geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Jencks <>
Subject Re: How to add/remove security Pricipal User/Group?
Date Sun, 12 Apr 2009 17:43:00 GMT

On Apr 12, 2009, at 6:48 AM, govinda wrote:

> How to add/remove security Pricipal User/Group without re-deploying
> application?

I don't understand what you are asking.  I can think of two  

1. You would like to change the identity information for some users.   
For instance, add a user or add a group to a user.  Depending on how  
your security realm is set up, you'd edit this information.  For  
instance using the property file login module you'd edit the user and  
group properties files (I think there's a console page to help with  
this).  Using an ldap login module you'd modify the ldap data.

2. You want to change the principal-role mapping that indicates which  
security realm principals are associated with particular application  
roles.  To do this you need to redeploy the application after editing  
the security element in your geronimo plan.

In order to avoid the need for (2) you should plan your security  
carefully so there are enough roles in the application and enough  
principals mapped to these roles to distinguish between all the kinds  
of users your application needs.

david jencks

> -- 
> View this message in context:
> Sent from the Apache Geronimo - Dev mailing list archive at  

View raw message