Mailing-List: contact user-help@geronimo.apache.org; run by ezmlm
Precedence: bulk
Reply-To: user@geronimo.apache.org
Received-SPF: pass (nike.apache.org: domain of lists@nabble.com designates
 216.139.236.158 as permitted sender)
Message-ID: <22107931.post@talk.nabble.com>
Date: Thu, 19 Feb 2009 11:27:37 -0800 (PST)
From: Michael2 <wtistang@yahoo.com>
To: user@geronimo.apache.org
Subject: Re: Admin Console Access and Security Realm
In-Reply-To: <F8E94F76-76B3-4555-9C93-428E22685221@yahoo.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
References: <22093927.post@talk.nabble.com>
 <25b884430902190117v1f9a0e80g5ae45f90bb64acb6@mail.gmail.com>
 <22100434.post@talk.nabble.com>
 <F8E94F76-76B3-4555-9C93-428E22685221@yahoo.com>


Hi David:

Good suggestions. Thanks.
I also want confirm that the SQL database security realm is used to
authenticate application users (not the admin console users) using the
username and password stored in the Derby or other databases (SQL Server,
DB2, etc..), Is that right?

Thanks again.

Michael


djencks wrote:
> 
> 
> On Feb 19, 2009, at 5:31 AM, Michael2 wrote:
> 
>>
>> Hello Ying:
>>
>> Thank you for the information.
>>
>> I am not clear what you said about the SQL database security realm:  
>> "the SQL
>> database security realm is used to authenticate username and  
>> password from
>> the built-in Derby database".  Could you explain more?
>> If we cannot use the realm to authenticate Admin Console users, can  
>> we use
>> it the authenticate application users?
> 
> While what Ying said is correct, I don't think it answered your  
> question.  IIUC what you want to do is covered by the instructions  
> here: 
> http://cwiki.apache.org/GMOxDOC22/basic-hints-on-security-configuration.html
> 
> Note that the admin console is set up to use a security realm named  
> "geronimo-admin" so you have to set up your SQL security realm with  
> that name and disable the realm of that name supplied with geronimo  
> (which will happen when you include the artifact aliases as  
> recommended in the article).
> 
> hope this helps
> david jencks
> 
>>
>>
>> Thanks.
>>
>> Michael
>>
>>
>> Sophia Tang wrote:
>>>
>>> Hi Michael,
>>>
>>> As far as I can tell, the SQL database security realm is used to
>>> authenticate username and password from the built-in Derby  
>>> database, not
>>> for
>>> Geronimo admin console.
>>>
>>> For changing the username and password for the Administration  
>>> Console,
>>> you
>>> can use the *Users and Groups* portlet  in the console.
>>>
>>> Please see this page for more details:
>>> http://cwiki.apache.org/GMOxDOC22/changing-the-username-and-password.html
>>>
>>> Hope this helps.
>>>
>>>
>>> Best Regards,
>>>
>>> Ying Tang
>>>
>>> 2009/2/19 Michael2 <wtistang@yahoo.com>
>>>
>>>>
>>>> I created a new SQL Security Realm, tested and deployed to  
>>>> Geronimo 2.1.3
>>>> server, but when I reboot the server and try to use the new user  
>>>> name and
>>>> password defined in the new SQL Security Realm to log into the admin
>>>> console, it does not work. I have to use the default user name and
>>>> password
>>>> to get in.
>>>>
>>>> My question is: can I use the SQL Security Realm for the Admin  
>>>> Console
>>>> user
>>>> authentication?
>>>>
>>>> Thanks for your help.
>>>>
>>>> Michael.
>>>> --
>>>> View this message in context:
>>>> http://www.nabble.com/Admin-Console-Access-and-Security-Realm-tp22093927s134p22093927.html
>>>> Sent from the Apache Geronimo - Users mailing list archive at  
>>>> Nabble.com.
>>>>
>>>>
>>>
>>>
>>
>> -- 
>> View this message in context:
>> http://www.nabble.com/Admin-Console-Access-and-Security-Realm-tp22093927s134p22100434.html
>> Sent from the Apache Geronimo - Users mailing list archive at  
>> Nabble.com.
>>
> 
> 
> 

-- 
View this message in context: http://www.nabble.com/Admin-Console-Access-and-Security-Realm-tp22093927s134p22107931.html
Sent from the Apache Geronimo - Users mailing list archive at Nabble.com.