Good job, and thanks for posting your solution back to the mailing list. 2010/11/2 Chris Selwyn <ch...@selwyn-family.me.uk>
> To answer my own question (and record a method that works for > posterity)... > > What I did was:- > > - Configure my Glassfish domain's login.conf with a "seam" LoginModule > as follows > seam { > org.jboss.seam.security.jaas.SeamLoginModule required; > }; > > - Create a Seam authenticator that authenticates against a Glassfish > realm using Glassfish's ProgrammaticLogin as shown below. > The code in the authenticator uses the hardcoded realm called > "fileRealm". Maybe I need to find a way to configure that. > > - Configure my Guvnor's identity component by changing the > components.xml inside the exploded drools-guvnor directory as follows:- > <security:identity > authenticate-method="#{gfauthenticator.authenticate}" > jaas-config-name="seam"/> > This ties the inbuilt Seam JAAS LoginModule to the Glassfish realm > authenticator. > > - Add new users to the "file" realm. > > - Now the users in the file realm can be authenticated as Guvnor > users. > > Text of the SeamAuthenticator for a Glassfish realm... > > <QUOTE> > package uk.co.mendipit.glassfishrealmauthenticator; > > import com.sun.appserv.security.ProgrammaticLogin; > import java.util.logging.Level; > import java.util.logging.Logger; > import org.jboss.seam.annotations.Name; > import org.jboss.seam.security.Identity; > > /** > * > * @author Chris > Selwyn<chris.sel...@mendipit.co.uk><chris.sel...@mendipit.co.uk> > */ > @Name("gfauthenticator") > public class GlassfishRealmAuthenticator { > private Logger logger = Logger.getLogger(this.getClass().getName()); > public boolean authenticate() { > try { > String userNm = > Identity.instance().getCredentials().getUsername(); > String pass = > Identity.instance().getCredentials().getPassword(); > ProgrammaticLogin plogin = new ProgrammaticLogin(); > > return plogin.login(userNm, pass, "fileRealm", true); > } catch (Exception ex) { > > logger.log(Level.SEVERE, null, ex); > return false; > } > } > } > </QUOTE> > > Chris Selwyn > > On 01/11/2010 17:50, Chris Selwyn wrote: > > I am using Guvnor 2.1.1 on Glassfish 2.1 and mostly it seems to work > very well. > > However, I am now looking to setup authentication of users to the Guvnor > server and this is where I am finding problems. > > I tried writing a class with an "authenticate" method to authenticate > against a Glassfish realm using ProgrammaticLogin but (as far as I can > tell) this class is not being used by Guvnor. > > Looking at the source, Guvnor appears to only use the > org.jboss.seam.security.Identity.authenticate method which uses only the > jaas-config-name value from the components.xml file. > So I then tried setting the jaas-config-name to "fileRealm" (which > exists in Glassfish's default login.conf) but now I get > "javax.security.auth.login.LoginException: No credentials." logged in my > server.log (and the user get a fail message, naturally). > > Has anyone out there managed to configure Guvnor to authenticate against > a Glassfish realm or JAAS context and would be willing to help me through? > > Chris Selwyn > > _______________________________________________ > rules-users mailing > listrules-us...@lists.jboss.orghttps://lists.jboss.org/mailman/listinfo/rules-users > > > ----- > No virus found in this message. > Checked by AVG - www.avg.com > Version: 10.0.1153 / Virus Database: 424/3232 - Release Date: 11/01/10 > > > _______________________________________________ > rules-users mailing list > rules-users@lists.jboss.org > https://lists.jboss.org/mailman/listinfo/rules-users > >
_______________________________________________ rules-users mailing list rules-users@lists.jboss.org https://lists.jboss.org/mailman/listinfo/rules-users