Changes in 090a1b3: Updated usermanagement (markdown)

				wiki/usermanagement.md
			
          @@ -14,9 +14,34 @@ The following bundles implement the Shiro-based security features for SSE:

           This bundle contains the core Shiro libraries which so far are not yet part of the target platform. It provides basic services such as the `SecurityService` and utilities such as `SessionUtils` and `ClientUtils`. The `SecurityService` instance is created by the bundle activator and registered with the OSGi service registry.

          -`UsernamePasswordRealm` and `OAuthRealm` are two realm implementations provided by the bundle that can be used in `shiro.ini` configuration files.

          -

          -A typical `shiro.ini` configuration file using the `com.sap.sse.security` bundle could look like this:

          +`UsernamePasswordRealm` and `OAuthRealm` are two realm implementations provided by the bundle that can be used in `shiro.ini` configuration files. Both realms store and obtain user-specific data including the roles and permissions in a `UserStore` (see the [com.sap.sse.security.userstore.mongodb](/wiki/usermanagement#com.sap.sse.security.userstore.mongodb) section) which is an instance shared by the realm objects as well as the `SecurityService`.

          +

          +A web bundle that wants to use Shiro-based security and user management features should declare the following in its `WEB-INF/web.xml` descriptor:

          +

          +	<context-param>

          +		<param-name>shiroEnvironmentClass</param-name>

          +		<param-value>org.apache.shiro.web.env.IniWebEnvironment</param-value>

          +	</context-param>

          +	<listener>

          +		<listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class>

          +	</listener>

          +	<filter>

          +		<filter-name>ShiroFilter</filter-name>

          +		<filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class>

          +	</filter>

          +	<!--	Make sure any request you want accessible to Shiro is filtered. "/*" 

          +		catches all requests. Usually this filter mapping is defined first (before all 

          +		others) to ensure that Shiro works in subsequent filters in the filter chain: -->

          +	<filter-mapping>

          +		<filter-name>ShiroFilter</filter-name>

          +		<url-pattern>/*</url-pattern>

          +		<dispatcher>REQUEST</dispatcher>

          +		<dispatcher>FORWARD</dispatcher>

          +		<dispatcher>INCLUDE</dispatcher>

          +		<dispatcher>ERROR</dispatcher>

          +	</filter-mapping>

          +

          +It is then the `shiro.ini` configuration file which needs to be in the using bundle's classpath root that configures Shiro to use the elements provided by the `com.sap.sse.security` bundle. A typical `shiro.ini` configuration file using the `com.sap.sse.security` bundle could look like this:

           <pre>

           [main]

...	...	@@ -14,9 +14,34 @@ The following bundles implement the Shiro-based security features for SSE:
14	14
15	15	This bundle contains the core Shiro libraries which so far are not yet part of the target platform. It provides basic services such as the `SecurityService` and utilities such as `SessionUtils` and `ClientUtils`. The `SecurityService` instance is created by the bundle activator and registered with the OSGi service registry.
16	16
17		-`UsernamePasswordRealm` and `OAuthRealm` are two realm implementations provided by the bundle that can be used in `shiro.ini` configuration files.
18		-
19		-A typical `shiro.ini` configuration file using the `com.sap.sse.security` bundle could look like this:
	17	+`UsernamePasswordRealm` and `OAuthRealm` are two realm implementations provided by the bundle that can be used in `shiro.ini` configuration files. Both realms store and obtain user-specific data including the roles and permissions in a `UserStore` (see the [com.sap.sse.security.userstore.mongodb](/wiki/usermanagement#com.sap.sse.security.userstore.mongodb) section) which is an instance shared by the realm objects as well as the `SecurityService`.
	18	+
	19	+A web bundle that wants to use Shiro-based security and user management features should declare the following in its `WEB-INF/web.xml` descriptor:
	20	+
	21	+ <context-param>
	22	+ <param-name>shiroEnvironmentClass</param-name>
	23	+ <param-value>org.apache.shiro.web.env.IniWebEnvironment</param-value>
	24	+ </context-param>
	25	+ <listener>
	26	+ <listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class>
	27	+ </listener>
	28	+ <filter>
	29	+ <filter-name>ShiroFilter</filter-name>
	30	+ <filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class>
	31	+ </filter>
	32	+ <!-- Make sure any request you want accessible to Shiro is filtered. "/*"
	33	+ catches all requests. Usually this filter mapping is defined first (before all
	34	+ others) to ensure that Shiro works in subsequent filters in the filter chain: -->
	35	+ <filter-mapping>
	36	+ <filter-name>ShiroFilter</filter-name>
	37	+ <url-pattern>/*</url-pattern>
	38	+ <dispatcher>REQUEST</dispatcher>
	39	+ <dispatcher>FORWARD</dispatcher>
	40	+ <dispatcher>INCLUDE</dispatcher>
	41	+ <dispatcher>ERROR</dispatcher>
	42	+ </filter-mapping>
	43	+
	44	+It is then the `shiro.ini` configuration file which needs to be in the using bundle's classpath root that configures Shiro to use the elements provided by the `com.sap.sse.security` bundle. A typical `shiro.ini` configuration file using the `com.sap.sse.security` bundle could look like this:
20	45	<pre>
21	46
22	47	[main]