geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Vamsavardhana Reddy" <c1vams...@gmail.com>
Subject Re: Struts 2/Geronimo Security Realm best practices
Date Wed, 27 Jun 2007 18:39:10 GMT
In your application plan, declare a dependency on the realm configuration
(in this case console.realm/Testing/1,0/car).  You should use the realm-name
(in this case, "Testing") as the name parameter for LoginContext
constructor.

Vamsi

On 6/27/07, Java_James <james-junk@rogers.com> wrote:
>
>
> Thanks for the response.
>
> I'm trying to access the security realm programmatically through JAAS.  I
> suppose I should also mention that I am using the latest release of
> Geronimo
> 2.  There seems to be very little documentation for this release.
>
> I have created the following realm:
>
> <module xmlns="http://geronimo.apache.org/xml/ns/deployment-1.2">
>     <environment>
>         <moduleId>
>             <groupId>console.realm</groupId>
>             <artifactId>Testing</artifactId>
>             <version>1.0</version>
>             <type>car</type>
>         </moduleId>
>         <dependencies>
>             <dependency>
>                 <groupId>org.apache.geronimo.configs</groupId>
>                 <artifactId>j2ee-security</artifactId>
>                 <type>car</type>
>             </dependency>
>         </dependencies>
>     </environment>
>     <gbean name="Testing"
> class="org.apache.geronimo.security.realm.GenericSecurityRealm"
> xsi:type="dep:gbeanType"
> xmlns:dep="http://geronimo.apache.org/xml/ns/deployment-1.2"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
>         <attribute name="realmName">Testing</attribute>
>         <reference name="ServerInfo">
>             <name>ServerInfo</name>
>         </reference>
>         <reference name="LoginService">
>             <name>JaasLoginService</name>
>         </reference>
>         <xml-reference name="LoginModuleConfiguration">
>             <log:login-config
> xmlns:log="http://geronimo.apache.org/xml/ns/loginconfig-1.2">
>                 <log:login-module control-flag="REQUIRED"
> server-side="true"
> wrap-principals="false">
>                     <log:login-domain-name>Testing</log:login-domain-name>
>
> <log:login-module-class>
> org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule
> </log:login-module-class>
>                     <log:option
> name="usersURI">users.properties</log:option>
>                     <log:option
> name="groupsURI">groups.properties</log:option>
>                 </log:login-module>
>                 <log:login-module control-flag="OPTIONAL"
> server-side="true"
> wrap-principals="false">
>
> <log:login-domain-name>Testing-Audit</log:login-domain-name>
>
> <log:login-module-class>
> org.apache.geronimo.security.realm.providers.FileAuditLoginModule
> </log:login-module-class>
>                     <log:option name="file">login_audit.log</log:option>
>                 </log:login-module>
>             </log:login-config>
>         </xml-reference>
>     </gbean>
> </module>
>
> When I set up a new LoginContext in my application, I am not sure what
> values to pass it in order to access this realm.
>
> any help would be greatly appreciated.
>
>
>
> Mark Aufdencamp wrote:
> >
> > A nice example of defining Realms&nbsp;and Roles exists in the sample
> > applications.
> > &nbsp;
> > http://cwiki.apache.org/GMOxDOC11/web-application-security-sample.html
> > I'm using Struts 1.2 with a MySQL Backed Security Realm.&nbsp; The real
> > trick involves setting up a login page with the proper form that submits
> > to j_security_check along with setting up the security realm and the
> roles
> > in web.xml/geronimo-web.xml.&nbsp; If you've cheked out the sample and
> > have more specific questions, post them and we'll give a shot at a right
> > answer.:)
> > &nbsp;
> > Mark Aufdencamp
> > Mark@Aufdencamp.com
> >
> > -------- Original Message -------- Subject: Struts 2/Geronimo Security
> > Realm best practices From: Java_James &lt;james-junk@rogers.com&gt;
> Date:
> > Mon, June 25, 2007 3:53 pm To: user@geronimo.apache.org Hi all,
> >
> > I'm new to the world of struts 2 and geronimo.  I was wondering if there
> > were any best practices when it came to setting up your web
> > application to
> > use Geronimo's security realm.
> >
> > I'm hoping to be able to call the security realm through an action (or
> > some
> > sort of wrapped object doing the authentication).  There seems to be
> very
> > little documentation on using the two technologies together.
> >
> > Any help would be appreciated.
> >
> > Thanks.
> > --
> > View this message in context:
> >
> http://www.nabble.com/Struts-2-Geronimo-Security-Realm-best-practices-tf3978596s134.html#a11294301
> > Sent from the Apache Geronimo - Users mailing list archive at Nabble.com
> .
> >
> >
> >
> >
>
> --
> View this message in context:
> http://www.nabble.com/Struts-2-Geronimo-Security-Realm-best-practices-tf3978596s134.html#a11329990
> Sent from the Apache Geronimo - Users mailing list archive at Nabble.com.
>
>

Mime
View raw message