geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From conflue...@apache.org
Subject [CONF] Apache Geronimo v2.2 > Using security realm wizard in GEP
Date Tue, 22 Sep 2009 14:45:00 GMT
<html>
<head>
    <base href="http://cwiki.apache.org/confluence">
            <link rel="stylesheet" href="/confluence/s/1519/1/1/_/styles/combined.css?spaceKey=GMOxDOC22&amp;forWysiwyg=true"
type="text/css">
    </head>
<body style="background-color: white" bgcolor="white">
<div id="pageContent">
<div id="notificationFormat">
<div class="wiki-content">
<div class="email">
     <h2><a href="http://cwiki.apache.org/confluence/display/GMOxDOC22/Using+security+realm+wizard+in+GEP">Using
security realm wizard in GEP</a></h2>
     <h4>Page <b>edited</b> by             <a href="http://cwiki.apache.org/confluence/display/~chirunhua@gmail.com">Runhua
Chi</a>
    </h4>
     Update content of realm wizard in GEP
          <div id="versionComment" class="noteMacro" style="display:none; padding: 5px;">
     Update content of realm wizard in GEP<br />
     </div>
          <br/>
     <div class="notificationGreySide">
         <style type='text/css'>/*<![CDATA[*/
table.ScrollbarTable  {border: none;padding: 3px;width: 100%;padding: 3px;margin: 0px;background-color:
#f0f0f0}
table.ScrollbarTable td.ScrollbarPrevIcon {text-align: center;width: 16px;border: none;}
table.ScrollbarTable td.ScrollbarPrevName {text-align: left;border: none;}
table.ScrollbarTable td.ScrollbarParent {text-align: center;border: none;}
table.ScrollbarTable td.ScrollbarNextName {text-align: right;border: none;}
table.ScrollbarTable td.ScrollbarNextIcon {text-align: center;width: 16px;border: none;}

/*]]>*/</style><div class="Scrollbar"><table class='ScrollbarTable'><tr><td
class='ScrollbarPrevIcon'><a href="/confluence/display/GMOxDOC22/Using+datasource+pool+wizard+in+GEP"><img
border='0' align='middle' src='/confluence/images/icons/back_16.gif' width='16' height='16'></a></td><td
width='33%' class='ScrollbarPrevName'><a href="/confluence/display/GMOxDOC22/Using+datasource+pool+wizard+in+GEP">Using
datasource pool wizard in GEP</a>&nbsp;</td><td width='33%' class='ScrollbarParent'><sup><a
href="/confluence/display/GMOxDOC22/Getting+familiar+with+Geronimo+Eclipse+Plugin+%28GEP%29"><img
border='0' align='middle' src='/confluence/images/icons/up_16.gif' width='8' height='8'></a></sup><a
href="/confluence/display/GMOxDOC22/Getting+familiar+with+Geronimo+Eclipse+Plugin+%28GEP%29">Getting
familiar with Geronimo Eclipse Plugin (GEP)</a></td><td width='33%' class='ScrollbarNextName'>&nbsp;</td></tr></table></div>

<p>This article shows you how to create a security realm using Geronimo Eclipse Plugin(GEP)
during development. GEP provides an easy-using wizard for different types of security realm
configuration such as properties file realm, SQL realm and LDAP realm.</p>

<p>In this article, we use a sample Dynamic Web Project and SQL realm for demonstration.
You can of course choose the project or realm type as you needed.</p>

<h1><a name="UsingsecurityrealmwizardinGEP-CreatingaSQLrealm"></a>Creating
a SQL realm </h1>

<ol>
	<li>Double-click the <tt>geronimo-web.xml</tt> file under /META-INF directory
of your application to open it in <b>Geronimo Deployment Plan Editor</b>, you
will see general information page of the application.
<br clear="all" /></li>
	<li>Select <b>Security</b> page and click <b>Security Realm</b>
section to display the security realms that are defined.
<br clear="all" />
	<ul>
		<li><b>Add</b> will start a wizard for security realm creation.</li>
		<li><b>Remove</b> will remove an existing security realm.</li>
		<li><b>Edit</b> allows you to reconfigure an existing security realm.
<br clear="all" /></li>
	</ul>
	</li>
	<li>Click <b>Add</b> to start a wizard and fill in required fields. In
this example, we select <b>SQL Realm</b>.
<br clear="all" />
	<ul>
		<li><b>Realm Name</b> is used to specify the name of the security realm
that will be used for user authentication for the web application.</li>
		<li><b>Realm Type</b> is the type of login module.
<br clear="all" /></li>
	</ul>
	</li>
	<li>Click <b>Next</b> to input SQL statement for user and group verification.
<br clear="all" />
	<ul>
		<li><b>Select SQL</b> is used to retrieve user and group information from
database .</li>
		<li><b>Digest Configuration</b> is used to ...
<br clear="all" /></li>
	</ul>
	</li>
	<li>Input a database pool name or JDBC URL to connect to the database where the credentials
are stored.
<br clear="all" /></li>
	<li>Click <b>Finish</b> to complete the wizard, and you will see that the
realm and corresponding LoginModule class are listed in the <b>Security Realm</b>
section.
<br clear="all" /></li>
	<li>After you save what you did, select <b>Source</b> page to review the
configuration.
<div class="code panel" style="border-width: 1px;"><div class="codeHeader panelHeader"
style="border-bottom-width: 1px;"><b>geronimo-web.xml</b></div><div
class="codeContent panelContent">
<pre class="code-java">
&lt;?xml version=<span class="code-quote">"1.0"</span> encoding=<span class="code-quote">"UTF-8"</span>?&gt;
&lt;web:web-app xmlns:app=<span class="code-quote">"http:<span class="code-comment">//geronimo.apache.org/xml/ns/j2ee/application-2.0"</span>
xmlns:client=<span class="code-quote">"http://geronimo.apache.org/xml/ns/j2ee/application-client-2.0"</span>
xmlns:conn=<span class="code-quote">"http://geronimo.apache.org/xml/ns/j2ee/connector-1.2"</span>

