svn commit: r1778420 - /ofbiz/trunk/tools/documentati
Locked
svn commit: r1778420 - /ofbiz/trunk/tools/documentati
 
|
Author: jleroux
Date: Thu Jan 12 11:09:35 2017 New Revision: 1778420 URL: http://svn.apache.org/viewvc?rev=1778420&view=rev Log: No functional change, just updates documentation in README.MD for wiki Modified: ofbiz/trunk/tools/documentation/README.md.html Modified: ofbiz/trunk/tools/documentation/README.md.html URL: http://svn.apache.org/viewvc/ofbiz/trunk/tools/documentation/README.md.html?rev=1778420&r1=1778419&r2=1778420&view=diff ============================================================================== --- ofbiz/trunk/tools/documentation/README.md.html (original) +++ ofbiz/trunk/tools/documentation/README.md.html Thu Jan 12 11:09:35 2017 @@ -37,12 +37,9 @@ under the License. <blockquote> <p><em>Note</em>: if you are using Eclipse, make sure of running the appropriate Eclipse command <code>gradlew eclipse</code> before creating the project in Eclipse. This command will prepare OFBiz for Eclipse with the correct classpath and settings by creating the.classpath and .project files.</p> </blockquote> -<h2 id="security">Security</h2> -<p>You can trust the OFBiz Project Management Committee members and committers do their best to keep OFBiz secure from external exploits, and fix vulnerabilities as soon as they are known. Despite these efforts, if ever you find and want to report a security issue, please report at: security @ ofbiz.apache.org, before disclosing them in a public forum.</p> <blockquote> -<p><em>Note</em>: Be sure to read this Wiki page if ever you plan to use RMI, JNDI, JMX or Spring and maybe other Java classes OFBiz does not use Out Of The Box (OOTB): <a href="https://cwiki.apache.org/confluence/display/OFBIZ/The+infamous+Java+serialization+vulnerability">The infamous Java serialization vulnerability</a></p> +<p><em>Note</em>: if you want to use an external DBMS, instead of the embedded Derby, you will need a JDBC driver. The only thing you need to do is add a dependency in build.gradle to the MySQL/PostgreSQL/whatever JDBC driver. Search in Jcenter for the database driver suitable for the database installed on your production system. For example, under the dependencies section you can add something like this for mysql: <code>runtime 'mysql:mysql-connector-java:5.1.36'</code> Of course you need to make sure the connector is compatible with <em>your</em> version of the database installed!</p> </blockquote> -<p>You can find more information about security in OFBiz at <a href="https://cwiki.apache.org/confluence/display/OFBIZ/Keeping+OFBiz+secure">Keeping OFBiz secure</a></p> <h2 id="quick-start">Quick start</h2> <p>To quickly install and fire-up OFBiz, please follow the below instructions from the command line at the OFBiz top level directory (folder)</p> <h3 id="prepare-ofbiz">Prepare OFBiz:</h3> @@ -52,6 +49,9 @@ under the License. <h3 id="start-ofbiz">Start OFBiz:</h3> <p>MS Windows: <code>gradlew ofbiz</code></p> <p>Unix-like OS: <code>./gradlew ofbiz</code></p> +<blockquote> +<p><em>Note</em>: then ignore the % progress indicator because this task does not end as long as OFBiz is running.</p> +</blockquote> <h3 id="visit-ofbiz-through-your-browser">Visit OFBiz through your browser:</h3> <p><a href="https://localhost:8443/ordermgr">Order Back Office</a></p> <p><a href="https://localhost:8443/accounting">Accounting Back Office</a></p> @@ -60,6 +60,12 @@ under the License. <blockquote> <p><em>Note</em>: the default configuration uses an embedded Java database (Apache Derby) and embedded application server components such as Apache Tomcat®, Apache Geronimo (transaction manager), etc.</p> </blockquote> +<h2 id="security">Security</h2> +<p>You can trust the OFBiz Project Management Committee members and committers do their best to keep OFBiz secure from external exploits, and fix vulnerabilities as soon as they are known. Despite these efforts, if ever you find and want to report a security issue, please report at: security @ ofbiz.apache.org, before disclosing them in a public forum.</p> +<blockquote> +<p><em>Note</em>: Be sure to read this Wiki page if ever you plan to use RMI, JNDI, JMX or Spring and maybe other Java classes OFBiz does not use Out Of The Box (OOTB): <a href="https://cwiki.apache.org/confluence/display/OFBIZ/The+infamous+Java+serialization+vulnerability">The infamous Java serialization vulnerability</a></p> +</blockquote> +<p>You can find more information about security in OFBiz at <a href="https://cwiki.apache.org/confluence/display/OFBIZ/Keeping+OFBiz+secure">Keeping OFBiz secure</a></p> <hr /> <h2 id="build-system-syntax">Build system syntax</h2> <p>All build tasks are executed using the <strong>Gradle</strong> build system which is embedded in OFBiz. To execute build tasks go to OFBiz top-level directory (folder) and execute tasks from there.