geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Vamsavardhana Reddy" <>
Subject Re: JDBC Realms and geronimo-web.xml
Date Wed, 27 Dec 2006 03:01:16 GMT
Hi Mark,

Which version of Geronimo are you using?  The "digest=..." option is
supported in 1.2 and not in any previous versions.

Regarding the security constraints, you will typically define one group per
role for each the roles defined in web.xml and use a GeronimoGroupPrincipal
with the group name in the role-mapping section of geronimo-web.xml .  The
role-mapping section in your geronimo-web.xml will look similar to the

          <role role-name="admin">  <!-- This role-name is defined in
web.xml -->
              <principal class=""
name="admin-group"/>  <!-- This value in the name attribute is from group
mapping in your JDBC realm, i.e., from the entries in groups table. -->

Let me know if this helps or if you need more details.


On 12/27/06, <> wrote:
> Hi All.  A relatively novice geronimo user here.  i'm woking on using a
> security realm to define access in a web application. I've successfully
> installed geronimo (tomcat web container), configured a database pool to
> a MySQL database, and configured a JDBC Realm to the databse pool that
> succesfully authenticated at the completion of the security realm
> wizard.
> I have my Security Roles and Constraints along with the Login-Config
> defined in my web.xml.  I'm kind of lost on how the app roles defined
> in the web.xml and the roles defined in the user role table get tied
> together in the geronimo-web.xml.  Can someone point me to a
> tutorial/documentation on this?  I've looked in the geronimo
> docmentation without success.  Also, I've been following the IBM
> DeveloperWorks articles on this, but they don't cover this aspect.
> Additionally, what's the appropriate method to turn on password digest
> hashing when using the JDBC Realm wizard?  I presume that a
> configuration option property like digest=MD5 might work?
> Thanks to all!  I'm really enjoying working with Geronimo.
> Mark Aufdencamp

View raw message