You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@geronimo.apache.org by Java_James <ja...@rogers.com> on 2007/06/25 21:53:36 UTC
Struts 2/Geronimo Security Realm best practices
Hi all,
I'm new to the world of struts 2 and geronimo. I was wondering if there
were any best practices when it came to setting up your web application to
use Geronimo's security realm.
I'm hoping to be able to call the security realm through an action (or some
sort of wrapped object doing the authentication). There seems to be very
little documentation on using the two technologies together.
Any help would be appreciated.
Thanks.
--
View this message in context: http://www.nabble.com/Struts-2-Geronimo-Security-Realm-best-practices-tf3978596s134.html#a11294301
Sent from the Apache Geronimo - Users mailing list archive at Nabble.com.
Re: Struts 2/Geronimo Security Realm best practices
Posted by Vamsavardhana Reddy <c1...@gmail.com>.
In your application plan, declare a dependency on the realm configuration
(in this case console.realm/Testing/1,0/car). You should use the realm-name
(in this case, "Testing") as the name parameter for LoginContext
constructor.
Vamsi
On 6/27/07, Java_James <ja...@rogers.com> wrote:
>
>
> Thanks for the response.
>
> I'm trying to access the security realm programmatically through JAAS. I
> suppose I should also mention that I am using the latest release of
> Geronimo
> 2. There seems to be very little documentation for this release.
>
> I have created the following realm:
>
> <module xmlns="http://geronimo.apache.org/xml/ns/deployment-1.2">
> <environment>
> <moduleId>
> <groupId>console.realm</groupId>
> <artifactId>Testing</artifactId>
> <version>1.0</version>
> <type>car</type>
> </moduleId>
> <dependencies>
> <dependency>
> <groupId>org.apache.geronimo.configs</groupId>
> <artifactId>j2ee-security</artifactId>
> <type>car</type>
> </dependency>
> </dependencies>
> </environment>
> <gbean name="Testing"
> class="org.apache.geronimo.security.realm.GenericSecurityRealm"
> xsi:type="dep:gbeanType"
> xmlns:dep="http://geronimo.apache.org/xml/ns/deployment-1.2"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
> <attribute name="realmName">Testing</attribute>
> <reference name="ServerInfo">
> <name>ServerInfo</name>
> </reference>
> <reference name="LoginService">
> <name>JaasLoginService</name>
> </reference>
> <xml-reference name="LoginModuleConfiguration">
> <log:login-config
> xmlns:log="http://geronimo.apache.org/xml/ns/loginconfig-1.2">
> <log:login-module control-flag="REQUIRED"
> server-side="true"
> wrap-principals="false">
> <log:login-domain-name>Testing</log:login-domain-name>
>
> <log:login-module-class>
> org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule
> </log:login-module-class>
> <log:option
> name="usersURI">users.properties</log:option>
> <log:option
> name="groupsURI">groups.properties</log:option>
> </log:login-module>
> <log:login-module control-flag="OPTIONAL"
> server-side="true"
> wrap-principals="false">
>
> <log:login-domain-name>Testing-Audit</log:login-domain-name>
>
> <log:login-module-class>
> org.apache.geronimo.security.realm.providers.FileAuditLoginModule
> </log:login-module-class>
> <log:option name="file">login_audit.log</log:option>
> </log:login-module>
> </log:login-config>
> </xml-reference>
> </gbean>
> </module>
>
> When I set up a new LoginContext in my application, I am not sure what
> values to pass it in order to access this realm.
>
> any help would be greatly appreciated.
>
>
>
> Mark Aufdencamp wrote:
> >
> > A nice example of defining Realms and Roles exists in the sample
> > applications.
> >
> > http://cwiki.apache.org/GMOxDOC11/web-application-security-sample.html
> > I'm using Struts 1.2 with a MySQL Backed Security Realm. The real
> > trick involves setting up a login page with the proper form that submits
> > to j_security_check along with setting up the security realm and the
> roles
> > in web.xml/geronimo-web.xml. If you've cheked out the sample and
> > have more specific questions, post them and we'll give a shot at a right
> > answer.:)
> >
> > Mark Aufdencamp
> > Mark@Aufdencamp.com
> >
> > -------- Original Message -------- Subject: Struts 2/Geronimo Security
> > Realm best practices From: Java_James <james-junk@rogers.com>
> Date:
> > Mon, June 25, 2007 3:53 pm To: user@geronimo.apache.org Hi all,
> >
> > I'm new to the world of struts 2 and geronimo. I was wondering if there
> > were any best practices when it came to setting up your web
> > application to
> > use Geronimo's security realm.
