incubator-jspwiki-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Carlson, Eric R" <eric.carl...@kroger.com>
Subject RE: Linking JSPWiki user-ids to an external security package
Date Tue, 10 Feb 2009 18:26:24 GMT
Harry,

        I'm definitely interested in either or both solutions.   We are running JSPWiki under
Tomcat, but I did not set up any sort of security with Tomcat - just a basic Admin user-id
and password.

                                                Eric R. Carlson
                                                        Eric.Carlson@kroger.com
                                                        (513)-387-7739

-----Original Message-----
From: Harry Metske [mailto:harry.metske@gmail.com]
Sent: Tuesday, February 10, 2009 12:37 PM
To: jspwiki-user@incubator.apache.org
Subject: Re: Linking JSPWiki user-ids to an external security package

Well,

it sometimes surprises me how many people run it on z/OS :-)
You can solve your problem in two ways, using a Tomcat realm (if you run
tomcat off course), or using a JAAS login module.
I have done both, I would prefer the second one.
I can get you the source and binaries if you like, or maybe it's better if I
create a page on www.jspwiki.org and document it there and attach the
source/binaries.

What the loginmodule does is comparable to JSPWiki's
UserDatabaseLoginModule, but instead of looking up the userdatabase.xml it
calls IBM's Java for SAF interfaces (
http://www-03.ibm.com/servers/eserver/zseries/software/java/products/j5security.html)
to validate userid/pw, and throw loginexceptions based on the return/reason
codes.
There's also a simple Helper class that translates the most common codes to
human readable messages like "password expired".

Let me know if you're interested.

regards,
Harry

2009/2/10 Carlson, Eric R <eric.carlson@kroger.com>

> Is there any way to link the JSPWiki user database to an external security
> package?
>
> Specifically, we are running JSPWiki 2.8.1 in Unix System Services under
> z/OS 1.9.  We have RACF running on z/OS.  I'd like JSPWiki to be able to
> check the user's RACF user-id and password to verify security.
>
> I realize that there aren't many people out there running JSPWiki under
> z/OS, but if someone has had experience using JSPWiki with some other
> external security package it may help point me in the right direction.
>
>
>                                                Eric Carlson
>                                                            The Kroger Co.
>
>
> ________________________________
> This e-mail message, including any attachments, is for the sole use of the
> intended recipient(s) and may contain information that is confidential and
> protected by law from unauthorized disclosure. Any unauthorized review, use,
> disclosure or distribution is prohibited. If you are not the intended
> recipient, please contact the sender by reply e-mail and destroy all copies
> of the original message.
>

This e-mail message, including any attachments, is for the sole use of the intended recipient(s)
and may contain information that is confidential and protected by law from unauthorized disclosure.
Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the
intended recipient, please contact the sender by reply e-mail and destroy all copies of the
original message.
Mime
View raw message