Diff for /bookie/www/setup.html between versions 1.11 and 1.12

version 1.11, 2002/07/06 00:44:21 version 1.12, 2002/07/14 09:36:35
Line 1 Line 1
Setup instructions for compiling and running Bookie:<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<p><head>
If you're just browsing or don't need to edit files directly, you can look  <title></title>
at Bookie through the <a</head>
href="http://www.mozdev.org/source/browse/bookie/">web interface</a>.<body>
Setup instructions for compiling and running Bookie: 
<p><p>If you're just browsing or don't need to edit files directly, you can
If you want to contribute to Bookie or compile it, then you should grab alook at Bookie through the <a
CVS <a href="http://www.cvshome.com">client</a> and set up a workspace for bookie. href="http://www.mozdev.org/source/browse/bookie/">web interface</a>. </p>
</p><p>If you want to contribute to Bookie or compile it, then you should grab
a CVS <a href="http://www.cvshome.com">client</a> and set up a workspace
<p>for bookie.</p>
You download bookie by doing this (you only need to login once, the password<p>You download bookie by doing this (you only need to login once, the password
 is guest).  Please use the prune option when checking out and updating, since  is guest).  Please use the prune option when checking out and updating, since
the CVS tree has a lot of dead branches in it.the CVS tree has a lot of dead branches in it.</p>
</p><pre> cvs -d :pserver:guest@mozdev.org:/cvs login<br> cvs -d :pserver:guest@mozdev.org:/cvs co bookie -P<br></pre>
<p>The java client is in <code>/clients/swing</code>.  There is an<a
<pre> href="http://jakarta.apache.org/ant">ant</a> script that should compile everything.
 cvs -d :pserver:guest@mozdev.org:/cvs login The client depends on Jena, Apache XML-RPC, Log4J and Xerces. All the libraries
 cvs -d :pserver:guest@mozdev.org:/cvs co bookie -Pshould be available in lib.  The client's main class is<code>com.tersesystems.bookie.client.Client</code>.
</pre> Downloading<a href="http://tersesystems.com/bookie/client.jar">client.jar</a>
will give you the classes, source code and javadoc to play with.</p>
<p><p>The java server is in <code>/server</code>.  Again, the<a
The java client is in <code>/clients/swing</code>.  There is an href="http://jakarta.apache.org/ant">ant</a> script that should compile everything.
<a href="http://jakarta.apache.org/ant">ant</a> script that should compile The server currently depends on JTidy, Marquee XML-RPC,  Jisp, Servlet 2.2,
everything.  The client depends on Jena, Apache XML-RPC, Log4J and Xerces.Log4J, and Xerces, which are all available in lib.  The server's main class
All the libraries should be available in lib.  The client's main class isis <code>com.tersesystems.bookie.service.xmlrpc.BookieServlet</code>.</p>
<code>com.tersesystems.bookie.client.Client</code>.  Downloading<p>  The server will create four files on initialization in the current directory:
<a href="http://tersesystems.com/bookie/client.jar">client.jar</a> will give you  </p>
the classes, source code and javadoc to play with.<ul>
</p> 
 
<p> 
The java server is in <code>/server</code>.  Again, the 
<a href="http://jakarta.apache.org/ant">ant</a> script that should compile 
everything.  The server currently depends on JTidy, Marquee XML-RPC,  
Jisp, Servlet 2.2, Log4J, and Xerces, which are all available in lib.  The 
server's main class is <code>com.tersesystems.bookie.service.xmlrpc.BookieServlet</code>. 
</p> 
 
