geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From conflue...@apache.org
Subject [CONF] Apache Geronimo v2.1 > Adminstering security realms
Date Mon, 01 Nov 2010 09:14:00 GMT
<html>
<head>
    <base href="https://cwiki.apache.org/confluence">
            <link rel="stylesheet" href="/confluence/s/1810/9/1/_/styles/combined.css?spaceKey=GMOxDOC21&amp;forWysiwyg=true"
type="text/css">
    </head>
<body style="background: white;" bgcolor="white" class="email-body">
<div id="pageContent">
<div id="notificationFormat">
<div class="wiki-content">
<div class="email">
    <h2><a href="https://cwiki.apache.org/confluence/display/GMOxDOC21/Adminstering+security+realms">Adminstering
security realms</a></h2>
    <h4>Page <b>edited</b> by             <a href="https://cwiki.apache.org/confluence/display/~maojia508">maojia</a>
    </h4>
        <br/>
                         <h4>Changes (6)</h4>
                                 
    
<div id="page-diffs">
            <table class="diff" cellpadding="0" cellspacing="0">
            <tr><td class="diff-snipped" >...<br></td></tr>
            <tr><td class="diff-unchanged" >Listed in this portlet you will find
all the available security realms. By default, the security realm used by Geronimo to authenticate
users via properties file is *geronimo-admin*. <br> <br></td></tr>
            <tr><td class="diff-changed-lines" >When you edit an existing <span
class="diff-changed-words">realm<span class="diff-deleted-chars"style="color:#999;background-color:#fdd;text-decoration:line-through;">
(in this case geronimo-admin) you will be presented with the following screen</span>,</span>
note that you will not be able to change the realm name nor the login domain name. <br></td></tr>
            <tr><td class="diff-unchanged" > <br></td></tr>
            <tr><td class="diff-deleted-lines" style="color:#999;background-color:#fdd;text-decoration:line-through;">!consoleSecurityRealmView.png!
<br></td></tr>
            <tr><td class="diff-unchanged" > <br> <br></td></tr>
            <tr><td class="diff-deleted-lines" style="color:#999;background-color:#fdd;text-decoration:line-through;">The
following example illustrates the deployment plan generated by this realm. <br></td></tr>
            <tr><td class="diff-added-lines" style="background-color: #dfd;">When
you create a new realm you will have to choose from the following realm types available: <br></td></tr>
            <tr><td class="diff-unchanged" > <br></td></tr>
            <tr><td class="diff-deleted-lines" style="color:#999;background-color:#fdd;text-decoration:line-through;">{code:xml|
borderStyle=solid| title=geronimo-properties-realm} <br>&lt;module xmlns=&quot;http://geronimo.apache.org/xml/ns/deployment-1.2&quot;&gt;
<br>    &lt;environment&gt; <br>        &lt;moduleId&gt; <br>
           &lt;groupId&gt;console.realm&lt;/groupId&gt; <br>       
    &lt;artifactId&gt;geronimo-admin&lt;/artifactId&gt; <br>       
    &lt;version&gt;1.0&lt;/version&gt; <br>            &lt;type&gt;car&lt;/type&gt;
<br>        &lt;/moduleId&gt; <br>        &lt;dependencies&gt;
<br>            &lt;dependency&gt; <br>                &lt;groupId&gt;org.apache.geronimo.configs&lt;/groupId&gt;
<br>                &lt;artifactId&gt;j2ee-security&lt;/artifactId&gt;
<br>                &lt;type&gt;car&lt;/type&gt; <br>        
   &lt;/dependency&gt; <br>        &lt;/dependencies&gt; <br>
   &lt;/environment&gt; <br>    &lt;gbean name=&quot;geronimo-admin&quot;
class=&quot;org.apache.geronimo.security.realm.GenericSecurityRealm&quot; xsi:type=&quot;dep:gbeanType&quot;
  <br>           xmlns:dep=&quot;http://geronimo.apache.org/xml/ns/deployment-1.2&quot;
xmlns:xsi=&quot;http://www.w3.org/2001/XMLSchema-instance&quot;&gt; <br>
       &lt;attribute name=&quot;realmName&quot;&gt;geronimo-admin&lt;/attribute&gt;
<br>        &lt;reference name=&quot;ServerInfo&quot;&gt; <br>
           &lt;name&gt;ServerInfo&lt;/name&gt; <br>        &lt;/reference&gt;
<br>        &lt;xml-reference name=&quot;LoginModuleConfiguration&quot;&gt;
<br>            &lt;log:login-config xmlns:log=&quot;http://geronimo.apache.org/xml/ns/loginconfig-2.0&quot;&gt;
<br>                &lt;log:login-module control-flag=&quot;REQUIRED&quot;
wrap-principals=&quot;false&quot;&gt; <br>                    &lt;log:login-domain-name&gt;geronimo-admin&lt;/log:login-domain-name&gt;
<br>                    &lt;log:login-module-class&gt; <br>          
                 org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule <br>
                   &lt;/log:login-module-class&gt; <br>                    &lt;log:option
name=&quot;usersURI&quot;&gt;var/security/users.properties&lt;/log:option&gt;
<br>                    &lt;log:option name=&quot;groupsURI&quot;&gt;var/security/groups.properties&lt;/log:option&gt;
<br>                &lt;/log:login-module&gt; <br>            &lt;/log:login-config&gt;
<br>        &lt;/xml-reference&gt; <br>    &lt;/gbean&gt; <br>&lt;/module&gt;
<br>{code} <br> <br>As we mentioned before, this plan is for the default,
properties file based, security realm. When you create a new realm you will have to choose
from the following realm types available: <br> <br>* Certificate Properties File
Realm <br>* Database (SQL) Realm <br>* LDAP Realm <br>* Properties File
Realm <br>* Other <br> <br>The last available option lets you create your
custom realm type when none of the above fits your environment needs. <br> <br>Having
the *Properties File Realm* covered by default we will now focus on the other alternatives.
<br> <br></td></tr>
            <tr><td class="diff-unchanged" >* [Certificate Properties File Realm]
<br>* [Database (SQL) Realm] <br>* [LDAP Realm] <br></td></tr>
            <tr><td class="diff-added-lines" style="background-color: #dfd;">*
[Properties File Realm] <br>* Other <br> <br>The last available option lets
you create your custom realm type when none of the above fits your environment needs. <br></td></tr>
        </table>
</div>                            <h4>Full Content</h4>
                    <div class="notificationGreySide">
        <style type='text/css'>/*<![CDATA[*/
table.ScrollbarTable  {border: none;padding: 3px;width: 100%;padding: 3px;margin: 0px;background-color:
#f0f0f0}
table.ScrollbarTable td.ScrollbarPrevIcon {text-align: center;width: 16px;border: none;}
table.ScrollbarTable td.ScrollbarPrevName {text-align: left;border: none;}
table.ScrollbarTable td.ScrollbarParent {text-align: center;border: none;}
table.ScrollbarTable td.ScrollbarNextName {text-align: right;border: none;}
table.ScrollbarTable td.ScrollbarNextIcon {text-align: center;width: 16px;border: none;}

