Re: Struts 2/Geronimo Security Realm best practices
In your application plan, declare a dependency on the realm configuration (in this case console.realm/Testing/1,0/car). You should use the realm-name (in this case, "Testing") as the name parameter for LoginContext constructor. Vamsi On 6/27/07, Java_James <[EMAIL PROTECTED]> wrote: Thanks for the response. I'm trying to access the security realm programmatically through JAAS. I suppose I should also mention that I am using the latest release of Geronimo 2. There seems to be very little documentation for this release. I have created the following realm: http://geronimo.apache.org/xml/ns/deployment-1.2";> console.realm Testing 1.0 car org.apache.geronimo.configs j2ee-security car http://geronimo.apache.org/xml/ns/deployment-1.2"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> Testing ServerInfo JaasLoginService http://geronimo.apache.org/xml/ns/loginconfig-1.2";> Testing org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule users.properties groups.properties Testing-Audit org.apache.geronimo.security.realm.providers.FileAuditLoginModule login_audit.log When I set up a new LoginContext in my application, I am not sure what values to pass it in order to access this realm. any help would be greatly appreciated. Mark Aufdencamp wrote: > > A nice example of defining Realms and Roles exists in the sample > applications. > > http://cwiki.apache.org/GMOxDOC11/web-application-security-sample.html > I'm using Struts 1.2 with a MySQL Backed Security Realm. The real > trick involves setting up a login page with the proper form that submits > to j_security_check along with setting up the security realm and the roles > in web.xml/geronimo-web.xml. If you've cheked out the sample and > have more specific questions, post them and we'll give a shot at a right > answer.:) > > Mark Aufdencamp > [EMAIL PROTECTED] > > Original Message Subject: Struts 2/Geronimo Security > Realm best practices From: Java_James <[EMAIL PROTECTED]> Date: > Mon, June 25, 2007 3:53 pm To: user@geronimo.apache.org Hi all, > > I'm new to the world of struts 2 and geronimo. I was wondering if there > were any best practices when it came to setting up your web > application to > use Geronimo's security realm. > > I'm hoping to be able to call the security realm through an action (or > some > sort of wrapped object doing the authentication). There seems to be very > little documentation on using the two technologies together. > > Any help would be appreciated. > > Thanks. > -- > View this message in context: > http://www.nabble.com/Struts-2-Geronimo-Security-Realm-best-practices-tf3978596s134.html#a11294301 > Sent from the Apache Geronimo - Users mailing list archive at Nabble.com . > > > > -- View this message in context: http://www.nabble.com/Struts-2-Geronimo-Security-Realm-best-practices-tf3978596s134.html#a11329990 Sent from the Apache Geronimo - Users mailing list archive at Nabble.com.
RE: Struts 2/Geronimo Security Realm best practices
Thanks for the response. I'm trying to access the security realm programmatically through JAAS. I suppose I should also mention that I am using the latest release of Geronimo 2. There seems to be very little documentation for this release. I have created the following realm: http://geronimo.apache.org/xml/ns/deployment-1.2";> console.realm Testing 1.0 car org.apache.geronimo.configs j2ee-security car http://geronimo.apache.org/xml/ns/deployment-1.2"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> Testing ServerInfo JaasLoginService http://geronimo.apache.org/xml/ns/loginconfig-1.2";> Testing org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule users.properties groups.properties Testing-Audit org.apache.geronimo.security.realm.providers.FileAuditLoginModule login_audit.log When I set up a new LoginContext in my application, I am not sure what values to pass it in order to access this realm. any help would be greatly appreciated. Mark Aufdencamp wrote: > > A nice example of defining Realms and Roles exists in the sample > applications. > > http://cwiki.apache.org/GMOxDOC11/web-application-security-sample.html > I'm using Struts 1.2 with a MySQL Backed Security Realm. The real > trick involves setting up a login page with the proper form that submits > to j_security_check along with setting up the security realm and the roles > in web.xml/geronimo-web.xml. If you've cheked out the sample and > have more specific questions, post them and we'll give a shot at a right > answer.:) > > Mark Aufdencamp > [EMAIL PROTECTED] > > Original Message Subject: Struts 2/Geronimo Security > Realm best practices From: Java_James <[EMAIL PROTECTED]> Date: > Mon, June 25, 2007 3:53 pm To: user@geronimo.apache.org Hi all, > > I'm new to the world of struts 2 and geronimo. I was wondering if there > were any best practices when it came to setting up your web > application to > use Geronimo's security realm. > > I'm hoping to be able to call the security realm through an action (or > some > sort of wrapped object doing the authentication). There seems to be very > little documentation on using the two technologies together. > > Any help would be appreciated. > > Thanks. > -- > View this message in context: > http://www.nabble.com/Struts-2-Geronimo-Security-Realm-best-practices-tf3978596s134.html#a11294301 > > Sent from the Apache Geronimo - Users mailing list archive at Nabble.com. > > > > -- View this message in context: http://www.nabble.com/Struts-2-Geronimo-Security-Realm-best-practices-tf3978596s134.html#a11329990 Sent from the Apache Geronimo - Users mailing list archive at Nabble.com.
how do I deploy a security realm along with an application?
I am trying to deploy a security realm plan along with an application, so that I do not have to separately deploy the plan and application. I have following in my geronimo-application.xml http://geronimo.apache.org/xml/ns/j2ee/application-1.2";> http://geronimo.apache.org/xml/ns/deployment-1.2";> ${pom.groupId} ${pom.artifactId} 2.0-SNAPSHOT ear TimeReportRealm.xml As I commented in the deployment descriptor above, I do not know what other line I need to write there because in the console, if I just supply the plan it everything works fine. Is this even the right place to put a security realm plan? Any help will be appreciated. Thanks, Viet