</span>xmlns:dep=<span class="code-quote">"http:<span class="code-comment">//geronimo.apache.org/xml/ns/deployment-1.2"</span>
xmlns:ejb=<span class="code-quote">"http://openejb.apache.org/xml/ns/openejb-jar-2.2"</span>
xmlns:log=<span class="code-quote">"http://geronimo.apache.org/xml/ns/loginconfig-2.0"</span>

</span>xmlns:name=<span class="code-quote">"http:<span class="code-comment">//geronimo.apache.org/xml/ns/naming-1.2"</span>
xmlns:pers=<span class="code-quote">"http://java.sun.com/xml/ns/persistence"</span>
xmlns:pkgen=<span class="code-quote">"http://openejb.apache.org/xml/ns/pkgen-2.1"</span>

</span>xmlns:sec=<span class="code-quote">"http:<span class="code-comment">//geronimo.apache.org/xml/ns/security-2.0"</span>
xmlns:web=<span class="code-quote">"http://geronimo.apache.org/xml/ns/j2ee/web-2.0.1"</span>&gt;
</span>    &lt;dep:environment&gt;
        &lt;dep:moduleId&gt;
            &lt;dep:groupId&gt;<span class="code-keyword">default</span>&lt;/dep:groupId&gt;
            &lt;dep:artifactId&gt;TestWAR&lt;/dep:artifactId&gt;
            &lt;dep:version&gt;1.0&lt;/dep:version&gt;
            &lt;dep:type&gt;car&lt;/dep:type&gt;
        &lt;/dep:moduleId&gt;
        &lt;dep:dependencies&gt;
            &lt;dep:dependency&gt;
                &lt;dep:groupId&gt;org.apache.geronimo.framework&lt;/dep:groupId&gt;
                &lt;dep:artifactId&gt;j2ee-security&lt;/dep:artifactId&gt;
                &lt;dep:type&gt;car&lt;/dep:type&gt;
            &lt;/dep:dependency&gt;
        &lt;/dep:dependencies&gt;
    &lt;/dep:environment&gt;
    &lt;web:context-root&gt;/TestWAR&lt;/web:context-root&gt;
    &lt;dep:gbean class=<span class="code-quote">"org.apache.geronimo.security.realm.GenericSecurityRealm"</span>
name=<span class="code-quote">"testSQLRealm"</span>&gt;
        &lt;dep:attribute name=<span class="code-quote">"realmName"</span>&gt;testSQLRealm&lt;/dep:attribute&gt;
        &lt;dep:reference name=<span class="code-quote">"ServerInfo"</span>&gt;
            &lt;dep:name&gt;ServerInfo&lt;/dep:name&gt;
        &lt;/dep:reference&gt;
        &lt;dep:xml-reference name=<span class="code-quote">"LoginModuleConfiguration"</span>&gt;
            &lt;log:loginConfig&gt;
                &lt;log:login-module control-flag=<span class="code-quote">"REQUIRED"</span>
wrap-principals=<span class="code-quote">"<span class="code-keyword">false</span>"</span>&gt;
                    &lt;log:login-domain-name&gt;testSQLRealm&lt;/log:login-domain-name&gt;
                    &lt;log:login-module-class&gt;org.apache.geronimo.security.realm.providers.SQLLoginModule&lt;/log:login-module-class&gt;
                    &lt;log:option name=<span class="code-quote">"dataSourceName"</span>&gt;SecurityDatabasePool&lt;/log:option&gt;
                    &lt;log:option name=<span class="code-quote">"userSelect"</span>&gt;select
username, password from users where username=?&lt;/log:option&gt;
                    &lt;log:option name=<span class="code-quote">"groupSelect"</span>&gt;select
username, groupname from groups where username=?&lt;/log:option&gt;
                    &lt;log:option name=<span class="code-quote">"digest"</span>/&gt;
                    &lt;log:option name=<span class="code-quote">"encoding"</span>/&gt;
                &lt;/log:login-module&gt;
            &lt;/log:loginConfig&gt;
        &lt;/dep:xml-reference&gt;
    &lt;/dep:gbean&gt;
&lt;/web:web-app&gt;
</pre>
</div></div></li>
</ol>

     </div>
     <div id="commentsSection" class="wiki-content pageSection">
       <div style="float: right;">
            <a href="http://cwiki.apache.org/confluence/users/viewnotifications.action"
class="grey">Change Notification Preferences</a>
       </div>

       <a href="http://cwiki.apache.org/confluence/display/GMOxDOC22/Using+security+realm+wizard+in+GEP">View
Online</a>
       |
       <a href="http://cwiki.apache.org/confluence/pages/diffpagesbyversion.action?pageId=3474159&revisedVersion=3&originalVersion=2">View
Change</a>
              |
       <a href="http://cwiki.apache.org/confluence/display/GMOxDOC22/Using+security+realm+wizard+in+GEP?showComments=true&amp;showCommentArea=true#addcomment">Add
Comment</a>
            </div>
</div>
</div>
</div>
</div>
</body>
</html>

Mime
View raw message