On Jul 14, 2009, at 11:29 PM, Rodger wrote:
Previously and in a common way, we do principal-role mapping in a deployment plan (such as geronimo-web.xml,openejb-jar.xml),
<role-mappings>But in Geronimo2.2 , after a jira https://issues.apache.org/jira/browse/GERONIMO-4523
<principal class="o.a.g.s.r.providers.GeronimoGroupPrincipal" name="UserGrp"/>
It seems that we can do the principal-role mapping without the need for Geronimo-specific deployment plans.
Has the feature been implemented? If so, how to do the mapping?
I'm not sure if there is an example of how to do this.
2. add a dependency on the plugin from (1) to your javaee app.
3. In the geronimo plan for your javaee app, include a <security-ref> element with a <name> element referring to the <security> element in (1).
You still need a geronimo plan for the javaee app, this just lets you share the principal-role mapping between several apps.
I think that's how it works.