geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Java_James <james-j...@rogers.com>
Subject RE: Struts 2/Geronimo Security Realm best practices
Date Wed, 27 Jun 2007 18:27:55 GMT

Thanks for the response.

I'm trying to access the security realm programmatically through JAAS.  I
suppose I should also mention that I am using the latest release of Geronimo
2.  There seems to be very little documentation for this release.

I have created the following realm:

<module xmlns="http://geronimo.apache.org/xml/ns/deployment-1.2">
    <environment>
        <moduleId>
            <groupId>console.realm</groupId>
            <artifactId>Testing</artifactId>
            <version>1.0</version>
            <type>car</type>
        </moduleId>
        <dependencies>
            <dependency>
                <groupId>org.apache.geronimo.configs</groupId>
                <artifactId>j2ee-security</artifactId>
                <type>car</type>
            </dependency>
        </dependencies>
    </environment>
    <gbean name="Testing"
class="org.apache.geronimo.security.realm.GenericSecurityRealm"
xsi:type="dep:gbeanType"
xmlns:dep="http://geronimo.apache.org/xml/ns/deployment-1.2"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
        <attribute name="realmName">Testing</attribute>
        <reference name="ServerInfo">
            <name>ServerInfo</name>
        </reference>
        <reference name="LoginService">
            <name>JaasLoginService</name>
        </reference>
        <xml-reference name="LoginModuleConfiguration">
            <log:login-config
xmlns:log="http://geronimo.apache.org/xml/ns/loginconfig-1.2">
                <log:login-module control-flag="REQUIRED" server-side="true"
wrap-principals="false">
                    <log:login-domain-name>Testing</log:login-domain-name>
                   
<log:login-module-class>org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule</log:login-module-class>
                    <log:option
name="usersURI">users.properties</log:option>
                    <log:option
name="groupsURI">groups.properties</log:option>
                </log:login-module>
                <log:login-module control-flag="OPTIONAL" server-side="true"
wrap-principals="false">
                   
<log:login-domain-name>Testing-Audit</log:login-domain-name>
                   
<log:login-module-class>org.apache.geronimo.security.realm.providers.FileAuditLoginModule</log:login-module-class>
                    <log:option name="file">login_audit.log</log:option>
                </log:login-module>
            </log:login-config>
        </xml-reference>
    </gbean>
</module>

When I set up a new LoginContext in my application, I am not sure what
values to pass it in order to access this realm.

any help would be greatly appreciated.



Mark Aufdencamp wrote:
> 
> A nice example of defining Realms&nbsp;and Roles exists in the sample
> applications. 
> &nbsp; 
> http://cwiki.apache.org/GMOxDOC11/web-application-security-sample.html 
> I'm using Struts 1.2 with a MySQL Backed Security Realm.&nbsp; The real
> trick involves setting up a login page with the proper form that submits
> to j_security_check along with setting up the security realm and the roles
> in web.xml/geronimo-web.xml.&nbsp; If you've cheked out the sample and
> have more specific questions, post them and we'll give a shot at a right
> answer.:) 
> &nbsp; 
> Mark Aufdencamp 
> Mark@Aufdencamp.com 
> 
> -------- Original Message -------- Subject: Struts 2/Geronimo Security
> Realm best practices From: Java_James &lt;james-junk@rogers.com&gt; Date:
> Mon, June 25, 2007 3:53 pm To: user@geronimo.apache.org Hi all,
> 
> I'm new to the world of struts 2 and geronimo.  I was wondering if there
> were any best practices when it came to setting up your web
> application to
> use Geronimo's security realm.
> 
> I'm hoping to be able to call the security realm through an action (or
> some
> sort of wrapped object doing the authentication).  There seems to be very
> little documentation on using the two technologies together.
> 
> Any help would be appreciated.
> 
> Thanks.
> -- 
> View this message in context:
> http://www.nabble.com/Struts-2-Geronimo-Security-Realm-best-practices-tf3978596s134.html#a11294301

> Sent from the Apache Geronimo - Users mailing list archive at Nabble.com.
> 
> 
> 
> 

-- 
View this message in context: http://www.nabble.com/Struts-2-Geronimo-Security-Realm-best-practices-tf3978596s134.html#a11329990
Sent from the Apache Geronimo - Users mailing list archive at Nabble.com.


Mime
View raw message