> >
> > I'm hoping to be able to call the security realm through an action (or
> > some
> > sort of wrapped object doing the authentication). There seems to be
> very
> > little documentation on using the two technologies together.
> >
> > Any help would be appreciated.
> >
> > Thanks.
> > --
> > View this message in context:
> >
> http://www.nabble.com/Struts-2-Geronimo-Security-Realm-best-practices-tf3978596s134.html#a11294301
> > Sent from the Apache Geronimo - Users mailing list archive at Nabble.com
> .
> >
> >
> >
> >
>
> --
> View this message in context:
> http://www.nabble.com/Struts-2-Geronimo-Security-Realm-best-practices-tf3978596s134.html#a11329990
> Sent from the Apache Geronimo - Users mailing list archive at Nabble.com.
>
>
RE: Struts 2/Geronimo Security Realm best practices
Posted by Java_James <ja...@rogers.com>.
Thanks for the response.
I'm trying to access the security realm programmatically through JAAS. I
suppose I should also mention that I am using the latest release of Geronimo
2. There seems to be very little documentation for this release.
I have created the following realm:
<module xmlns="http://geronimo.apache.org/xml/ns/deployment-1.2">
<environment>
<moduleId>
<groupId>console.realm</groupId>
<artifactId>Testing</artifactId>
<version>1.0</version>
<type>car</type>
</moduleId>
<dependencies>
<dependency>
<groupId>org.apache.geronimo.configs</groupId>
<artifactId>j2ee-security</artifactId>
<type>car</type>
</dependency>
</dependencies>
</environment>
<gbean name="Testing"
class="org.apache.geronimo.security.realm.GenericSecurityRealm"
xsi:type="dep:gbeanType"
xmlns:dep="http://geronimo.apache.org/xml/ns/deployment-1.2"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<attribute name="realmName">Testing</attribute>
<reference name="ServerInfo">
<name>ServerInfo</name>
</reference>
<reference name="LoginService">
<name>JaasLoginService</name>
</reference>
<xml-reference name="LoginModuleConfiguration">
<log:login-config
xmlns:log="http://geronimo.apache.org/xml/ns/loginconfig-1.2">
<log:login-module control-flag="REQUIRED" server-side="true"
wrap-principals="false">
<log:login-domain-name>Testing</log:login-domain-name>
<log:login-module-class>org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule</log:login-module-class>
<log:option
name="usersURI">users.properties</log:option>
<log:option
name="groupsURI">groups.properties</log:option>
</log:login-module>
<log:login-module control-flag="OPTIONAL" server-side="true"
wrap-principals="false">
<log:login-domain-name>Testing-Audit</log:login-domain-name>
<log:login-module-class>org.apache.geronimo.security.realm.providers.FileAuditLoginModule</log:login-module-class>
<log:option name="file">login_audit.log</log:option>
</log:login-module>
</log:login-config>
</xml-reference>
</gbean>
</module>
When I set up a new LoginContext in my application, I am not sure what
values to pass it in order to access this realm.
any help would be greatly appreciated.
Mark Aufdencamp wrote:
>
> A nice example of defining Realms and Roles exists in the sample
> applications.
>
> http://cwiki.apache.org/GMOxDOC11/web-application-security-sample.html
> I'm using Struts 1.2 with a MySQL Backed Security Realm. The real
> trick involves setting up a login page with the proper form that submits
> to j_security_check along with setting up the security realm and the roles
> in web.xml/geronimo-web.xml. If you've cheked out the sample and
> have more specific questions, post them and we'll give a shot at a right
> answer.:)
>
> Mark Aufdencamp
> Mark@Aufdencamp.com
>
> -------- Original Message -------- Subject: Struts 2/Geronimo Security
> Realm best practices From: Java_James <james-junk@rogers.com> Date:
> Mon, June 25, 2007 3:53 pm To: user@geronimo.apache.org Hi all,
>
> I'm new to the world of struts 2 and geronimo. I was wondering if there
> were any best practices when it came to setting up your web
> application to
> use Geronimo's security realm.
>
> I'm hoping to be able to call the security realm through an action (or
> some
> sort of wrapped object doing the authentication). There seems to be very
> little documentation on using the two technologies together.
>
> Any help would be appreciated.
>
> Thanks.
> --
> View this message in context:
> http://www.nabble.com/Struts-2-Geronimo-Security-Realm-best-practices-tf3978596s134.html#a11294301
> Sent from the Apache Geronimo - Users mailing list archive at Nabble.com.
>
>
>
>
--
View this message in context: http://www.nabble.com/Struts-2-Geronimo-Security-Realm-best-practices-tf3978596s134.html#a11329990
Sent from the Apache Geronimo - Users mailing list archive at Nabble.com.