Return-Path: Delivered-To: apmail-incubator-jsecurity-user-archive@locus.apache.org Received: (qmail 13791 invoked from network); 6 Nov 2008 20:32:53 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 6 Nov 2008 20:32:53 -0000 Received: (qmail 24781 invoked by uid 500); 6 Nov 2008 20:33:00 -0000 Delivered-To: apmail-incubator-jsecurity-user-archive@incubator.apache.org Received: (qmail 24772 invoked by uid 500); 6 Nov 2008 20:33:00 -0000 Mailing-List: contact jsecurity-user-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: jsecurity-user@incubator.apache.org Delivered-To: mailing list jsecurity-user@incubator.apache.org Received: (qmail 24763 invoked by uid 99); 6 Nov 2008 20:33:00 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 06 Nov 2008 12:33:00 -0800 X-ASF-Spam-Status: No, hits=-1.0 required=10.0 tests=RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of jhaile@fastmail.fm designates 66.111.4.29 as permitted sender) Received: from [66.111.4.29] (HELO out5.smtp.messagingengine.com) (66.111.4.29) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 06 Nov 2008 20:31:42 +0000 Received: from compute2.internal (compute2.internal [10.202.2.42]) by out1.messagingengine.com (Postfix) with ESMTP id 5A6F71A7ABE for ; Thu, 6 Nov 2008 15:32:24 -0500 (EST) Received: from heartbeat2.messagingengine.com ([10.202.2.161]) by compute2.internal (MEProxy); Thu, 06 Nov 2008 15:32:24 -0500 X-Sasl-enc: kvWQFx4SAoNK/NcFe9xEwmySA0jwIskWfNi7QO7aeHRG 1226003543 Received: from [172.16.2.239] (unknown [74.7.6.178]) by mail.messagingengine.com (Postfix) with ESMTPSA id 7B5E73BE13 for ; Thu, 6 Nov 2008 15:32:23 -0500 (EST) Message-Id: <89D9D609-0EF5-4067-B2B6-8E8B00371847@fastmail.fm> From: Jeremy Haile To: jsecurity-user@incubator.apache.org In-Reply-To: <4910C8F6.3000503@lorrev.org> Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v929.2) Subject: Re: How to use my own realm? Date: Thu, 6 Nov 2008 15:32:21 -0500 References: <4910C8F6.3000503@lorrev.org> X-Mailer: Apple Mail (2.929.2) X-Virus-Checked: Checked by ClamAV on apache.org Hey John, Most users building webapps with JSecurity use the JSecurityFilter, which is easier than declaring the security manager yourself. Check out web.xml in the quickstart app included in the sample app for an example. If you are using Spring, you will want to declare the SpringJSecurityFilter. Using this filter, if you want to use the default security manager, you can simply declare a Realm in spring and the filter will automatically use it. If you want to configure the security manager manually, you can just drop the security manager in your Spring application context, and the SpringJSecurityFilter will automatically pick that up. If you want to use the default JSecurityFilter without spring, you can specify a custom realm by adding a [main] section to your JSecurity config (either specified in web.xml or in jsecurity.ini) such as: myRealm = com.mydomain.MyRealm Hope this helps you get started. Let me know if you run into any problems! Jeremy On Nov 4, 2008, at 5:13 PM, John Cladmore wrote: > Hi all, > > I am new to JSec. I was messing with Spring Security before > deciding to try JS. Here is where I am stuck. I have created a > simple web app using the jsp pages from the web sample in the JS > distribution. I have successfully configured JS to use either Basic > Auth or Form Auth filters. I read that to use my own realm, I could > set my own realm in the default security manager (which is the only > implemented security manager and which is created by default). So i > did something like this: > > MyRealm myRealm = new MyRealm(); > DefaultWebSecurityManager dsm = new > DefaultWebSecurityManager(myRealm); > SecurityUtils.setSecurityManager(dsm); > > MyRealm implements Realm, I have also tired extending one of the > other realms. I have even tried creating a default security manager > and setting the realm. > > None of my efforts have been successful so far. So what exactly am > I doing wrong or missing? > > I have been able to get the login page and my servlet to handle the > login form to invoke. In my servlet i tried to do all of this and > login (this is just testing stuff). > > Please help. > > Thanks. > > .v