Return-Path: Delivered-To: apmail-geronimo-user-archive@www.apache.org Received: (qmail 42964 invoked from network); 10 Jan 2008 08:05:54 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 10 Jan 2008 08:05:54 -0000 Received: (qmail 68156 invoked by uid 500); 10 Jan 2008 08:05:43 -0000 Delivered-To: apmail-geronimo-user-archive@geronimo.apache.org Received: (qmail 67729 invoked by uid 500); 10 Jan 2008 08:05:42 -0000 Mailing-List: contact user-help@geronimo.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: Reply-To: user@geronimo.apache.org List-Id: Delivered-To: mailing list user@geronimo.apache.org Received: (qmail 67718 invoked by uid 99); 10 Jan 2008 08:05:42 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 10 Jan 2008 00:05:42 -0800 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_HELO_PASS,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of jonc@chen.org.nz designates 202.89.146.5 as permitted sender) Received: from [202.89.146.5] (HELO chen.org.nz) (202.89.146.5) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 10 Jan 2008 08:05:19 +0000 Received: by chen.org.nz (Postfix, from userid 1000) id 9EEF128496; Thu, 10 Jan 2008 21:05:23 +1300 (NZDT) Date: Thu, 10 Jan 2008 21:05:23 +1300 From: Jonathan Chen To: user@geronimo.apache.org Subject: Re: JAAS and OpenejbRemoteLoginModule Message-ID: <20080110080523.GA58740@osiris.chen.org.nz> References: <20080110014157.GB53978@osiris.chen.org.nz> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20080110014157.GB53978@osiris.chen.org.nz> User-Agent: Mutt/1.4.2.3i X-Virus-Checked: Checked by ClamAV on apache.org On Thu, Jan 10, 2008 at 02:41:57PM +1300, Jonathan Chen wrote: [...] > Any examples on the resultant JAAS configuration file would be > appreciated. Here's one for the archives: After several iterations of trial and error, it looks like the following configuration will work: MyApp { org.apache.geronimo.openejb.OpenejbRemoteLoginModule required org.apache.geronimo.openejb.OpenejbRemoteLoginModule.RemoteSecurityRealm="MyAppRealm" org.apache.geronimo.openejb.OpenejbRemoteLoginModule.ServerURI="ejbd://localhost:4201"; }; My only complaint is that the option-flag names are a bit of an overkill. It'd be nice if it was just "RemoteSecurityRealm" and "ServerURI". Cheers. -- Jonathan Chen ---------------------------------------------------------------------- "A little learning is a dangerous thing but a lot of ignorance is just as bad." - Bob Edwards