geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From conflue...@apache.org
Subject [CONF] Apache Geronimo v3.0 > Administering users and groups
Date Mon, 31 Jan 2011 06:45:00 GMT
<html>
<head>
    <base href="https://cwiki.apache.org/confluence">
            <link rel="stylesheet" href="/confluence/s/2036/9/4/_/styles/combined.css?spaceKey=GMOxDOC30&amp;forWysiwyg=true"
type="text/css">
    </head>
<body style="background: white;" bgcolor="white" class="email-body">
<div id="pageContent">
<div id="notificationFormat">
<div class="wiki-content">
<div class="email">
    <h2><a href="https://cwiki.apache.org/confluence/display/GMOxDOC30/Administering+users+and+groups">Administering
users and groups</a></h2>
    <h4>Page <b>edited</b> by             <a href="https://cwiki.apache.org/confluence/display/~maojia508">maojia</a>
    </h4>
        <br/>
                         <h4>Changes (22)</h4>
                                 
    
<div id="page-diffs">
                    <table class="diff" cellpadding="0" cellspacing="0">
    
            <tr><td class="diff-unchanged" >{scrollbar} <br> <br></td></tr>
            <tr><td class="diff-deleted-lines" style="color:#999;background-color:#fdd;text-decoration:line-through;">{excerpt}You
can add users and groups via the Geronimo Administration Console or by modifying some configuration
files.{excerpt} We will start simple by using the realm provided by Geronimo by default. Then,
as we explore the different realms and security configurations, we will come back and revisit
some of the topics as needed. <br></td></tr>
            <tr><td class="diff-added-lines" style="background-color: #dfd;">{excerpt}You
can add users and groups by using the Geronimo Administration Console or by modifying some
configuration files.{excerpt} This topic uses the realm provided by Geronimo by default as
examples. <br></td></tr>
            <tr><td class="diff-unchanged" > <br></td></tr>
            <tr><td class="diff-deleted-lines" style="color:#999;background-color:#fdd;text-decoration:line-through;">To
manage users and groups via the Geronimo Administration Console the *Users and Groups* portlet
is available on the *Console Navigation* menu on the left hand side. Here you will find two
portlets, one for administering users and another for administering user groups, both are
illustrated in the following figures. <br></td></tr>
            <tr><td class="diff-added-lines" style="background-color: #dfd;">To
manage users and groups by using the Geronimo Administration Console, click *Users and Groups*
on the *Console Navigation* menu on the left side. Here you will find two portlets, one for
administering users and another for administering user groups. Both portlets are illustrated
in the following figures. <br></td></tr>
            <tr><td class="diff-unchanged" > <br>!consoleRealms.png! <br>
<br></td></tr>
            <tr><td class="diff-deleted-lines" style="color:#999;background-color:#fdd;text-decoration:line-through;">To
change a user&#39;s password click on (*Details* next to the user you want to update in
the *Console Realm Users* portlet, it will bring up the UserID and Password so you can update
that profile. <br></td></tr>
            <tr><td class="diff-added-lines" style="background-color: #dfd;">To
change a user&#39;s password, click *Edit* next to the user that you want to update in
the *Console Realm Users* portlet. On the next page, you can update a new password for this
user. <br></td></tr>
            <tr><td class="diff-unchanged" > <br>!consoleRealmUserEdit.png!
<br> <br></td></tr>
            <tr><td class="diff-deleted-lines" style="color:#999;background-color:#fdd;text-decoration:line-through;">To
remove a user click on the corresponding *Delete*, you will be prompted to confirm deletion
of that user, click *OK*. <br></td></tr>
            <tr><td class="diff-added-lines" style="background-color: #dfd;">To
remove a user, click the corresponding *Delete*. You will be prompted to confirm the deletion
of that user, click *OK*. <br></td></tr>
            <tr><td class="diff-unchanged" > <br></td></tr>
            <tr><td class="diff-deleted-lines" style="color:#999;background-color:#fdd;text-decoration:line-through;">To
add a new user click on *Create New User*, you will be prompted for a UserID and Password
(twice), enter those values and click *Add*. <br></td></tr>
            <tr><td class="diff-added-lines" style="background-color: #dfd;">To
add a new user, click *Create New User*. You will be prompted for a UserID, Password (twice),
and Group information. Enter or specify the values and click *Add*. <br></td></tr>
            <tr><td class="diff-unchanged" > <br>!consoleRealmUserAdd.png!
<br> <br></td></tr>
            <tr><td class="diff-changed-lines" ><span class="diff-deleted-words"style="color:#999;background-color:#fdd;text-decoration:line-through;">Once</span>
<span class="diff-added-words"style="background-color: #dfd;">After</span> you
created <span class="diff-added-words"style="background-color: #dfd;">the</span>
new <span class="diff-changed-words">users<span class="diff-added-chars"style="background-color:
#dfd;">,</span></span> you can add them to <span class="diff-changed-words">group<span
class="diff-added-chars"style="background-color: #dfd;">s</span>.</span> By
default, the group *admin* is available and the user *system* is in that group. If you click
<span class="diff-deleted-words"style="color:#999;background-color:#fdd;text-decoration:line-through;">on</span>
the *Details* next to the *admin* <span class="diff-changed-words">group<span class="diff-added-chars"style="background-color:
