Mailing-List: contact user-help@geronimo.apache.org; run by ezmlm
Precedence: bulk
Reply-To: user@geronimo.apache.org
Received-SPF: pass (nike.apache.org: domain of yingtang1983@gmail.com
 designates 209.85.198.224 as permitted sender)
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=gamma;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :content-type;
        b=SoHmFxKol3rhhB4/tcAGHLpAfxyBXRWeGqHT5AW5nlyOmna8ZZWxGavT4Ounp2bv/E
         S2xe5CoZid4gxyFzD43pvIGpUIK0wa4xs1xadfpuWwi2jMRd4UF+XKGO/6cZul3OLFz3
         IR4J45mLuI4zQuy/dQqUl8JfHUkNO9NrFxlLw=
MIME-Version: 1.0
In-Reply-To: <F8E94F76-76B3-4555-9C93-428E22685221@yahoo.com>
References: <22093927.post@talk.nabble.com>
	 <25b884430902190117v1f9a0e80g5ae45f90bb64acb6@mail.gmail.com>
	 <22100434.post@talk.nabble.com>
	 <F8E94F76-76B3-4555-9C93-428E22685221@yahoo.com>
Date: Fri, 20 Feb 2009 11:19:46 +0800
Message-ID: <25b884430902191919v112742b2u168266a4429b1a9@mail.gmail.com>
Subject: Re: Admin Console Access and Security Realm
From: Ying Tang <yingtang1983@gmail.com>
To: user@geronimo.apache.org
Content-Type: multipart/alternative; boundary=000e0cd2e2d2f8ad970463511f96

--000e0cd2e2d2f8ad970463511f96
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

Hi David,

   Thanks for clarification.  I really misunderstood the question..

Best  Regards,

Ying Tang

2009/2/20 David Jencks <david_jencks@yahoo.com>

>
> On Feb 19, 2009, at 5:31 AM, Michael2 wrote:
>
>
>> Hello Ying:
>>
>> Thank you for the information.
>>
>> I am not clear what you said about the SQL database security realm: "the
>> SQL
>> database security realm is used to authenticate username and password from
>> the built-in Derby database".  Could you explain more?
>> If we cannot use the realm to authenticate Admin Console users, can we use
>> it the authenticate application users?
>>
>
> While what Ying said is correct, I don't think it answered your question.
>  IIUC what you want to do is covered by the instructions here:
> http://cwiki.apache.org/GMOxDOC22/basic-hints-on-security-configuration.html
>
> Note that the admin console is set up to use a security realm named
> "geronimo-admin" so you have to set up your SQL security realm with that
> name and disable the realm of that name supplied with geronimo (which will
> happen when you include the artifact aliases as recommended in the article).
>
> hope this helps
> david jencks
>
>
>
>>
>> Thanks.
>>
>> Michael
>>
>>
>> Sophia Tang wrote:
>>
>>>
>>> Hi Michael,
>>>
>>> As far as I can tell, the SQL database security realm is used to
>>> authenticate username and password from the built-in Derby database, not
>>> for
>>> Geronimo admin console.
>>>
>>> For changing the username and password for the Administration Console,
>>> you
>>> can use the *Users and Groups* portlet  in the console.
>>>
>>> Please see this page for more details:
>>> http://cwiki.apache.org/GMOxDOC22/changing-the-username-and-password.html
>>>
>>> Hope this helps.
>>>
>>>
>>> Best Regards,
>>>
>>> Ying Tang
>>>
>>> 2009/2/19 Michael2 <wtistang@yahoo.com>
>>>
>>>
>>>> I created a new SQL Security Realm, tested and deployed to Geronimo
>>>> 2.1.3
>>>> server, but when I reboot the server and try to use the new user name
>>>> and
>>>> password defined in the new SQL Security Realm to log into the admin
>>>> console, it does not work. I have to use the default user name and
>>>> password
>>>> to get in.
>>>>
>>>> My question is: can I use the SQL Security Realm for the Admin Console
>>>> user
>>>> authentication?
>>>>
>>>> Thanks for your help.
>>>>
>>>> Michael.
>>>> --
>>>> View this message in context:
>>>>
>>>> http://www.nabble.com/Admin-Console-Access-and-Security-Realm-tp22093927s134p22093927.html
>>>> Sent from the Apache Geronimo - Users mailing list archive at
>>>> Nabble.com.
>>>>
>>>>
>>>>
>>>
>>>
>> --
>> View this message in context:
>> http://www.nabble.com/Admin-Console-Access-and-Security-Realm-tp22093927s134p22100434.html
>> Sent from the Apache Geronimo - Users mailing list archive at Nabble.com.
>>
>>
>

--000e0cd2e2d2f8ad970463511f96
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

