* Authentication Database (PostgreSQL)
** User and group tables 
** Authentication configuration 
** Servlet container realm configuration 

* JSPWiki Application 
** Directory layout and permissions 
*** WAR file 
*** Wiki pages 
*** Wiki logs 

* [Optimizations|DeploymentOptimizations] 
** Connecting Apache 2 to Tomcat 
** Serving static content from Apache 
** Pre-compiling JSPs 
** Running Tomcat & JSPWiki with a Security Manager 

* Deployment tools 
** SSH agent 
** Ant scripts 

This is just a rough outline. I will be fleshing this out over the next few weeks. -- Andrew Jaquith 

!!Comments and Discussion:
(starts here...)

!!!Operating system and servlet container 

!!Host access 

!!Directory layout 

!!Runtime security 

!Runtime users 

!Startup scripts 


!Container-managed authentication 

!!Service minimization 

!Tomcat hardening 

!!File permissions 

!Servlet logs 

!Servlet configuration directory 

!!Host-based firewall 

!IPTables example 

!!!PostgreSQL Database 

!!User and group tables 

!!Authentication configuration 

!!Servlet container realm configuration 

!!!JSPWiki Application 

!!Directory layout and permissions 

!WAR file 

!Wiki pages 


Andrew Jaquith, I see you are building this page.
We are 80% of the way to deciding to use JSPWiki to develop our site. We also hope to become involved in the development community to build or enhance pluggins. Part of the process for us to use JSPWiki is to document what we are doing. At this point, I'm the only one with the time (except next week, I'm on holiday) to devote to this and my experience is old and out of date. (Example, wrote a C textbook in the early 90s.) However, if I were able to ask questions as we build our system, I could do double duty on the documentation. By that, I mean, I'd add to the JSPWiki documentation for all to use when it was general, and build separate pages on our own site for things specific to our organization. 

So what is the bottom-line here? Would you be able to answer questions as I build our site? From there I'll take what I learn from you and make it into documentation. Also, I plan to learn how to use the Irc. Are there other things I should be doing to move forward? Thanks.

--Anthony Petrillo, 08-Apr-2006