#dfd;">,</span></span> you will see the user *system* in the window on the
right and any other available user will be listed in the window on the left. <br></td></tr>
            <tr><td class="diff-unchanged" > <br></td></tr>
            <tr><td class="diff-changed-lines" >To add a new user to this <span
class="diff-changed-words">group<span class="diff-added-chars"style="background-color:
#dfd;">,</span></span> select the user first, <span class="diff-deleted-words"style="color:#999;background-color:#fdd;text-decoration:line-through;">then</span>
click *Add &gt;&gt;* and then click *Update*. <br></td></tr>
            <tr><td class="diff-unchanged" > <br>!consoleRealmGroupEdit.png!
<br> <br></td></tr>
            <tr><td class="diff-deleted-lines" style="color:#999;background-color:#fdd;text-decoration:line-through;">To
create a new group click on *Create New Group*, this step is very similar to the one mentioned
before for the users. In addition to be prompted for adding users to this group you will also
have to provide a group name. Once you entered the new group name and added the users click
on *Add* to finish. <br></td></tr>
            <tr><td class="diff-added-lines" style="background-color: #dfd;">To
create a new group, click *Create New Group*. This step is very similar to the one mentioned
before for the users. In addition to being prompted for adding users to this group, you also
have to provide a group name. Once you entered the new group name and added the users, click
*Add* to finish. <br></td></tr>
            <tr><td class="diff-unchanged" > <br></td></tr>
            <tr><td class="diff-deleted-lines" style="color:#999;background-color:#fdd;text-decoration:line-through;">The
changes you made via the *Console Realm Users* and *Console Realm Groups* portlets are reflected
in two different files, these files are *users.properties* and *groups.properties* respectively
and they are located in the &lt;geronimo_home&gt;\var\security directory. <br></td></tr>
            <tr><td class="diff-added-lines" style="background-color: #dfd;">The
changes you made by using the *Console Realm Users* and *Console Realm Groups* portlets are
reflected in two different files, *{{users.properties}}* and *{{groups.properties}}*, respectively.
These two files are located in the {{&lt;geronimo_home&gt;\var\security}} directory.
<br></td></tr>
            <tr><td class="diff-unchanged" > <br> <br> <br></td></tr>
            <tr><td class="diff-changed-lines" >You can equally administer users
and groups by modifying <span class="diff-deleted-words"style="color:#999;background-color:#fdd;text-decoration:line-through;">directly</span>
these <span class="diff-changed-words">files<span class="diff-added-chars"style="background-color:
#dfd;"> directly</span>:</span> <br></td></tr>
            <tr><td class="diff-unchanged" > <br>* {{users.properties}}
<br>* {{groups.properties}} <br> <br></td></tr>
            <tr><td class="diff-changed-lines" >*{{users.properties}}* uses the
*&lt;user_name&gt;=&lt;password&gt;* <span class="diff-deleted-words"style="color:#999;background-color:#fdd;text-decoration:line-through;">format,
groups.properties</span> <span class="diff-added-words"style="background-color: #dfd;">format.
*{{groups.properties}}*</span> uses the *&lt;group_name&gt;=&lt;user_name&gt;*
format. See the following examples for <span class="diff-deleted-words"style="color:#999;background-color:#fdd;text-decoration:line-through;">additional</span>
details. <br></td></tr>
            <tr><td class="diff-unchanged" > <br>{noformat:borderStyle=solid|title=users.properties}
<br></td></tr>
            <tr><td class="diff-snipped" >...<br></td></tr>
            <tr><td class="diff-unchanged" >{noformat} <br> <br></td></tr>
            <tr><td class="diff-deleted-lines" style="color:#999;background-color:#fdd;text-decoration:line-through;">As
we are using the basic, by default, security configuration you will see the user IDs and passwords
are stored in plain text. You can add, remove and change passwords from this file. <br></td></tr>
            <tr><td class="diff-added-lines" style="background-color: #dfd;">The
user IDs and passwords in this file are stored in plain text because this is the basic, by
default, security configuration. You can add, remove and change passwords from this file.
<br></td></tr>
            <tr><td class="diff-unchanged" > <br>{noformat:borderStyle=solid|title=groups.properties}
<br></td></tr>
            <tr><td class="diff-snipped" >...<br></td></tr>
            <tr><td class="diff-unchanged" >users=user2{noformat} <br> <br></td></tr>
            <tr><td class="diff-changed-lines" >Just like with the <span class="diff-deleted-words"style="color:#999;background-color:#fdd;text-decoration:line-through;">users,
with</span> <span class="diff-added-words"style="background-color: #dfd;">{{users.properties}}*
file, in</span> the *{{groups.properties}}* <span class="diff-added-words"style="background-color:
#dfd;">file,</span> you can add and remove groups and users to those groups. <br></td></tr>
            <tr><td class="diff-unchanged" > <br></td></tr>
            <tr><td class="diff-changed-lines" >The files mentioned in this sections
along with <span class="diff-deleted-words"style="color:#999;background-color:#fdd;text-decoration:line-through;">the</span>
all the security configuration in addition to user names and passwords are defined in the
*geronimo-properties-realm* security <span class="diff-changed-words">realm<span
class="diff-added-chars"style="background-color: #dfd;">,</span></span> covered
in the [Administering security realms] section. <br></td></tr>
    
