the following link https://bitbucket.org/VineetReynolds/java-ee-6-galleria into the source contain a ear applicatio nwith ejb and jsf . it use security and roles
It is writed for glassfish . How i can use it with tomee ? i have simple to create groups and user to associate to gorups into server.xml? if you read at : https://bitbucket.org/VineetReynolds/java-ee-6-galleria/src/b76114fb0477072853ddc459e3e746a5fc70851b/galleria-ejb/glassfish-integrationtest-install/glassfish/domains/domain1/config/domain.xml?at=default ------------------------------ <!-- THE PART OF SECURITY <security-service activate-default-principal-to-role-mapping="true" jacc="simple"> <auth-realm classname="com.sun.enterprise.security.auth.realm.file.FileRealm" name="admin-realm"> <property value="${com.sun.aas.instanceRoot}/config/admin-keyfile" name="file"/> <property value="fileRealm" name="jaas-context"/> </auth-realm> <auth-realm classname="com.sun.enterprise.security.auth.realm.file.FileRealm" name="file"> <property value="${com.sun.aas.instanceRoot}/config/keyfile" name="file"/> <property value="fileRealm" name="jaas-context"/> </auth-realm> <auth-realm classname="com.sun.enterprise.security.auth.realm.certificate.CertificateRealm" name="certificate"/> <auth-realm name="GalleriaRealm" classname="com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm"> <property description="null" name="jaas-context" value="jdbcRealm"></property> <property name="encoding" value="Hex"></property> <property description="null" name="password-column" value="PASSWORD"></property> <property name="datasource-jndi" value="jdbc/galleriaDS"></property> <property name="group-table" value="USERS_GROUPS"></property> <property name="user-table" value="USERS"></property> <property description="null" name="group-name-column" value="GROUPID"></property> <property name="digest-algorithm" value="SHA-512"></property> <property description="null" name="user-name-column" value="USERID"></property> </auth-realm> <jacc-provider policy-configuration-factory-provider="com.sun.enterprise.security.provider.PolicyConfigurationFactoryImpl" policy-provider="com.sun.enterprise.security.provider.PolicyWrapper" name="default"> <property value="${com.sun.aas.instanceRoot}/generated/policy" name="repository"/> </jacc-provider> <jacc-provider policy-configuration-factory-provider="com.sun.enterprise.security.jacc.provider.SimplePolicyConfigurationFactory" policy-provider="com.sun.enterprise.security.jacc.provider.SimplePolicyProvider" name="simple"/> <audit-module classname="com.sun.enterprise.security.Audit" name="default"> <property value="false" name="auditOn"/> </audit-module> <message-security-config auth-layer="SOAP"> <provider-config provider-id="XWS_ClientProvider" class-name="com.sun.xml.wss.provider.ClientSecurityAuthModule" provider-type="client"> <request-policy auth-source="content"/> <response-policy auth-source="content"/> <property value="s1as" name="encryption.key.alias"/> <property value="s1as" name="signature.key.alias"/> <property value="false" name="dynamic.username.password"/> <property value="false" name="debug"/> </provider-config> <provider-config provider-id="ClientProvider" class-name="com.sun.xml.wss.provider.ClientSecurityAuthModule" provider-type="client"> <request-policy auth-source="content"/> <response-policy auth-source="content"/> <property value="s1as" name="encryption.key.alias"/> <property value="s1as" name="signature.key.alias"/> <property value="false" name="dynamic.username.password"/> <property value="false" name="debug"/> <property value="${com.sun.aas.instanceRoot}/config/wss-server-config-1.0.xml" name="security.config"/> </provider-config> <provider-config provider-id="XWS_ServerProvider" class-name="com.sun.xml.wss.provider.ServerSecurityAuthModule" provider-type="server"> <request-policy auth-source="content"/> <response-policy auth-source="content"/> <property value="s1as" name="encryption.key.alias"/> <property value="s1as" name="signature.key.alias"/> <property value="false" name="debug"/> </provider-config> <provider-config provider-id="ServerProvider" class-name="com.sun.xml.wss.provider.ServerSecurityAuthModule" provider-type="server"> <request-policy auth-source="content"/> <response-policy auth-source="content"/> <property value="s1as" name="encryption.key.alias"/> <property value="s1as" name="signature.key.alias"/> <property value="false" name="debug"/> <property value="${com.sun.aas.instanceRoot}/config/wss-server-config-1.0.xml" name="security.config"/> </provider-config> </message-security-config> <property value="SHA-256" name="default-digest-algorithm"/> </security-service> ------------------ if you see at https://bitbucket.org/VineetReynolds/java-ee-6-galleria/src/b76114fb0477072853ddc459e3e746a5fc70851b/galleria-ejb/src/main/java/info/galleria/service/ejb/AlbumServiceImpl.java?at=default you can see that into the declaration for the ejb : @Stateless @EJB(name = "java:global/galleria/galleria-ejb/AlbumService", beanInterface = AlbumService.class) @RolesAllowed({ "RegisteredUsers" }) @TransactionAttribute(TransactionAttributeType.REQUIRED) public class AlbumServiceImpl implements AlbumService { the methods for the ejb are permit to "RegistredUsers" . you can see that it is created a realm NAMED "GalleriaRealm" into glassfish server HOW I CAN ADAPT TO TOMEE ??? tank you for your attention -- View this message in context: http://openejb.979440.n4.nabble.com/use-the-java-ee-glaaery-into-TOMEE-with-secuirity-tp4668156.html Sent from the OpenEJB User mailing list archive at Nabble.com.
