geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From conflue...@apache.org
Subject [CONF] Apache Geronimo v2.1 > Using security realm wizard in GEP
Date Thu, 15 Apr 2010 09:15:00 GMT
<html>
<head>
    <base href="http://cwiki.apache.org/confluence">
            <link rel="stylesheet" href="/confluence/s/1520/1/1/_/styles/combined.css?spaceKey=GMOxDOC21&amp;forWysiwyg=true"
type="text/css">
    </head>
<body style="background-color: white" bgcolor="white">
<div id="pageContent">
<div id="notificationFormat">
<div class="wiki-content">
<div class="email">
    <h2><a href="http://cwiki.apache.org/confluence/display/GMOxDOC21/Using+security+realm+wizard+in+GEP">Using
security realm wizard in GEP</a></h2>
    <h4>Page  <b>added</b> by             <a href="http://cwiki.apache.org/confluence/display/~carol%2Bh">Di
Hu</a>
    </h4>
         <br/>
    <div class="notificationGreySide">
         <style type='text/css'>/*<![CDATA[*/
table.ScrollbarTable  {border: none;padding: 3px;width: 100%;padding: 3px;margin: 0px;background-color:
#f0f0f0}
table.ScrollbarTable td.ScrollbarPrevIcon {text-align: center;width: 16px;border: none;}
table.ScrollbarTable td.ScrollbarPrevName {text-align: left;border: none;}
table.ScrollbarTable td.ScrollbarParent {text-align: center;border: none;}
table.ScrollbarTable td.ScrollbarNextName {text-align: right;border: none;}
table.ScrollbarTable td.ScrollbarNextIcon {text-align: center;width: 16px;border: none;}

/*]]>*/</style><div class="Scrollbar"><table class='ScrollbarTable'><tr><td
class='ScrollbarPrevIcon'><a href="/confluence/display/GMOxDOC21/Using+datasource+pool+wizard+in+GEP"><img
border='0' align='middle' src='/confluence/images/icons/back_16.gif' width='16' height='16'></a></td><td
width='33%' class='ScrollbarPrevName'><a href="/confluence/display/GMOxDOC21/Using+datasource+pool+wizard+in+GEP">Using
datasource pool wizard in GEP</a>&nbsp;</td><td width='33%' class='ScrollbarParent'><sup><a
href="/confluence/display/GMOxDOC21/Development+and+deployment+planning"><img border='0'
align='middle' src='/confluence/images/icons/up_16.gif' width='8' height='8'></a></sup><a
href="/confluence/display/GMOxDOC21/Development+and+deployment+planning">Development and
deployment planning</a></td><td width='33%' class='ScrollbarNextName'>&nbsp;</td></tr></table></div>

<p>This article shows you how to create a security realm using Geronimo Eclipse Plugin(GEP)
during development. GEP provides an easy-using wizard for different types of security realm
configuration such as properties file realm, SQL realm and LDAP realm.</p>

<p>In this article, we use a sample Dynamic Web Project and SQL realm for demonstration.
You can of course choose the project or realm type as you needed.</p>

<h1><a name="UsingsecurityrealmwizardinGEP-CreatingaSQLrealm"></a>Creating
a SQL realm </h1>

<ol>
	<li>Double-click the <tt>geronimo-web.xml</tt> file under /META-INF directory
of your application to open it in <b>Geronimo Deployment Plan Editor</b>, you
will see general information page of the application.
<br clear="all" /></li>
	<li>Select <b>Security</b> tab, and then open <b>Security Realm</b>
section to display the security realms that are defined.
<br clear="all" />
	<ul>
		<li><b>Add</b> - start a wizard for security realm creation.</li>
		<li><b>Remove</b> - remove an existing security realm.</li>
		<li><b>Edit</b> - reconfigure an existing security realm.
<br clear="all" /></li>
	</ul>
	</li>
	<li>Click <b>Add</b> to start a security realm wizard and fill in required
fields. In this example, we select <b>SQL Realm</b>.
<br clear="all" />
	<ul>
		<li><b>Realm Name</b> is used to specify the name of the security realm
that will be used for user authentication for the application.</li>
		<li><b>Realm Type</b> is the type of login module.
<br clear="all" /></li>
	</ul>
	</li>
	<li>Click <b>Next</b> to input SQL statements for user and group verification.
<br clear="all" />
	<ul>
		<li><b>Select SQL</b> : input SQL statements to retrieve user and group
information from database .</li>
		<li><b>Digest Configuration</b> : specify digesting algorithm and encoding
configuration for the user's password.
<br clear="all" /></li>
	</ul>
	</li>
	<li>Input a database pool name or JDBC URL to connect to the database where the credentials
are stored.
<br clear="all" /></li>
	<li>Click <b>Finish</b> to complete the wizard, and you will see that the
realm and corresponding LoginModule class are listed in the <b>Security Realm</b>
section.
<br clear="all" /></li>
	<li>In the tool-bar, click <b>Finish</b> to save the changes.</li>
</ol>