</p> @@ -211,7 +217,7 @@ under the License. <p>OR</p> <p><code>gradlew 'ofbiz --test'</code></p> <h4 id="execute-an-integration-test-case">Execute an integration test case</h4> -<p>run a test case, in this example the componnet is "entity" and the case name is "entity-tests"</p> +<p>run a test case, in this example the component is "entity" and the case name is "entity-tests"</p> <p><code>gradlew "ofbiz --test component=entity --test case=entity-tests"</code></p> <h4 id="execute-an-integration-test-case-in-debug-mode">Execute an integration test case in debug mode</h4> <p>listens on port <strong>5005</strong></p> @@ -242,7 +248,8 @@ under the License. <p>The below command activates a gradle plugin (OWASP) and Identifies and reports known vulnerabilities (CVEs) in OFBiz library dependencies. This command takes a long time to execute because it needs to download all plugin dependencies and the CVE identification process is also time consuming</p> <p><code>gradlew -PenableOwasp dependencyCheck</code></p> <h4 id="setup-eclipse-project-for-ofbiz">Setup eclipse project for OFBiz</h4> -<p>Thanks to some gradle magic, setting up OFBiz on eclipse is very easy. All you need is to execute one command and then you can import the project to eclipse. This command will generate the necessary <strong>.classpath</strong> and <strong>.project</strong> files for eclipse.</p> +<p>Setting up OFBiz on eclipse is easy by simply running the below command and then importing the project to eclipse. This command will generate the necessary <strong>.classpath</strong> and <strong>.project</strong> files for eclipse and it will also make the source code for external libraries available in eclipse (i.e. you can view source through Ctrl + Click)</p> +<p>The first time you run this command it will take a long time to execute because it will download source packages available for project dependencies.</p> <p><code>gradlew eclipse</code></p> <hr /> <h2 id="ofbiz-plugin-system">OFBiz plugin system</h2> @@ -310,9 +317,9 @@ under the License. <h2 id="useful-tips">Useful Tips</h2> <h3 id="gradle-tab-completion-on-unix-like-systems">Gradle tab-completion on Unix-like systems:</h3> <p>To get tab completion (auto complete gradle commands by pressing tab) you can download the script from the below link and place it in the appropriate location for your system.</p> -<p><a href="https://gist.github.com/nolanlawson/8694399">Gradle tab completion</a></p> +<p><a href="https://gist.github.com/Ea87/46401a96df31cd208a87">Gradle tab completion</a></p> <p>For example, on debian based systems, you can use the following command:</p> -<p><code>sudo curl -L -s https://gist.github.com/nolanlawson/8694399/raw/gradle-tab-completion.bash -o /etc/bash_completion.d/gradle-tab-completion.bash</code></p> +<p><code>sudo curl -L -s https://gist.github.com/Ea87/46401a96df31cd208a87/raw/gradle-tab-completion.bash -o /etc/bash_completion.d/gradle-tab-completion.bash</code></p> <h2 id="crypto-notice">Crypto notice</h2> <p>This distribution includes cryptographic software. The country in which you currently reside may have restrictions on the import, possession, use, and/or re-export to another country, of encryption software. BEFORE using any encryption software, please check your country's laws, regulations and policies concerning the import, possession, or use, and re-export of encryption software, to see if this is permitted. See <a href="http://www.wassenaar.org/" class="uri">http://www.wassenaar.org/</a> for more information.</p> <p>The U.S. Government Department of Commerce, Bureau of Industry and Security (BIS), has classified this software as Export Commodity Control Number (ECCN) 5D002.C.1, which includes information security software using or performing cryptographic functions with asymmetric algorithms. The form and manner of this Apache Software Foundation distribution makes it eligible for export under the License Exception ENC Technology Software Unrestricted (TSU) exception (see the BIS Export Administration Regulations, Section 740.13) for both object code and source code.</p> |
«
Return to OFBiz - Commits
|
1 view|%1 views
| Free forum by Nabble | Edit this page |