Hi David,<br><br>&nbsp;&nbsp; Thanks for clarification.&nbsp; I really misu=
nderstood the question..<br><br>Best&nbsp; Regards,<br><br>Ying Tang<br><br=
><div class=3D"gmail_quote">2009/2/20 David Jencks <span dir=3D"ltr">&lt;<a=
 href=3D"mailto:david_jencks@yahoo.com">david_jencks@yahoo.com</a>&gt;</spa=
n><br>
<blockquote class=3D"gmail_quote" style=3D"border-left: 1px solid rgb(204, =
204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div class=3D"Ih2=
E3d"><br>
On Feb 19, 2009, at 5:31 AM, Michael2 wrote:<br>
<br>
<blockquote class=3D"gmail_quote" style=3D"border-left: 1px solid rgb(204, =
204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<br>
Hello Ying:<br>
<br>
Thank you for the information.<br>
<br>
I am not clear what you said about the SQL database security realm: &quot;t=
he SQL<br>
database security realm is used to authenticate username and password from<=
br>
the built-in Derby database&quot;. &nbsp;Could you explain more?<br>
If we cannot use the realm to authenticate Admin Console users, can we use<=
br>
it the authenticate application users?<br>
</blockquote>
<br></div>
While what Ying said is correct, I don&#39;t think it answered your questio=
n. &nbsp;IIUC what you want to do is covered by the instructions here: &nbs=
p;<a href=3D"http://cwiki.apache.org/GMOxDOC22/basic-hints-on-security-conf=
iguration.html" target=3D"_blank">http://cwiki.apache.org/GMOxDOC22/basic-h=
ints-on-security-configuration.html</a><br>

<br>
Note that the admin console is set up to use a security realm named &quot;g=
eronimo-admin&quot; so you have to set up your SQL security realm with that=
 name and disable the realm of that name supplied with geronimo (which will=
 happen when you include the artifact aliases as recommended in the article=
).<br>

<br>
hope this helps<br><font color=3D"#888888">
david jencks</font><div><div></div><div class=3D"Wj3C7c"><br>
<br>
<blockquote class=3D"gmail_quote" style=3D"border-left: 1px solid rgb(204, =
204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<br>
<br>
Thanks.<br>
<br>
Michael<br>
<br>
<br>
Sophia Tang wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"border-left: 1px solid rgb(204, =
204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<br>
Hi Michael,<br>
<br>
As far as I can tell, the SQL database security realm is used to<br>
authenticate username and password from the built-in Derby database, not<br=
>
for<br>
Geronimo admin console.<br>
<br>
For changing the username and password for the Administration Console,<br>
you<br>
can use the *Users and Groups* portlet &nbsp;in the console.<br>
<br>
Please see this page for more details:<br>
<a href=3D"http://cwiki.apache.org/GMOxDOC22/changing-the-username-and-pass=
word.html" target=3D"_blank">http://cwiki.apache.org/GMOxDOC22/changing-the=
-username-and-password.html</a><br>
<br>
Hope this helps.<br>
<br>
<br>
Best Regards,<br>
<br>
Ying Tang<br>
<br>
2009/2/19 Michael2 &lt;<a href=3D"mailto:wtistang@yahoo.com" target=3D"_bla=
nk">wtistang@yahoo.com</a>&gt;<br>
<br>
<blockquote class=3D"gmail_quote" style=3D"border-left: 1px solid rgb(204, =
204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<br>
I created a new SQL Security Realm, tested and deployed to Geronimo 2.1.3<b=
r>
server, but when I reboot the server and try to use the new user name and<b=
r>
password defined in the new SQL Security Realm to log into the admin<br>
console, it does not work. I have to use the default user name and<br>
password<br>
to get in.<br>
<br>
My question is: can I use the SQL Security Realm for the Admin Console<br>
user<br>
authentication?<br>
<br>
Thanks for your help.<br>
<br>
Michael.<br>
--<br>
View this message in context:<br>
<a href=3D"http://www.nabble.com/Admin-Console-Access-and-Security-Realm-tp=
22093927s134p22093927.html" target=3D"_blank">http://www.nabble.com/Admin-C=
onsole-Access-and-Security-Realm-tp22093927s134p22093927.html</a><br>
Sent from the Apache Geronimo - Users mailing list archive at Nabble.com.<b=
r>
<br>
<br>
</blockquote>
<br>
<br>
</blockquote>
<br>
-- <br>
View this message in context: <a href=3D"http://www.nabble.com/Admin-Consol=
e-Access-and-Security-Realm-tp22093927s134p22100434.html" target=3D"_blank"=
>http://www.nabble.com/Admin-Console-Access-and-Security-Realm-tp22093927s1=
34p22100434.html</a><br>

Sent from the Apache Geronimo - Users mailing list archive at Nabble.com.<b=
r>
<br>
</blockquote>
<br>
</div></div></blockquote></div><br>

--000e0cd2e2d2f8ad970463511f96--