Re: Really basic security question
1. in \var\security, create 2 files, eg:rex_users.properties & rex_groups.properties rex_users.properties --- andy=aaa bill=bbb cindy=ccc dan=ddd --- rex_groups.properties --- employee=andy,bill,cindy,dan --- 2.in Web-console -> security realms Portlet add new security realm -> name of realm: rexRealm realmType: Properties file realm -> users file URI: var/security/rex_users.properties groups file URI: var/security/rex_groups.properties -> deploy realm 3. write a app like the following attachment. HTH Rex 2009/5/2 Ken T. > I have an install of Geronimo and a few web apps installed on it and I > would like to add some basic security so that only people I ask to look > at the demos can actually access them. I've created a user under > Geronimo called "demo" and given the user a password. Now I would like > to make the necessary changes to the web.xml or geronimo.xml file to tell > my web apps to not allow use by any user other than demo (or users in the > demo role). If I need to write a form to get the user name and password, > I can do that, but if there is a default form that can be used, I would > just assume use it. > > So how do I go about doing this? > > Thanks. > > I looked online for this information but it assumed a much deeper > understanding of how security works than I really have. Any assistance > would be greatly appreciated. Thanks. > > -- > Ken T. > > cviewer_1.war Description: Binary data
Re: Really basic security question
You might want to take a look at the one of the Geronimo samples [1]. It shows how to use LDAP for authentication, but it also shows how to configure form-login. -Jack [1] http://cwiki.apache.org/GMOxDOC21/ldap-sample-app-ldap-sample-application.html 2009/5/2 Ken T. > I have an install of Geronimo and a few web apps installed on it and I > would like to add some basic security so that only people I ask to look > at the demos can actually access them. I've created a user under > Geronimo called "demo" and given the user a password. Now I would like > to make the necessary changes to the web.xml or geronimo.xml file to tell > my web apps to not allow use by any user other than demo (or users in the > demo role). If I need to write a form to get the user name and password, > I can do that, but if there is a default form that can be used, I would > just assume use it. > > So how do I go about doing this? > > Thanks. > > I looked online for this information but it assumed a much deeper > understanding of how security works than I really have. Any assistance > would be greatly appreciated. Thanks. > > -- > Ken T. > >
Really basic security question
I have an install of Geronimo and a few web apps installed on it and I would like to add some basic security so that only people I ask to look at the demos can actually access them. I've created a user under Geronimo called "demo" and given the user a password. Now I would like to make the necessary changes to the web.xml or geronimo.xml file to tell my web apps to not allow use by any user other than demo (or users in the demo role). If I need to write a form to get the user name and password, I can do that, but if there is a default form that can be used, I would just assume use it. So how do I go about doing this? Thanks. I looked online for this information but it assumed a much deeper understanding of how security works than I really have. Any assistance would be greatly appreciated. Thanks. -- Ken T.