On Jan 15, 2009, at 1:15 AM, Ivan wrote:
Shall we need a dumb SecurityRealmGBean which will delegate all the
calls to the default login config ? In that way, the users could
have more choices and quickly deploy their existing applications
which have used the third-party authentication modules.
Thanks for any comment
This might work, its worth looking into. I don't think it would be
exactly a SecurityRealmGBean but maybe a SecurityRealmBuilderGBean.
JASPI's (optional) use of JAAS involves this constructor:
LoginContext loginContext = new LoginContext(realm, subject,
callbackHandler, configuration);
so it might be worth seeing about converting all our login calls to
supply the configuration from whatever source is needed.
thanks
david jencks
2009/1/14 David Jencks <david_jen...@yahoo.com>
On Jan 13, 2009, at 11:05 PM, axiez wrote:
Which file should I edit to set the system property
java.security.auth.login.config so that LoginContext knows where to
look for
a given login configuration?
We don't use the sun provided default file based login config.
Instead you configure security realms using the
GenericSecurityRealmGBean.
See http://cwiki.apache.org/GMOxDOC22/configuring-login-modules.html
There is an admin console wizard to help construct plans and I
suspect there is also an eclipse plugin wizard in the GEP.
thanks
david jencks
--
View this message in context:
http://www.nabble.com/system-property-for-login-configuration-file-tp21450978s134p21450978.html
Sent from the Apache Geronimo - Users mailing list archive at
Nabble.com.
--
Ivan