Return-Path:
Delivered-To: apmail-geronimo-scm-archive@www.apache.org
Received: (qmail 92003 invoked from network); 23 Nov 2010 03:12:45 -0000
Received: from unknown (HELO mail.apache.org) (140.211.11.3)
by 140.211.11.9 with SMTP; 23 Nov 2010 03:12:45 -0000
Received: (qmail 20754 invoked by uid 500); 23 Nov 2010 03:13:17 -0000
Delivered-To: apmail-geronimo-scm-archive@geronimo.apache.org
Received: (qmail 20626 invoked by uid 500); 23 Nov 2010 03:13:16 -0000
Mailing-List: contact scm-help@geronimo.apache.org; run by ezmlm
Precedence: bulk
list-help:
list-unsubscribe:
List-Post:
Reply-To: dev@geronimo.apache.org
List-Id:
Delivered-To: mailing list scm@geronimo.apache.org
Received: (qmail 20617 invoked by uid 99); 23 Nov 2010 03:13:16 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 23 Nov 2010 03:13:16 +0000
X-ASF-Spam-Status: No, hits=-2000.0 required=10.0
tests=ALL_TRUSTED
X-Spam-Check-By: apache.org
Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4)
by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 23 Nov 2010 03:13:13 +0000
Received: by eris.apache.org (Postfix, from userid 65534)
id ACF922388903; Tue, 23 Nov 2010 03:11:40 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: svn commit: r1037984 - in /geronimo/samples/branches/2.1: ./
repository/
samples/generic-auth/ samples/generic-auth/generic-auth-war/src/main/webapp/
samples/generic-auth/generic-auth-war/src/main/webapp/WEB-INF/
samples/generic-auth/generic-auth-war/s...
Date: Tue, 23 Nov 2010 03:11:40 -0000
To: scm@geronimo.apache.org
From: xiaming@apache.org
X-Mailer: svnmailer-1.0.8
Message-Id: <20101123031140.ACF922388903@eris.apache.org>
X-Virus-Checked: Checked by ClamAV on apache.org
Author: xiaming
Date: Tue Nov 23 03:11:40 2010
New Revision: 1037984
URL: http://svn.apache.org/viewvc?rev=1037984&view=rev
Log:
GERONIMO-5710 remove unused repository module and update generic-auth sample
Removed:
geronimo/samples/branches/2.1/repository/
geronimo/samples/branches/2.1/samples/generic-auth/generic-auth-war/src/main/webapp/auth/
geronimo/samples/branches/2.1/samples/generic-auth/generic-auth-war/src/main/webapp/forbidden/
Modified:
geronimo/samples/branches/2.1/pom.xml
geronimo/samples/branches/2.1/samples/generic-auth/generic-auth-war/src/main/webapp/WEB-INF/web.xml
geronimo/samples/branches/2.1/samples/generic-auth/generic-auth-war/src/main/webapp/index.html
geronimo/samples/branches/2.1/samples/generic-auth/readme.txt
Modified: geronimo/samples/branches/2.1/pom.xml
URL: http://svn.apache.org/viewvc/geronimo/samples/branches/2.1/pom.xml?rev=1037984&r1=1037983&r2=1037984&view=diff
==============================================================================
--- geronimo/samples/branches/2.1/pom.xml (original)
+++ geronimo/samples/branches/2.1/pom.xml Tue Nov 23 03:11:40 2010
@@ -95,8 +95,7 @@
-->
- buildutil
-
+ buildutil
geronimo-samples-archetype
samples
Modified: geronimo/samples/branches/2.1/samples/generic-auth/generic-auth-war/src/main/webapp/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/geronimo/samples/branches/2.1/samples/generic-auth/generic-auth-war/src/main/webapp/WEB-INF/web.xml?rev=1037984&r1=1037983&r2=1037984&view=diff
==============================================================================
--- geronimo/samples/branches/2.1/samples/generic-auth/generic-auth-war/src/main/webapp/WEB-INF/web.xml (original)
+++ geronimo/samples/branches/2.1/samples/generic-auth/generic-auth-war/src/main/webapp/WEB-INF/web.xml Tue Nov 23 03:11:40 2010
@@ -16,8 +16,8 @@
+ xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_5.xsd"
+ version="2.5">
@@ -35,15 +35,7 @@
content-administrator
-
-
-
-
- No Access
- /forbidden/*
-
-
-
+
GENERIC
Modified: geronimo/samples/branches/2.1/samples/generic-auth/generic-auth-war/src/main/webapp/index.html
URL: http://svn.apache.org/viewvc/geronimo/samples/branches/2.1/samples/generic-auth/generic-auth-war/src/main/webapp/index.html?rev=1037984&r1=1037983&r2=1037984&view=diff
==============================================================================
--- geronimo/samples/branches/2.1/samples/generic-auth/generic-auth-war/src/main/webapp/index.html (original)
+++ geronimo/samples/branches/2.1/samples/generic-auth/generic-auth-war/src/main/webapp/index.html Tue Nov 23 03:11:40 2010
@@ -18,16 +18,58 @@
-->
- Testing The Properties File Security Realm
- The 2 properties files are located under WASCE_HOME/var/security: demo_groups.properties & demo_users.properties
-
- Once this sample has been installed, click on Protect to validate against the properties file. You will be shown a login screen, use the following usernames and passwords to login:
-
username=alan password=starcraft
- username=metro password=mouse
- username=george password=bone
-
- If everything works, you should see "hello world" in your browser.
