You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomee.apache.org by ereshgorantla <er...@gmail.com> on 2015/11/17 14:01:23 UTC

Setting Realm name for Tomee application

HI ,
I am trying to set custom realm name to my application . I went through
tomee documentation and realm-name is under login-config schema .

securityfilter-config has login-config as like this .
<securityfilter-config>
    <login-config>
        <realm-name>test for security</realm-name>
        <auth-method>FORM</auth-method>
        <form-login-config>
            <form-login-page>/index.jsp</form-login-page>
            <form-error-page>/errors/not_authenticated.jsp</form-error-page>
            <form-default-page>/index.jsp</form-default-page>
        </form-login-config>
     </login-config>
     <realm class="anything"/>
</securityfilter-config>

Now I tried to get the realm name in the application . I tried this way. I
passed realm name as "test for security" . Instead I got realm name as
Tomee-security which happens to be my sample application name.

private Realm findRealm(final String realmName) {
        final TomcatWebAppBuilder webAppBuilder =
SystemInstance.get().getComponent(TomcatWebAppBuilder.class);
        if (webAppBuilder != null) {
            final Realm r = webAppBuilder.getRealms().get('/' + realmName);
            if (r != null) {
                return r;
            }
        }
        return null;
}

Could you please help me how to find realm-name programmatically which is
configured and similarly a way to find default realm with in servlets of an
application.



--
View this message in context: http://tomee-openejb.979440.n4.nabble.com/Setting-Realm-name-for-Tomee-application-tp4676811.html
Sent from the TomEE Dev mailing list archive at Nabble.com.

Re: Setting Realm name for Tomee application

Posted by Romain Manni-Bucau <rm...@gmail.com>.

Hmm

Let step back

Realm#getName is the realm instance name. It is a name for tomcat. You get
https://github.com/apache/tomee/blob/master/tomee/tomee-catalina/src/main/java/org/apache/tomee/catalina/TomcatWebAppBuilder.java#L395

The realm name feom web.xml is the LoginConfig one
https://github.com/apache/tomcat/blob/3c8b971d9b6fe48149ea4c483436615a1920c47a/java/org/apache/tomcat/util/descriptor/web/LoginConfig.java#L128
Le 18 nov. 2015 04:53, "ereshgorantla" <er...@gmail.com> a écrit :

> Thanks Romain
> I tried to get realmName from StandardContext and got the realm name as
> /tomee which is not my project name . I am in an assumption that Tomee will
> create application's web context as its realm name . Correct me If I am
> wrong . If it is correct . I has to get realm name as /<my-project> not
> /tomee which is tomee manager app.
>
> Mean while I found a way to login to tomeewebapp so that ejb context will
> bind username at their context.
> For that I need to send Principal and Realm as null only runAs argument is
> passed to  Even though we pass realm and principal as null security service
> will create subject and adds the login user in to stack.
>
> TomcatSecurityService ss = (TomcatSecurityService)
> SystemInstance.get().getComponent(SecurityService.class);
>  //ss.enterWebApp(null, null, login); // realm and principal are sending as
> null as Realm is hard coded
>  ss.enterWebApp(realm, principal, login);
>
> My question is why I am getting realmName as /tomee instead of
> /<my-project>
> . Please reply to me .
> For your reference I had created a sample maven project which I will be
> using to implement security . If you have Time please go through .
>
> sample project code : security.zip
> <http://tomee-openejb.979440.n4.nabble.com/file/n4676835/security.zip>
>
> Thanks
>
>
>
>
> --
> View this message in context:
> http://tomee-openejb.979440.n4.nabble.com/Setting-Realm-name-for-Tomee-application-tp4676811p4676835.html
> Sent from the TomEE Dev mailing list archive at Nabble.com.
>

Re: Setting Realm name for Tomee application

Posted by ereshgorantla <er...@gmail.com>.

Thanks Romain
I tried to get realmName from StandardContext and got the realm name as
/tomee which is not my project name . I am in an assumption that Tomee will
create application's web context as its realm name . Correct me If I am
wrong . If it is correct . I has to get realm name as /<my-project> not
/tomee which is tomee manager app. 

Mean while I found a way to login to tomeewebapp so that ejb context will
bind username at their context. 
For that I need to send Principal and Realm as null only runAs argument is
passed to  Even though we pass realm and principal as null security service
will create subject and adds the login user in to stack.

TomcatSecurityService ss = (TomcatSecurityService)
SystemInstance.get().getComponent(SecurityService.class);
 //ss.enterWebApp(null, null, login); // realm and principal are sending as
null as Realm is hard coded 
 ss.enterWebApp(realm, principal, login);

My question is why I am getting realmName as /tomee instead of /<my-project>
. Please reply to me .
For your reference I had created a sample maven project which I will be
using to implement security . If you have Time please go through .

sample project code : security.zip
<http://tomee-openejb.979440.n4.nabble.com/file/n4676835/security.zip>  

Thanks




--
View this message in context: http://tomee-openejb.979440.n4.nabble.com/Setting-Realm-name-for-Tomee-application-tp4676811p4676835.html
Sent from the TomEE Dev mailing list archive at Nabble.com.

Re: Setting Realm name for Tomee application

Posted by Romain Manni-Bucau <rm...@gmail.com>.

This is a container information, what do you try to achieve globally? Seems
you use a lot of internals.

You should be able to read it from our info tree or tomcat model in
StandardContext - surely the easiest.
Le 17 nov. 2015 05:17, "ereshgorantla" <er...@gmail.com> a écrit :

> HI ,
> I am trying to set custom realm name to my application . I went through
> tomee documentation and realm-name is under login-config schema .
>
> securityfilter-config has login-config as like this .
> <securityfilter-config>
>     <login-config>
>         <realm-name>test for security</realm-name>
>         <auth-method>FORM</auth-method>
>         <form-login-config>
>             <form-login-page>/index.jsp</form-login-page>
>
> <form-error-page>/errors/not_authenticated.jsp</form-error-page>
>             <form-default-page>/index.jsp</form-default-page>
>         </form-login-config>
>      </login-config>
>      <realm class="anything"/>
> </securityfilter-config>
>
> Now I tried to get the realm name in the application . I tried this way. I
> passed realm name as "test for security" . Instead I got realm name as
> Tomee-security which happens to be my sample application name.
>
> private Realm findRealm(final String realmName) {
>         final TomcatWebAppBuilder webAppBuilder =
> SystemInstance.get().getComponent(TomcatWebAppBuilder.class);
>         if (webAppBuilder != null) {
>             final Realm r = webAppBuilder.getRealms().get('/' + realmName);
>             if (r != null) {
>                 return r;
>             }
>         }
>         return null;
> }
>
> Could you please help me how to find realm-name programmatically which is
> configured and similarly a way to find default realm with in servlets of an
> application.
>
>
>
> --
> View this message in context:
> http://tomee-openejb.979440.n4.nabble.com/Setting-Realm-name-for-Tomee-application-tp4676811.html
> Sent from the TomEE Dev mailing list archive at Nabble.com.
>