RE: Linking JSPWiki user-ids to an external security package

Tue, 10 Feb 2009 10:27:32 -0800 

Harry,

        I'm definitely interested in either or both solutions.   We are running 
JSPWiki under Tomcat, but I did not set up any sort of security with Tomcat - 
just a basic Admin user-id and password.

                                                Eric R. Carlson
                                                        [email protected]
                                                        (513)-387-7739

-----Original Message-----
From: Harry Metske [mailto:[email protected]]
Sent: Tuesday, February 10, 2009 12:37 PM
To: [email protected]
Subject: Re: Linking JSPWiki user-ids to an external security package

Well,

it sometimes surprises me how many people run it on z/OS :-)
You can solve your problem in two ways, using a Tomcat realm (if you run
tomcat off course), or using a JAAS login module.
I have done both, I would prefer the second one.
I can get you the source and binaries if you like, or maybe it's better if I
create a page on www.jspwiki.org and document it there and attach the
source/binaries.

What the loginmodule does is comparable to JSPWiki's
UserDatabaseLoginModule, but instead of looking up the userdatabase.xml it
calls IBM's Java for SAF interfaces (
http://www-03.ibm.com/servers/eserver/zseries/software/java/products/j5security.html)
to validate userid/pw, and throw loginexceptions based on the return/reason
codes.
There's also a simple Helper class that translates the most common codes to
human readable messages like "password expired".

Let me know if you're interested.

regards,
Harry

2009/2/10 Carlson, Eric R <[email protected]>

> Is there any way to link the JSPWiki user database to an external security
> package?
>
> Specifically, we are running JSPWiki 2.8.1 in Unix System Services under
> z/OS 1.9.  We have RACF running on z/OS.  I'd like JSPWiki to be able to
> check the user's RACF user-id and password to verify security.
>
> I realize that there aren't many people out there running JSPWiki under
> z/OS, but if someone has had experience using JSPWiki with some other
> external security package it may help point me in the right direction.
>
>
>                                                Eric Carlson
>                                                            The Kroger Co.
>
>
> ________________________________
> This e-mail message, including any attachments, is for the sole use of the
> intended recipient(s) and may contain information that is confidential and
> protected by law from unauthorized disclosure. Any unauthorized review, use,
> disclosure or distribution is prohibited. If you are not the intended
> recipient, please contact the sender by reply e-mail and destroy all copies
> of the original message.
>

This e-mail message, including any attachments, is for the sole use of the 
intended recipient(s) and may contain information that is confidential and 
protected by law from unauthorized disclosure. Any unauthorized review, use, 
disclosure or distribution is prohibited. If you are not the intended 
recipient, please contact the sender by reply e-mail and destroy all copies of 
the original message.

Reply via email to