            </table>
    </div>                            <h4>Full Content</h4>
                    <div class="notificationGreySide">
        <style type='text/css'>/*<![CDATA[*/
table.ScrollbarTable  {border: none;padding: 3px;width: 100%;padding: 3px;margin: 0px;background-color:
#f0f0f0}
table.ScrollbarTable td.ScrollbarPrevIcon {text-align: center;width: 16px;border: none;}
table.ScrollbarTable td.ScrollbarPrevName {text-align: left;border: none;}
table.ScrollbarTable td.ScrollbarParent {text-align: center;border: none;}
table.ScrollbarTable td.ScrollbarNextName {text-align: right;border: none;}
table.ScrollbarTable td.ScrollbarNextIcon {text-align: center;width: 16px;border: none;}

/*]]>*/</style><div class="Scrollbar"><table class='ScrollbarTable'><tr><td
class='ScrollbarPrevIcon'><a href="/confluence/display/GMOxDOC30/Administering+security+realms"><img
border='0' align='middle' src='/confluence/images/icons/back_16.gif' width='16' height='16'></a></td><td
width='33%' class='ScrollbarPrevName'><a href="/confluence/display/GMOxDOC30/Administering+security+realms">Administering
security realms</a>&nbsp;</td><td width='33%' class='ScrollbarParent'><sup><a
href="/confluence/display/GMOxDOC30/Administering+Security"><img border='0' align='middle'
src='/confluence/images/icons/up_16.gif' width='8' height='8'></a></sup><a
href="/confluence/display/GMOxDOC30/Administering+Security">Administering Security</a></td><td
width='33%' class='ScrollbarNextName'>&nbsp;<a href="/confluence/display/GMOxDOC30/Basic+Hints+on+Security+Configuration">Basic
Hints on Security Configuration</a></td><td class='ScrollbarNextIcon'><a
href="/confluence/display/GMOxDOC30/Basic+Hints+on+Security+Configuration"><img border='0'
align='middle' src='/confluence/images/icons/forwd_16.gif' width='16' height='16'></a></td></tr></table></div>

<p>You can add users and groups by using the Geronimo Administration Console or by modifying
some configuration files. This topic uses the realm provided by Geronimo by default as examples.</p>

<p>To manage users and groups by using the Geronimo Administration Console, click <b>Users
and Groups</b> on the <b>Console Navigation</b> menu on the left side. Here
you will find two portlets, one for administering users and another for administering user
groups. Both portlets are illustrated in the following figures.</p>

<p><span class="image-wrap" style=""><img src="/confluence/download/attachments/20645332/consoleRealms.png?version=1&amp;modificationDate=1203611628000"
style="border: 0px solid black" /></span></p>

<p>To change a user's password, click <b>Edit</b> next to the user that
you want to update in the <b>Console Realm Users</b> portlet. On the next page,
you can update a new password for this user.</p>