/*]]>*/</style><div class="Scrollbar"><table class='ScrollbarTable'><tr><td
class='ScrollbarPrevIcon'><a href="/confluence/display/GMOxDOC21/Administering+users+and+groups"><img
border='0' align='middle' src='/confluence/images/icons/back_16.gif' width='16' height='16'></a></td><td
width='33%' class='ScrollbarPrevName'><a href="/confluence/display/GMOxDOC21/Administering+users+and+groups">Administering
users and groups</a>&nbsp;</td><td width='33%' class='ScrollbarParent'><sup><a
href="/confluence/display/GMOxDOC21/Configuring+security"><img border='0' align='middle'
src='/confluence/images/icons/up_16.gif' width='8' height='8'></a></sup><a
href="/confluence/display/GMOxDOC21/Configuring+security">Configuring security</a></td><td
width='33%' class='ScrollbarNextName'>&nbsp;<a href="/confluence/display/GMOxDOC21/Certificate+Properties+File+Realm">Certificate
Properties File Realm</a></td><td class='ScrollbarNextIcon'><a href="/confluence/display/GMOxDOC21/Certificate+Properties+File+Realm"><img
border='0' align='middle' src='/confluence/images/icons/forwd_16.gif' width='16' height='16'></a></td></tr></table></div>

<p>To administer security realms via the Geronimo Administration Console the <b>Security
Realms</b> portlet is available on the <b>Console Navigation</b> menu on
the left hand side. This portlet allows you to add a new security realm or edit an existing
one. To remove realms you would normally use the command line option with the Deployer tool.</p>

<p><span class="image-wrap" style=""><img src="/confluence/download/attachments/77410/consoleSecurityRealms.png?version=1&amp;modificationDate=1203611283000"
style="border: 0px solid black" /></span></p>

<p>Listed in this portlet you will find all the available security realms. By default,
the security realm used by Geronimo to authenticate users via properties file is <b>geronimo-admin</b>.</p>

<p>When you edit an existing realm, note that you will not be able to change the realm
name nor the login domain name.</p>



<p>When you create a new realm you will have to choose from the following realm types
available:</p>

<ul>
	<li><a href="/confluence/display/GMOxDOC21/Certificate+Properties+File+Realm" title="Certificate
Properties File Realm">Certificate Properties File Realm</a></li>
	<li><a href="/confluence/display/GMOxDOC21/Database+%28SQL%29+Realm" title="Database
(SQL) Realm">Database &#40;SQL&#41; Realm</a></li>
	<li><a href="/confluence/display/GMOxDOC21/LDAP+Realm" title="LDAP Realm">LDAP
Realm</a></li>
	<li><a href="/confluence/pages/createpage.action?spaceKey=GMOxDOC21&amp;title=Properties+File+Realm&amp;linkCreation=true&amp;fromPageId=77410"
class="createlink">Properties File Realm</a></li>
	<li>Other</li>
</ul>


<p>The last available option lets you create your custom realm type when none of the
above fits your environment needs.</p>

    </div>
        <div id="commentsSection" class="wiki-content pageSection">
        <div style="float: right;">
            <a href="https://cwiki.apache.org/confluence/users/viewnotifications.action"
class="grey">Change Notification Preferences</a>
        </div>
        <a href="https://cwiki.apache.org/confluence/display/GMOxDOC21/Adminstering+security+realms">View
Online</a>
        |
        <a href="https://cwiki.apache.org/confluence/pages/diffpagesbyversion.action?pageId=77410&revisedVersion=2&originalVersion=1">View
Changes</a>
                |
        <a href="https://cwiki.apache.org/confluence/display/GMOxDOC21/Adminstering+security+realms?showComments=true&amp;showCommentArea=true#addcomment">Add
Comment</a>
            </div>
</div>
</div>
</div>
</div>
</body>
</html>

Mime
View raw message