-
Notifications
You must be signed in to change notification settings - Fork 3
/
README
124 lines (96 loc) · 4.91 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
Apache Wave
------------
The Apache Wave project is a stand alone wave server and rich web client
that serves as a Wave reference implementation.
Apache Wave site: http://incubator.apache.org/wave/
This project lets developers and enterprise users run wave servers and
host waves on their own hardware. And then share those waves with other
wave servers.
Cryptographic Software Notice
-----------------------------
This distribution includes cryptographic software. The country in
which you currently reside may have restrictions on the import,
possession, use, and/or re-export to another country, of
encryption software. BEFORE using any encryption software, please
check your country's laws, regulations and policies concerning the
import, possession, or use, and re-export of encryption software, to
see if this is permitted. See <http://www.wassenaar.org/> for more
information.
The U.S. Government Department of Commerce, Bureau of Industry and
Security (BIS), has classified this software as Export Commodity
Control Number (ECCN) 5D002.C.1, which includes information security
software using or performing cryptographic functions with asymmetric
algorithms. The form and manner of this Apache Software Foundation
distribution makes it eligible for export under the License Exception
ENC Technology Software Unrestricted (TSU) exception (see the BIS
Export Administration Regulations, Section 740.13) for both object
code and source code.
The following provides more details on the included cryptographic
software:
Wave requires the BouncyCastle Java cryptography APIs:
http://www.bouncycastle.org/java.html
Build
------
Wave in a Box uses Ant to build.
To run the tests (optional), run:
<code>
ant get-third-party test
</code>
To build the client and server run:
<code>
ant get-third-party compile-gwt dist-server
</code>
It will be created in dist/wave-in-a-box-server-X.Y-incubating.jar.
You need to configure your instance before you can use it. To create a default simple configuration run:
<code>
ant -f server-config.xml
</code>
To override default values pass them to the ant script.
For example, to override wave_server_domain run : ant -f server-config.xml -Dwave_server_domain=example.com
Take a look at the server.config.example to learn about configuration and possible/default values.
The server can be started (on Linux/MacOS) by running
./run-server.sh
Or on Windows by running
run-server.bat
Or, you can run the server from the compiled classes with ant:
<code>
ant run-server
</code>
The web client will be accessible by default at http://localhost:9898/
To learn more about Wave in a Box and Wave Federation Protocol:
1. Look at the white papers folder - the information is a bit old but still usable.
2. Watch the Wave Summit videos on YouTube, find the links at: https://cwiki.apache.org/confluence/display/WAVE/Wave+Summit+Talks
3. Subscribe to the wave-dev mailing list, find instructions at http://incubator.apache.org/wave/mailing-lists.html
Wave Protocol communicates using Protocol Buffers
<http://code.google.com/p/protobuf/>
Because of the difficulty of distributing binaries, we do not include the
protocol compiler in this distribution. Therefore, to rebuild updated
protocol buffer files, you will need to install the binary protoc
in your environment by fetching the protobuf code from the website
above.
Additionally, you will have to update the build-proto.properties file to
point to the unpacked source distribution of the protocol buffers release.
Then, after updating a proto file, run
<code>
ant -f build-proto.xml compile compile_json
</code>
Note: this generates files into proto_src. If files here exist without
write permission, you will get permission denied errors from this step.
Note also that you don't need protoc unless you want to change the proto
files.
To enable SSL:
Create a Java keystore for your server (e.g. using http://portecle.sourceforge.net/).
You will need a key (e.g. called "server") whose subject Common Name (CN) is
the hostname of your server.
Set enable_ssl = true and set the ssl_keystore_path and ssl_keystore_password options.
To enable X.509 client authentication:
If your users have X.509 certificates which include their email address, you can have
them logged in automatically (with their wave ID being the same as their email address):
You can get X.509 certificates issued from any normal CA (e.g. StartSSL offer them for free).
You can get your CA's certficate from their website, though note they might provide more than 1 certificate which you need to chain before your client certificates are considered trusted.
1. Add the signing CA to your keystore file.
2. Set enable_clientauth = true
3. Set clientauth_cert_domain (to the part after the "@" in your email addresses).
4. (optional) Set disable_loginpage = true to prevent password-based logins.
Users will be automatically logged in when they access the site, with the
username taken from the email address in their certificate.