I have done the below steps, application works with ldap realm. Can anyone confirm these steps are correct?
1. create ldap realm and deploy, goto admin console->repository->click deployed ldap realm to see the dependency to be added to geronimo plan file 2. Unpack ear file, goto META-INF directory, create geronimo-application.xml plan file 3. Add <security-realm-name>corp-ldap</security-realm-name> right below <context-root>/SuperSnoopWeb</context-root> in geronimo-application.xml 4. Add <security> .... </security> in geronimo-application.xml 5. Add <security-role> to META-INF/application.xml 6. Unpack war file, add <security-constraint>, <login-config>, <security-role> to web.xml, If ear has more than one war file, do the same. 7. Package war file(s) 8. package ear file 9. deploy ear file ./deploy.sh deploy /home/t6652bg/binaries/sample_apps/SuperSnoop/ear/SuperSnoop.ear /home/t6652bg/binaries/sample_apps/SuperSnoop/ear/META-INF/geronimo-application.xml Using GERONIMO_BASE: /global/WebSphereCE Using GERONIMO_HOME: /global/WebSphereCE Using GERONIMO_TMPDIR: var/temp Using JRE_HOME: /opt/ibm/java2-i386-50/jre Username: system Password: ******* Deployed SuperSnoop/SuperSnoopEAR/1.0/car `-> SuperSnoopWeb.war @ /SuperSnoopWeb ----------------------------- govinda wrote: > > > Thanks David. I'm able to deploy the ear file by adding dependency in > geronimo-application.xml, how do I protect resource (/SuperSnoopWeb)? > deployer does not accept <security-constraint> element in application.xml > > Dependency: > > <sys:environment> > <sys:moduleId> > <sys:groupId>SuperSnoop</sys:groupId> > <sys:artifactId>SuperSnoopEAR</sys:artifactId> > <sys:version>1.0</sys:version> > <sys:type>car</sys:type> > </sys:moduleId> > <dependencies> > <dependency> > <groupId>console.realm</groupId> > <artifactId>corp-ldap</artifactId> > <version>1.0</version> > <type>car</type> > </dependency> > </dependencies> > </sys:environment> > > > > djencks wrote: >> >> I don't see anything obviously wrong with your xml. Is there any >> more information with the error such as a stack trace or the name of >> the class that can't be loaded? >> >> thanks >> david jencks >> >> On Mar 25, 2009, at 10:05 PM, govinda wrote: >> >>> >>> I tried to deploy ear file that has single war file and I receive the >>> following error, my geronimo-application.xml has ldap realm. >>> I have server-wide ldap realm created, deployed war and tested ldap >>> security, its working but I could not deploy ear file. Am I missing >>> any >>> security mapping? >>> >>> server001:/global/WebSphereCE/bin # ./deploy.sh deploy SuperSnoop.ear >>> geronimo-application.xml >>> Using GERONIMO_BASE: /global/WebSphereCE >>> Using GERONIMO_HOME: /global/WebSphereCE >>> Using GERONIMO_TMPDIR: var/temp >>> Using JRE_HOME: /opt/ibm/java2-i386-50/jre >>> Username: system >>> Password: ******* >>> Error: Operation failed: load of SuperSnoop/SuperSnoopEAR/1.0/car >>> failed >>> >>> Error starting configuration gbean SuperSnoop/SuperSnoopEAR/1.0/car >>> >>> Configuration gbean failed to start >>> SuperSnoop/SuperSnoopEAR/1.0/car >>> >>> reason: Class not loadable in classloader: >>> [org.apache.geronimo.kernel.config.MultiParentClassLoader >>> id=SuperSnoop/SuperSnoopEAR/1.0/car] >>> >>> geronimo-application.xml: >>> >>> <?xml version="1.0" encoding="UTF-8"?> >>> <application >>> xmlns="http://geronimo.apache.org/xml/ns/j2ee/application-2.0 >>> " >>> xmlns:sys="http://geronimo.apache.org/xml/ns/deployment-1.2" >>> application-name="SuperSnoop"> >>> <sys:environment> >>> <sys:moduleId> >>> <sys:groupId>SuperSnoop</sys:groupId> >>> <sys:artifactId>SuperSnoopEAR</sys:artifactId> >>> <sys:version>1.0</sys:version> >>> <sys:type>car</sys:type> >>> </sys:moduleId> >>> </sys:environment> >>> >>> <module> >>> <web>SuperSnoopWeb.war</web> >>> <web-app xmlns="http://geronimo.apache.org/xml/ns/j2ee/web-2.0.1" > >>> <sys:environment> >>> <sys:moduleId> >>> <sys:groupId>SuperSnoop</sys:groupId> >>> <sys:artifactId>SuperSnoopWEB</sys:artifactId> >>> <sys:version>1.0</sys:version> >>> <sys:type>war</sys:type> >>> </sys:moduleId> >>> </sys:environment> >>> <context-root>/SuperSnoopWeb</context-root> >>> <security-realm-name>corp-ldap</security-realm-name> >>> </web-app> >>> </module> >>> <security> >>> <default-principal realm-name="corp-ldap"> >>> <principal name="nobody" >>> class >>> = >>> "org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"/> >>> </default-principal> >>> <role-mappings> >>> <role role-name="admin"> >>> <realm realm-name="corp-ldap"> >>> <principal name="adminstrators" >>> class >>> = >>> "org >>> .apache.geronimo.security.realm.providers.GeronimoGroupPrincipal"/> >>> <principal name="admin" >>> class >>> = >>> "org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"/> >>> </realm> >>> </role> >>> </role-mappings> >>> </security> >>> </application> >>> >>> META-INF/application.xml: >>> >>> <?xml version="1.0" encoding="UTF-8"?> >>> <!DOCTYPE application PUBLIC "-//Sun Microsystems, Inc.//DTD J2EE >>> Application 1.2//EN" "http://java.sun.com/j2ee/dtds/application_1_2.dtd >>> "> >>> <application id="Application_ID"> >>> <display-name>SuperSnoop</display-name> >>> <module id="WebModule_1049985603917"> >>> <web> >>> <web-uri>SuperSnoopWeb.war</web-uri> >>> <context-root>SuperSnoopWeb</context-root> >>> </web> >>> </module> >>> <security-role> >>> <role-name>admin</role-name> >>> </security-role> >>> </application> >>> -- >>> View this message in context: >>> http://www.nabble.com/Deploying-ear-file-with-ldap-realm---geronimo-2.1.x-tp22711096s134p22711096.html >>> Sent from the Apache Geronimo - Dev mailing list archive at >>> Nabble.com. >>> >> >> >> > > -- View this message in context: http://www.nabble.com/Deploying-ear-file-with-ldap-realm---geronimo-2.1.x-tp22711096s134p22743125.html Sent from the Apache Geronimo - Dev mailing list archive at Nabble.com.