Joseph B. Ottinger wrote:
> This has virtually nothing to do with Orion.
>
> However, you can do this in a LOT of ways: "Save As" from your browser,
> you can use various mirroring tools, you could even use a URLConnection
> from java.net.* and use one of the java.io classes to write it to your
> local filesystem... as well as a thousand other ways.
>
> On Thu, 21 Dec 2000, cgreen wrote:
>
>> Hi,all:
>> I want to read a internet page(e:http://www.microsoft.com/) and put the page to
>a file(e: c:/temp.txt).
>> How to do ?
>>
>> Thanks very much!
>>
>> cgreen
>>
>>
>>
>
Actually I'd suggest putting the file to /dev/null...
Joseph! Great work on the Orion Support site btw. I really think people
need help with user authentication
on orionsupport.
Here's some stuff for DataSourceUserManager, haven't got much time
tonight - hope there aren't any mistakes:
Lets say we want to protect the resource '/members' (lets say its a
servlet) in your web application, we need a security constraint in web.xml:
<security-constraint>
<!-- first define the resource to protect, specify url name and
description -->
<web-resource-collection>
<web-resource-name>members</web-resource-name>
<description>member protected area</description>
<url-pattern>/members</url-pattern>
</web-resource-collection>
<!-- next define authorizaton for the resource - role and description -->
<auth-constraint>
<description>some descrption</description>
<role-name>user</role-name>
</auth-constraint>
</security-constraint>
So now '/members' is only authorized to people with a 'user' role.
Next we make people log-in once they hit our members resource;
use BASIC auth until it's working (again in web.xml):
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>orionInterest</realm-name>
</login-config>
Now, In application.xml/web.xml we declare our needed security role of
user, do:
<security-role>
<description>User role in this application</description>
<role-name>user</role-name>
</security-role>
That's the J2EE generic side out of the way (dont try anything fancy
like role-links or form auth until basics are working).
In orion-application.xml, under application-deployments, you create a
link from the J2EE role to orion specific user group/groups:
<security-role-mapping name="user">
<group name="niceguys" />
</security-role-mapping>
Now anyone that logs in and is found to be in the "niceguys" group will
be assigned a role of user and can
access "/members". Finally we have a declaration for
orion-application.xml to authenticate people using
the DataSourceUserManager:
<!-- point at the DB User Manager -->
<user-manager class="com.evermind.sql.DataSourceUserManager">
<!-- The user manager will get check logins against the 'user' table -->
<property name="table" value="user" />
<!-- Use the hypersonic datasource to access it for example -->
<property name="dataSource" value="jdbc/HypersonicDS" />
<!-- our username within the 'user' table (j_username for form auth) -->
<property name="usernameField" value="username" />
<!-- the password within the 'user' table (j_password for form auth) -->
<property name="passwordField" value="password" />
<!-- if there is a table with roles per username, state it here - in
this case usergroups -->
<property name="groupMembershipTableName"
value="usergroups" />
<!-- the username field in the usergroups table is user_name for eg.-->
<property name="groupMembershipUsernameFieldName"
value="user_name"/>
<!-- the group belonged to is in field user_group we want our username
to be pulling niceguys from this field -->
<property name="groupMembershipGroupFieldName"
value="user_group" />
<!-- I'd like all authenticated users to be in the group everybody, can
add more by separating with commas -->
<property name="defaultGroups" value="everybody" />
</user-manager>
Create the tables and set stuff up:
create table user (username varchar not null primary key, password varchar)
create table usergroups (user_name varchar not null, user_group varchar
not null)
insert into user values ('Linus','Penguin')
insert into usergroups values ('Linus','niceguys')
Now on booting up Orion, Linus should be able to access '/members' by
logging in.
Bit wordy and I hope it works (I've lokked over it a couple of times),
but rather then just tell everyone to re-read the api's, lets
get something up.
Seeya,
Simon.
