geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Cristian Roldan <roldan...@yahoo.com.ar>
Subject Re: Web Console authentication realm
Date Mon, 09 Jan 2006 16:57:02 GMT
Hi Aaron,
       Yes, I mean the user/password when you execute the deploy.bat 
  I will try to execute these steps.
   
  Thanks.
  

Aaron Mulder <ammulder@alumni.princeton.edu> escribió:
  Do you mean, when the deploy tool prompts you for a username and
password to connect to the server, what security realm is that? It's
called geronimo-properties-realm and it reads the users and groups
from var/security/users.properties and var/security/groups.properties.

I think you could change this to use a different realm like this:
0) Deploy your LDAP realm
1) add an entry to config.xml for the JMXService GBean in the
geronimo/j2ee-security/1.0/car configuration
2) For that GBean, set the property applicationConfigName to MyJMX or
something other than the default value of "JMX"
3) Add a new GBean to that Geronimo configuration mapping the MyJMX
JAAS configuration to your LDAP realm name like this:

class="org.apache.geronimo.security.jaas.ServerRealmConfigurationEntry">
MyJMX
ldap-realm-name
JaasLoginService


That last step is the trick -- I'm not 100% sure how to add GBeans to
existing configurations by hand, but I believe it can be done in
config.xml (though, looking at the schema, I don't see how). Dain or
David J, any insight?

Thanks,
Aaron

On 1/9/06, Cristian Roldan wrote:
> Any idea ?
>
>
> Cristian Roldan escribió:
>
>
> Hi All,
>
> I could change the Web Console's authentication realm to use a ldap
> realm, i'm using the Geronimo's ldap (1389) , every thing works ok. But I
> saw that de deploy.bat script is using another realm, could someone tell me
> which security realm is using the deploy.bat script and the configuration
> associated with it ?
  


		
---------------------------------
 1GB gratis, Antivirus y Antispam
 Correo Yahoo!, el mejor correo web del mundo
 Abrí tu cuenta aquí
Mime
View raw message