|
Hi there, I use FORM-based athentication at this time, and tried to change from
the default UserManager (which I read somewhere to be an instance of
XMLUserManager) to DataSourceUserManager. Everything works A ok with the
default user manager. I got this to work with DataSourceUserManager as long as
I specify *each* userid in the
security-role-mapping – the group-names mappings don’t seem to work. I figure I either have a typo someplace (see attached orion-application.xml
and populate.sql), or the XMLUserManager is not set or consulted as Parent (as
it should be according to doc?!) for the group names stuff, and so my join
table supportuser_groups doesn’t help me because the groups (in principals.xml)
aren’t getting consulted, while the RoleManager works and maps the specified
user [customer1ntt], which is also found in the database. Questions: (1) is there a parameter to set
the parent for DataSourceUserManager (2) or do I have to call
setParent(XMLUserManager); [which jndi reference?] (3) do I need to write
MyOwnUserManager if I want to check for users in both db and principals.xml P.S. There is no error message – it’s only users don’t get authenticated
unless they appear in security-role-mapping Thanks Peter |
<?xml version=3D"1.0"?> <!DOCTYPE orion-application PUBLIC "-//Evermind//DTD J2EE Application = runtime 1.2//EN" = "http://www.orionserver.com/dtds/orion-application.dtd"> <orion-application deployment-version=3D"1.4.5"> <web-module id=3D"jSupport-web" path=3D"jSupport-web" /> <persistence path=3D"persistence" /> <principals path=3D"principals.xml" /> <!-- if administrative management of users is required, the class below = has to be subclassed --> <!-- with a class the implements at list the update() method = --> <user-manager class=3D"com.evermind.sql.DataSourceUserManager"> <property name=3D"groupMembershipTableName" = value=3D"supportuser_groups" /> <!-- join table which user to which = group --> <property name=3D"groupMembershipGroupFieldName" value=3D"usergroup" = /> <property name=3D"groupMembershipUsernameFieldName" value=3D"userid" = /> <property name=3D"table" value=3D"supportusers" /> <!----> <property name=3D"passwordField" value=3D"passwd" /> <!----> <property name=3D"usernameField" value=3D"userid" /> <!----> <property name=3D"dataSource" value=3D"jdbc/sql7jSupportDS" /> = <!----> <property name=3D"debug" value=3D"true" /> </user-manager> <security-role-mapping name=3D"AdministratorRole"> <group name=3D"AdminstratorsUserGroup" /> <user name=3D"pete" /> </security-role-mapping> <security-role-mapping name=3D"SupportEngineerRole"> <group name=3D"SupportEngineersUserGroup" /> <user name=3D"jinh" /> </security-role-mapping> <security-role-mapping name=3D"CustomerRole"> <group name=3D"CustomersUserGroup" /> <group name=3D"SupportEngineersUserGroup" /> <group name=3D"AdministratorsUserGroup" /> <user name=3D"jdoe" /> <user name=3D"customer1ntt" /> </security-role-mapping> <log> <file path=3D"application.log" /> </log> <namespace-access> <read-access> <namespace-resource root=3D""> <security-role-mapping name=3D"<jndi-user-role>"> <group name=3D"administrators" /> </security-role-mapping> </namespace-resource> </read-access> <write-access> <namespace-resource root=3D""> <security-role-mapping name=3D"<jndi-user-role>"> <group name=3D"administrators" /> </security-role-mapping> </namespace-resource> </write-access> </namespace-access> </orion-application>
populate.sql