geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache Wiki <wikidi...@apache.org>
Subject [Geronimo Wiki] Update of "Security" by AaronMulder
Date Mon, 04 Jul 2005 03:02:58 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Geronimo Wiki" for change notification.

The following page has been changed by AaronMulder:
http://wiki.apache.org/geronimo/Security

The comment on the change is:
Update to unified web deployment plan format

------------------------------------------------------------------------------
  
  The JMX remoting implementation looks for a configuration entry called "JMX".  You can either
create a security realm with that name, or (more likely) add a {{{ServerRealmConfigurationEntry}}}
mapping "JMX" to some security realm name.
  
- The Jetty web container should let you configure a security realm in {{{geronimo-jetty.xml}}}
and then pop in a {{{JAASJettyRealm}}} that logs in using the automatic configuration entry
named for that security realm.  The second half of that works, but there's no entry in {{{geronimo-jetty.xml}}}
yet.  Anyway, after login, Jetty probably wants to look up the server-side Subject and use
that (rather than the more limited client-side Subject, since Jetty would need the {{{RealmPrincipal}}}s).
+ The Jetty web container should let you configure a security realm in {{{geronimo-web.xml}}}
and then pop in a {{{JAASJettyRealm}}} that logs in using the automatic configuration entry
named for that security realm.  The second half of that works, but there's no entry in {{{geronimo-web.xml}}}
yet.  Anyway, after login, Jetty probably wants to look up the server-side Subject and use
that (rather than the more limited client-side Subject, since Jetty would need the {{{RealmPrincipal}}}s).
  
  Tomcat or any other web container would need to do something similar.
  

Mime
View raw message