<p> 
  The server will create four files on initialization in the current directory: 
  <ul> 
     <li>profile.db - a database of profile information.</li>      <li>profile.db - a database of profile information.</li>
     <li>profile.idx - an index of profile.db</li>      <li>profile.idx - an index of profile.db</li>
     <li>bookmarks.db - a database of bookmarks information.</li>      <li>bookmarks.db - a database of bookmarks information.</li>
     <li>bookmarks.idx - an index of bookmarks.db</li>      <li>bookmarks.idx - an index of bookmarks.db</li>
  </ul>  
  These databases contain all the information needed for the server to work.  Deleting</ul>
  these files will cause the server to start off fresh.    These databases contain all the information needed for the server to work.
</p> Deleting   these files will cause the server to start off fresh. 
<p>  The server does not attempt to limit multiple logins on the same account
<p> 
  The server also starts up with a large amount of debugging information.  You can 
  override the default configuration by specifying the log4j configuration file on 
  the command line with <code>-Dlog4j.configuration=minimal.txt</code> where the  
  file <code>minimal.txt</code> contains the following: 
</p> 
 
<pre> 
    # Set root logger level to INFO and its only appender to A1. 
    log4j.rootLogger=INFO, A1 
       
    # A1 is set to be a ConsoleAppender.  
    log4j.appender.A1=org.apache.log4j.ConsoleAppender 
       
    # A1 uses PatternLayout. 
    log4j.appender.A1.layout=org.apache.log4j.PatternLayout 
    log4j.appender.A1.layout.ConversionPattern=%-4r [%t] %-5p %c %x - %m%n 
</pre> 
 
<p> 
  The server does not attempt to limit multiple logins on the same account 
   from different servers.  However, care should be taken with this feature,    from different servers.  However, care should be taken with this feature,
  as there is no facility to distribute messages between clients that a   as there is no facility to distribute messages between clients that a  
  branch has been deleted.   branch has been deleted.  </p>
</p><p>  Bookmarks are cached on the server, but since bookmarks are unique to
  each client this isn't that much of a win.  Performance seems okay for
<p>now    (and if anything seems bound on the XML    processing and IO overhead).
  Bookmarks are cached on the server, but since bookmarks are unique to  Database operations are not transactional.</p>
  each client this isn't that much of a win.  Performance seems okay for now <p>  The server uses an MD5 hashed password for authentication of the client.
  (and if anything seems bound on the XML  
  processing and IO overhead).  Database operations are not transactional. 
</p> 
 
<p> 
  The server uses an MD5 hashed password for authentication of the client. 
   Once authenticated, the server maintains a session based off the IP address    Once authenticated, the server maintains a session based off the IP address
  of the client.  All data is sent in the clear, and as such the passwords and  of the client.  All data is sent in the clear, and as such the passwords
  XML-RPC information may be and   XML-RPC information may be    <a
  <a href="http://www.robertgraham.com/pubs/sniffing-faq.html">packet sniffed</a>.  href="http://www.robertgraham.com/pubs/sniffing-faq.html">packet sniffed</a>.
  Even if the attacker does not know  Even if the attacker does not know   the clear-text password, he can still
  the clear-text password, he can still send the MD5 hash to be authenticated assend the MD5 hash to be authenticated as   the user.  Unfortunately, XML-RPC
  the user.  Unfortunately, XML-RPC does not cover does not cover    <a
  <a href="http://www.strongsec.com/tutorials/security.htm">security</a> and session management href="http://www.strongsec.com/tutorials/security.htm">security</a> and
  very well; if there are any new RFCs I would love to hear about them.  Onesession management   very well; if there are any new RFCs I would love to
  possible RFC is <a href="http://jimfl.tensegrity.net">Jim Flanagan's</a> hear about them.  One   possible RFC is <a
  <a href="http://jimfl.tensegrity.net/xmlrpc/">proposal</a>, but this requires href="http://jimfl.tensegrity.net">Jim Flanagan's</a>    <a
  the use of <a href="http://www.ietf.org/rfc/rfc2617.txt">HTTP digest  href="http://jimfl.tensegrity.net/xmlrpc/">proposal</a>, but this requires
  authentication</a>, which I believe most clients don't  the use of <a href="http://www.ietf.org/rfc/rfc2617.txt">HTTP digest  
  support. authentication</a>, which I believe most clients don't   support.</p>
</p><br>
 </body>
 </html>

Removed from v.1.11  
changed lines
  Added in v.1.12


FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>