+ Demonstrate GENERIC authentication
+ This sample defines one security realm with two new login modules:
+
+ - org.apache.geronimo.security.realm.providers.GenericHttpHeaderPropertiesFileLoginModule
+ - org.apache.geronimo.security.realm.providers.GenericHttpHeaderSqlLoginmodule
+
- At this point you have an application that is validating username and passwords against the properties file based on the security configuration you provided earlier. Now, if you go back here and click on Forbidden you should receive a 403 - Forbidden HTTP error.
+
+ There is another new login module for LDAP authentication: org.apache.geronimo.security.realm.providers.GenericHttpHeaderLdapLoginModule. It requires some additional LDAP configuration, and not be able to demonstrate in this sample. But you can refer to comment-out section of the sample's geronimo deployment plan for details.
+
+ Follow these steps to run this sample:
+
+ - Configure Apache HTTP web server to proxy HTTP request for Geronimo server.
+
+ Add these lines to APACHE_HOME/conf/httpd.conf:
+
+ LoadModule proxy_module modules/mod_proxy.so
+ LoadModule proxy_http_module modules/mod_proxy_http.so
+ <IfModule mod_proxy.c>
+ ProxyPass /generic-auth http://localhost:8080/generic-auth
+ ProxyPassReverse / http://localhost:8080/
+ </IfModule>
+
+
+ - Mimic SiteMinder behavior via mod_headers module.
+
+ Add these lines to APACHE_HOME/conf/httpd.conf:
+
+ LoadModule headers_module modules/mod_headers.so
+ <IfModule mod_headers.c>
+ <Location /generic-auth>
+ RequestHeader add SM_USER USERNAME
+ </Location>
+ </IfModule>
+
+ The USERNAME could be replaced with these users one by one: izumi, tom, alan, nobody
+ izumi is a valid user defined in file property "var/security/demo_groups.properties" with manager role.
+ tom is a valid user defined in SQL login module with manager role.
+ alan is a valid user defined in SQL login module without manager role.
+ nobody is not a valid user in any security login module.
+
+ -
+ Change the username field as above, restart Apache HTTP server, then visit this link.
+
+
+
+ You should see these expected results:
+ - izumi -- should see the hello world page with HTTP 200 status
+
- tom -- should see the hello world page with HTTP 200 status
+
- alan -- should not see the hello world page with HTTP 403 status
+
- nobody -- should not see the hello world page with HTTP 401 status
+
+
Modified: geronimo/samples/branches/2.1/samples/generic-auth/readme.txt
URL: http://svn.apache.org/viewvc/geronimo/samples/branches/2.1/samples/generic-auth/readme.txt?rev=1037984&r1=1037983&r2=1037984&view=diff
==============================================================================
--- geronimo/samples/branches/2.1/samples/generic-auth/readme.txt (original)
+++ geronimo/samples/branches/2.1/samples/generic-auth/readme.txt Tue Nov 23 03:11:40 2010
@@ -64,7 +64,7 @@ RequestHeader add SM_USER
The could be replaced with these users respectively: izumi, tom, alan, nobody
-3. Change the username field as above, restart Apache HTTP server, then visit this linke
+3. Change the username field as above, restart Apache HTTP server, then visit this link
http://localhost/generic-auth/protect/hello.html
You should see these expected results: