geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Malgeri <mmalg...@us.ibm.com>
Subject Security Config File questions
Date Fri, 10 Jun 2005 17:26:05 GMT
Got a couple of security related questions:

1.  In the following snippet from thej2ee-secure-plan.xml file one of 
possibly many login modules (which are connected by a reference tag) are 
associated with the realm and the other block that appear above the realm

<gbean name="demo-properties-login" 
class="org.apache.geronimo.security.jaas.JaasLoginModuleUse">
        <attribute name="controlFlag">REQUIRED</attribute>
        <reference name="LoginModule">
            <name>demo-properties-login</name>
        </reference>
    </gbean>

Each login module has a Flag, which I see in this case is "REQUIRED"
But shouldn't each login module have the ability to take "options", which 
I don't see
Is there an "options"attribute? I know there is an "options" attribute in 
the "LoginModuleGBean" that this block is associate with, but what do you 
do in the case when there are multiple login modules, i.e. multiple 
JaasLoginModuleUse gbeans and they each can have options? 

2.  In a standard JAAS config file, there are "Application blocks" that 
contain groups of login modules. it looks something like 

App1{
Class Flag Options;
 Class Flag Options: etc}. 

where each  "Class" , "Flag" and "Options" is for each login module 

"What" tag/artifact/THING in the j2ee-secure-plan.xml file corresponds to 
"App1" in the preceeding block ? 

Michael Malgeri
Mgr Gluecode Client Technical Services
PHONE: 310-536-8355 x 14
FAX: 310-536-9062
CELLULAR: 310-704-6403
Mime
View raw message