geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From conflue...@apache.org
Subject [CONF] Apache Geronimo v2.1 > Replace default realm with others
Date Wed, 09 Sep 2009 09:11:00 GMT
<html>
<head>
    <base href="http://cwiki.apache.org/confluence">
            <link rel="stylesheet" href="/confluence/s/1519/1/1/_/styles/combined.css?spaceKey=GMOxDOC21&amp;forWysiwyg=true"
type="text/css">
    </head>
<body style="background-color: white" bgcolor="white">
<div id="pageContent">
<div id="notificationFormat">
<div class="wiki-content">
<div class="email">
    <h2><a href="http://cwiki.apache.org/confluence/display/GMOxDOC21/Replace+default+realm+with+others">Replace
default realm with others</a></h2>
    <h4>Page  <b>added</b> by             <a href="http://cwiki.apache.org/confluence/display/~chirunhua@gmail.com">Runhua
Chi</a>
    </h4>
         <br/>
    <div class="notificationGreySide">
         <p>This article is about how to replace default properties realm <tt>geronimo-admin</tt>
with SQL or LDAP realms in v2.1.</p>

<p>By default, Geronimo is using a properties realm for authentication named <tt>geronimo-admin</tt>,
which is used by JMX server, Admin Console, Online-deploy and MEJB application. However, you
may not want to use it for production use. Alternatively, you can use database(SQL) or LDAP
realms in a production environment. To replace the default realm, you must do the following:</p>
<ol>
	<li>Deploy a new realm with real-name <b>geronimo-admin</b> either from
the Admin console or using command line. Refer to <a href="/confluence/pages/createpage.action?spaceKey=GMOxDOC21&amp;title=Administering+security+realms&amp;linkCreation=true&amp;fromPageId=2853829"
class="createlink">Administering security realms</a> for how to create a SQL or LDAP
realm using the Admin Console. When it's done, a new realm is created with plugin id <tt>console.realm/geronimo-admin/1.0/car</tt>.
At the mean time, a new line is added into <tt>var/config/config.xml</tt> under
Geronimo installation directory like
  <div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
<pre class="code-java">
     &lt;module name=<span class="code-quote">"console.realm/geronimo-admin/1.0/car"</span>/&gt;
  </pre>
</div></div></li>
	<li>Locate <tt>org.apache.geronimo.framework/server-security-config/2.1/car</tt>
in <tt>config.xml</tt> when the server is stopped and disable the default realm.
The updated <tt>config.xml</tt> will be looked like this
  <div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
<pre class="code-java">
     ...
     &lt;module name=<span class="code-quote">"org.apache.geronimo.framework/server-security-config/2.1/car"</span>&gt;
           &lt;gbean name=<span class="code-quote">"geronimo-admin"</span>
load=<span class="code-quote">"<span class="code-keyword">false</span>"</span>/&gt;
     &lt;/modoule&gt;
     ...
  </pre>
</div></div></li>
	<li>Restart the server and test with new userid and password instead of default <b>system</b>
and <b>manager</b>. You can successfully log into the Admin console.</li>
</ol>

    </div>
    <div id="commentsSection" class="wiki-content pageSection">
       <div style="float: right;">
            <a href="http://cwiki.apache.org/confluence/users/viewnotifications.action"
class="grey">Change Notification Preferences</a>
       </div>
       <a href="http://cwiki.apache.org/confluence/display/GMOxDOC21/Replace+default+realm+with+others">View
Online</a>
              |
       <a href="http://cwiki.apache.org/confluence/display/GMOxDOC21/Replace+default+realm+with+others?showComments=true&amp;showCommentArea=true#addcomment">Add
Comment</a>
           </div>
</div>
</div>
</div>
</div>
</body>
</html>

Mime
View raw message