<p><span class="image-wrap" style=""><img src="/confluence/download/attachments/20645332/consoleRealmUserEdit.png?version=1&amp;modificationDate=1203611628000"
style="border: 0px solid black" /></span></p>

<p>To remove a user, click the corresponding <b>Delete</b>. You will be
prompted to confirm the deletion of that user, click <b>OK</b>.</p>

<p>To add a new user, click <b>Create New User</b>. You will be prompted
for a UserID, Password (twice), and Group information. Enter or specify the values and click
<b>Add</b>.</p>

<p><span class="image-wrap" style=""><img src="/confluence/download/attachments/20645332/consoleRealmUserAdd.png?version=1&amp;modificationDate=1203611628000"
style="border: 0px solid black" /></span></p>

<p>After you created the new users, you can add them to groups. By default, the group
<b>admin</b> is available and the user <b>system</b> is in that group.
If you click the <b>Details</b> next to the <b>admin</b> group, you
will see the user <b>system</b> in the window on the right and any other available
user will be listed in the window on the left.</p>

<p>To add a new user to this group, select the user first, click <b>Add &gt;&gt;</b>
and then click <b>Update</b>.</p>

<p><span class="image-wrap" style=""><img src="/confluence/download/attachments/20645332/consoleRealmGroupEdit.png?version=1&amp;modificationDate=1203611628000"
style="border: 0px solid black" /></span></p>

<p>To create a new group, click <b>Create New Group</b>. This step is very
similar to the one mentioned before for the users. In addition to being prompted for adding
users to this group, you also have to provide a group name. Once you entered the new group
name and added the users, click <b>Add</b> to finish.</p>

<p>The changes you made by using the <b>Console Realm Users</b> and <b>Console
Realm Groups</b> portlets are reflected in two different files, <b><tt>users.properties</tt></b>
and <b><tt>groups.properties</tt></b>, respectively. These two files
are located in the <tt>&lt;geronimo_home&gt;\var\security</tt> directory.</p>



<p>You can equally administer users and groups by modifying these files directly:</p>

<ul>
	<li><tt>users.properties</tt></li>
	<li><tt>groups.properties</tt></li>
</ul>


<p><b><tt>users.properties</tt></b> uses the <b>&lt;user_name&gt;=&lt;password&gt;</b>
format. <b><tt>groups.properties</tt></b> uses the <b>&lt;group_name&gt;=&lt;user_name&gt;</b>
format. See the following examples for details.</p>

<div class="preformatted panel" style="border-style: solid;border-width: 1px;"><div
class="preformattedHeader panelHeader" style="border-bottom-width: 1px;border-bottom-style:
solid;"><b>users.properties</b></div><div class="preformattedContent
panelContent">
<pre>system=manager
user2=password
user1=password
</pre>
</div></div>

<p>The user IDs and passwords in this file are stored in plain text because this is
the basic, by default, security configuration. You can add, remove and change passwords from
this file.</p>

<div class="preformatted panel" style="border-style: solid;border-width: 1px;"><div
class="preformattedHeader panelHeader" style="border-bottom-width: 1px;border-bottom-style:
solid;"><b>groups.properties</b></div><div class="preformattedContent
panelContent">
<pre>admin=system,user1
users=user2</pre>
</div></div>

<p>Just like with the <tt>users.properties</tt>* file, in the <b><tt>groups.properties</tt></b>
file, you can add and remove groups and users to those groups.</p>

<p>The files mentioned in this sections along with all the security configuration in
addition to user names and passwords are defined in the <b>geronimo-properties-realm</b>
security realm, covered in the <a href="/confluence/display/GMOxDOC30/Administering+security+realms"
title="Administering security realms">Administering security realms</a> section.</p>
    </div>
        <div id="commentsSection" class="wiki-content pageSection">
        <div style="float: right;">
            <a href="https://cwiki.apache.org/confluence/users/viewnotifications.action"
class="grey">Change Notification Preferences</a>
        </div>
        <a href="https://cwiki.apache.org/confluence/display/GMOxDOC30/Administering+users+and+groups">View
Online</a>
        |
        <a href="https://cwiki.apache.org/confluence/pages/diffpagesbyversion.action?pageId=20645332&revisedVersion=2&originalVersion=1">View
Changes</a>
                |
        <a href="https://cwiki.apache.org/confluence/display/GMOxDOC30/Administering+users+and+groups?showComments=true&amp;showCommentArea=true#addcomment">Add
Comment</a>
            </div>
</div>
</div>
</div>
</div>
</body>
</html>

Mime
View raw message