrooted environment.\r
+Read the <A HREF="../FAQ.html#chroot">FAQ entry</A> on chroot.\r
+<a name="resources"></a>\r
+<H1>\r
+Resources & Frames</H1>\r
+The Resources are the object exported by <B>Jigsaw</B> to the outside world.\r
+It can be the raw object, like text files or image files, or objects created\r
+on the fly, like servlets, cgi scripts, filtered resources. In <B>Jigsaw-1.0</B>,\r
+the resource was in charge of handling the HTTP requests, so the Resource\r
+has all the knowledge needed by HTTP. Since Jigsaw-2.0, the Resources are\r
+very basic and contains only the intrinsic knowledge of this resource.\r
+For file, you have the size, last modification date... The 2.0 Resources\r
+have protocol frames. Those frames are handling the different protocols\r
+used to fetch this particular resource.\r
+\r
+<P>There are two ways of configuring the resources, by adding directly\r
+a specific resource at a specific place, or by letting the indexers create\r
+the resource in the server hierarchy. Of course the manual tune can be\r
+used along with the indexers. That is the most common way to configure\r
+<B>Jigsaw</B>.\r
+<a name="indexers"></a>\r
+<H1>\r
+Indexers</H1>\r
+An indexers, placed on a Container, will be in charge of creating its sons\r
+resources. It will create Resource of a special kind depending, for example,\r
+on the extension of the filename ("html" for an html page, "png" for a\r
+PNG image file....). Or place a specific indexer for cgi on a directory\r
+named "cgi-bin". In Jigsaw-2.0, the indexer is not only in charge of creating\r
+the resource, it has also to put the right protocol frames (and other frames\r
+if necessary) on the created resource.\r
+\r
+<P>An indexer have two main part:\r
+<OL>\r
+<LI>\r
+The Directories.</LI>\r
+\r
+<LI>\r
+The Extensions.</LI>\r
+</OL>\r
+In the Directories, you have to specify how to index directories with a\r
+specific name. The default name is "*default*", in the default indexer\r
+the resource created is a DirectoryResource. In the 2.0 version, it creates\r
+a DirectoryResource with a default HTTPFrame.\r
+\r
+<P>In the extensions, you have to specify how to index files or leaf Resources.\r
+The default extension are mapped to FileResource, html, gif, png, txt...\r
+In the 2.0 version, an HTTPFrame is added to the Resource.\r
+\r
+<P>A tutorial about the <A HREF="indexers.html">setup of indexers </A>is\r
+available, it helps understanding how it works.\r
+<a name="filters"></a>\r
+<H1>\r
+Filters</H1>\r
+The filters alters the resources, by requesting authentification for example.\r
+The filters are attached to the resource. In the 2.0 version the filters\r
+are atteched to the protocol frame of the resource rather than to the resource\r
+itself because many filtering scheme depends on the protocol used, the\r
+authentification in HTTP is very specific to HTTP and can't be used\r
+in other protocols. The filters are called before and after serving the\r
+resource. You may have filters that are called only before the resource\r
+is served, like an authentification filter, or after, like a "find and\r
+replace" filter.\r
+<a name="deletion"></a>\r
+<H1>\r
+Deletion and reindexation</H1>\r
+In the 1.0 versions of Jigsaw, the reindexation was not present, the only\r
+way to force it was to delete the resource. Of course, if there was a specific\r
+configuration (e.g, "hand-modified" Resources), it was lost. The 2.0 version\r
+solves this problem.\r
+\r
+<P>In the 2.0 version of JigAdmin, you will find, close to the "Delete\r
+Resource" button, a "Reindex Children" button. By doing this, it will verufy/create/delete\r
+all its children resources. It will save your special configurations and\r
+update and propagate the other changes.\r
+ </div> <!-- body -->\r
+ <div class="footer">\r
+<P>\r
+<HR noshade>\r
+ <a href="mailto:jigsaw@w3.org">Jigsaw Team</a><br>\r
+ <span class="mini">\r
+ $Id: configuration.html,v 1.1 2010/06/15 12:22:59 smhuang Exp $\r
+ </span>\r
+ <p class="policyfooter">\r
+ <font size=-1>\r
+ <a href="/Consortium/Legal/ipr-notice.html#Copyright">Copyright</a>\r
+ © 1999 <a href="http://www.w3.org">W3C</a> \r
+ (<a href="http://www.lcs.mit.edu">MIT</a>, \r
+ <a href="http://www.inria.fr/">INRIA</a>, \r
+ <a href="http://www.keio.ac.jp/">Keio</a> ), \r
+ All Rights Reserved. W3C \r
+ <a href="/Consortium/Legal/ipr-notice.html#Legal Disclaimer">\r
+ liability,\r
+ </a>\r
+ <a href="/Consortium/Legal/ipr-notice.html#W3C Trademarks">\r
+ trademark\r
+ </a>, \r
+ <a href="/Consortium/Legal/copyright-documents.html">\r
+ document use \r
+ </a>\r
+ and\r
+ <a href="/Consortium/Legal/copyright-software.html">\r
+ software licensing\r
+ </a> rules apply. Your interactions with this site are in\r
+ accordance with our \r
+ <a href="/Consortium/Legal/privacy-statement.html#Public">\r
+ public\r
+ </a> and \r
+ <a href="/Consortium/Legal/privacy-statement.html#Members">\r
+ Member\r
+ </a>\r
+ privacy statements.</font>\r
+ </div>\r
+</BODY>\r
+</HTML>\r