geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jan Bartel <>
Subject [security] Authentication mechanism
Date Thu, 27 Nov 2003 04:52:58 GMT
I'm just taking a look at integrating the web tier security with 
Geronimo security. I've got a couple of questions:

1.  When/who should call setMBeanServer on the
     GeronimoLoginConfiguration? Should I call it
     just before doing a LoginContext login() call?

2.  What code is responsible for configuring the SecurityRealm
     instances? Should they be configurable from the
     security-service.xml file?

3.  I still can't work out where the mapping of the user's roles
     that are retrieved by the SecurityRealm are turned into permissions
     suitable for a HttpRequest.isUserInRole() call impl?

Any pointers on any of these would be welcome.


View raw message