With the last version of JOnAS it is now possible to use security
with RMI as well as Jeremie.
As the propagation of contextual information is different depending
on the ORB used, there is some differences when you want to use
security with RMI or Jeremie.
In both cases you must:
1)define which methods of the EJB are protected
and who can access them, this is done in the deployment descriptor of
the
EJB (the ejb-jar.xml file).
2) define the mapping between principals ans roles. this is done in
the jonas-users.properties file. If there is no
jonas-users.properties file
you will see the message No Security Service at EJBServer start up
time.
3) Deployment
If you use Jeremie :
No special deployment is needed for the EJBs but you need to
provide
a jonathan.prop file in which properties must be set.
Have a look at the jonathan.prop file that is under $JONAS_ROOT
you will see that by default the three properties relative to
the security are'nt set. You only have to uncomment these lines
and place the jonathan.prop file in a location seen via the
CLASSPATH
and the security context propagation procces will occur.
If you use RMI:
You must deploy your bean by using the
GenIC -secpropag command
no property file is needed.
4) Advanced Security:
For the very experimented users that want to provide their own
implementation
of security service it is possible to do so.
They have to provide a java class that implements
org.objectweb.jonas.security.SecurityService interface
and set the property jonas.security.implementation in jonas.properties
file
example:
jonas.security.implementation tests.ejb.security.MySecurityService
by default JonAS is using
org.objectweb.jonas.security.JonasSecurityServiceImpl class.
--
Philippe
Philippe Coq Evidian Phone: (33) 04 76 29 78 49
Bull S.A - 1 rue de Provence - 38432 Echirolles Cedex France
Download our EJBServer at http://www.objectweb.org
----
To unsubscribe, send email to [EMAIL PROTECTED] and
include in the body of the message "unsubscribe jonas-users".
For general help, send email to [EMAIL PROTECTED] and
include in the body of the message "help".
