geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eric...@kryos.com
Subject Re: JAAS configuration in geronimo
Date Mon, 20 Mar 2006 19:13:27 GMT
Thanks Aaron..... that's leading me in the right direction.....

I'm having troubles setting up the security realm....

I'm using the WAS CE console.... which pretty much looks like the geronimo 
console..


I'm not exactly sure what the error message is asking for.   A dependency 
in the web app?  I wouldn't think so, because the security realm seems to 
be a totally separate component to the web app....

Do you see any glaring errors?  Or is there something else i should be 
doing?

Thanks,
Eric








"Aaron Mulder" <ammulder@alumni.princeton.edu> 
Sent by: ammulder@gmail.com
20/03/2006 11:01 AM
Please respond to
user@geronimo.apache.org


To
user@geronimo.apache.org
cc

Subject
Re: JAAS configuration in geronimo






So we override the default JAAS file-based configuration mechanism
with a configuration system of our own based on Geronimo components
(GBeans).

If you are doing this for a web application and you can use the normal
J2EE login routines, you can configure your login module as a Geronimo
security realm and let J2EE/Geronimo handle the login.

If you are intentionally avoiding the J2EE login handling, then you
probably need to rewrite your JAAS configuration as a Geronimo service
configuration (we have GBeans that wrap login module configuration,
etc.).  You'll also need to put your classes in a JAR in the
repository (geronimo/repository/whatever/your-login-code-1.0.jar).  It
will probably be a little painful to write the configuration plan, but
hey, you only need to do it once.  :)

If you're going to need to write the plan, can you post the relevent
section from your existing JAAS config file?

Thanks,
    Aaron

On 3/20/06, EricCho@kryos.com <EricCho@kryos.com> wrote:
>
>
> Hi Aaron,
>
> Sorry, should have been more descriptive.
>
> I create a loginContext and pass it in the name of the config file and 
hand it the custom login call back handler.
>
> Then the login method is called; it goes back and grabs the user from a 
MySQL database.  If the user exists and the credentials fit, we figure out 
their role and send them on their way.  If not, it throws a Login 
Exception and punts them back to the login page.
>
>
> Hopefully this helps.
>
> Thanks,
> Eric
>
>
>
>
>
>
>  "Aaron Mulder" <ammulder@alumni.princeton.edu>
> Sent by: ammulder@gmail.com
>
> 20/03/2006 09:50 AM
>
> Please respond to
>  user@geronimo.apache.org
>
>
> To user@geronimo.apache.org
>
> cc
>
>
> Subject Re: JAAS configuration in geronimo
>
>
>
>
>
>
>
>
> How are you planning to use this JAAS component?  For example, is it a
>  LoginModule that you want to use to validate logins to the web
>  container?
>
>  Thanks,
>      Aaron
>
>  On 3/20/06, EricCho@kryos.com <EricCho@kryos.com> wrote:
>  >
>  >
>  > Sorry... let's try that with a subject heading
>  > .....
>  >
>  >
>  >
>  >  Eric Cho/Kryos
>  >
>  > 20/03/2006 09:44 AM
>  >
>  > To user@geronimo.apache.org
>  >
>  > cc
>  >
>  >
>  > Subject
>  >
>  >
>  >
>  >
>  >
>  >
>  >
>  >
>  >
>  >
>  >
>  >
>  >
>  >  Hi all,
>  >
>  >  I'm trying to port an app over to WAS CE (which we all know is 
geronimo with and ibm admin console).
>  >
>  > I have a JAAS component and I'm having trouble configuring it.
>  >
>  >  In tomcat it's as easy as opening the tomcat properties dialogue, 
going to the java tab and adding the following under java options:
>  >  -Djava.security.auth.login.config=C:\Tomcat 
5.5\conf\JAASConfig\thisSitesSecurity.config
>  >
>  >
>  >  How do I got about doing it in WAS CE? In the config.xml or the 
geromino-web.xml?
>  >
>  >  Any help would be appreciated,
>  >
>  > Eric
>  >
>  >
>  >
>  >
>  >
>
>


Mime
View raw message