<p>Now you have created a new security realm for a simple Web application. You can click
the <b>Source</b> tab to review the sample deployment plan.</p>
<div class="code panel" style="border-width: 1px;"><div class="codeHeader panelHeader"
style="border-bottom-width: 1px;"><b>geronimo-web.xml</b></div><div
class="codeContent panelContent">
<script type="syntaxhighlighter" class="toolbar: false; theme: default; brush: java; gutter:
false"><![CDATA[
&lt;?xml version="1.0" encoding="UTF-8"?&gt;
&lt;web:web-app xmlns:app="http://geronimo.apache.org/xml/ns/j2ee/application-2.0" xmlns:client="http://geronimo.apache.org/xml/ns/j2ee/application-client-2.0"
xmlns:conn="http://geronimo.apache.org/xml/ns/j2ee/connector-1.2" 
xmlns:dep="http://geronimo.apache.org/xml/ns/deployment-1.2" xmlns:ejb="http://openejb.apache.org/xml/ns/openejb-jar-2.2"
xmlns:log="http://geronimo.apache.org/xml/ns/loginconfig-2.0" 
xmlns:name="http://geronimo.apache.org/xml/ns/naming-1.2" xmlns:pers="http://java.sun.com/xml/ns/persistence"
xmlns:pkgen="http://openejb.apache.org/xml/ns/pkgen-2.1" 
xmlns:sec="http://geronimo.apache.org/xml/ns/security-2.0" xmlns:web="http://geronimo.apache.org/xml/ns/j2ee/web-2.0.1"&gt;
    &lt;dep:environment&gt;
        &lt;dep:moduleId&gt;
            &lt;dep:groupId&gt;default&lt;/dep:groupId&gt;
            &lt;dep:artifactId&gt;TestWAR&lt;/dep:artifactId&gt;
            &lt;dep:version&gt;1.0&lt;/dep:version&gt;
            &lt;dep:type&gt;car&lt;/dep:type&gt;
        &lt;/dep:moduleId&gt;
        &lt;dep:dependencies&gt;
            &lt;dep:dependency&gt;
                &lt;dep:groupId&gt;org.apache.geronimo.framework&lt;/dep:groupId&gt;
                &lt;dep:artifactId&gt;j2ee-security&lt;/dep:artifactId&gt;
                &lt;dep:type&gt;car&lt;/dep:type&gt;
            &lt;/dep:dependency&gt;
        &lt;/dep:dependencies&gt;
    &lt;/dep:environment&gt;
    &lt;web:context-root&gt;/TestWAR&lt;/web:context-root&gt;
    &lt;dep:gbean class="org.apache.geronimo.security.realm.GenericSecurityRealm" name="testSQLRealm"&gt;
        &lt;dep:attribute name="realmName"&gt;testSQLRealm&lt;/dep:attribute&gt;
        &lt;dep:reference name="ServerInfo"&gt;
            &lt;dep:name&gt;ServerInfo&lt;/dep:name&gt;
        &lt;/dep:reference&gt;
        &lt;dep:xml-reference name="LoginModuleConfiguration"&gt;
            &lt;log:loginConfig&gt;
                &lt;log:login-module control-flag="REQUIRED" wrap-principals="false"&gt;
                    &lt;log:login-domain-name&gt;testSQLRealm&lt;/log:login-domain-name&gt;
                    &lt;log:login-module-class&gt;org.apache.geronimo.security.realm.providers.SQLLoginModule&lt;/log:login-module-class&gt;
                    &lt;log:option name="dataSourceName"&gt;SecurityDatabasePool&lt;/log:option&gt;
                    &lt;log:option name="userSelect"&gt;select username, password
from users where username=?&lt;/log:option&gt;
                    &lt;log:option name="groupSelect"&gt;select username, groupname
from groups where username=?&lt;/log:option&gt;
                    &lt;log:option name="digest"/&gt;
                    &lt;log:option name="encoding"/&gt;
                &lt;/log:login-module&gt;
            &lt;/log:loginConfig&gt;
        &lt;/dep:xml-reference&gt;
    &lt;/dep:gbean&gt;
&lt;/web:web-app&gt;
]]></script>
</div></div>
    </div>
    <div id="commentsSection" class="wiki-content pageSection">
       <div style="float: right;">
            <a href="http://cwiki.apache.org/confluence/users/viewnotifications.action"
class="grey">Change Notification Preferences</a>
       </div>
       <a href="http://cwiki.apache.org/confluence/display/GMOxDOC21/Using+security+realm+wizard+in+GEP">View
Online</a>
              |
       <a href="http://cwiki.apache.org/confluence/display/GMOxDOC21/Using+security+realm+wizard+in+GEP?showComments=true&amp;showCommentArea=true#addcomment">Add
Comment</a>
           </div>
</div>
</div>
</div>
</div>
</body>
</html>

Mime
View raw message