You are viewing a plain text version of this content. The canonical link for it is here.
Posted to slide-user@jakarta.apache.org by Andy Depue <an...@marathon-man.com> on 2005/02/11 02:15:12 UTC
Configuring a principal store
OK, I've coded my own Principal store based on code from JNDIPrincipalStore
and am setting up a test configuration. I'm a little confused how to setup
domain.xml. First, my store will only handle /users and /roles. Everything
else will be handled by J2EEStore. So, do I setup two separate and distinct
<store> entries under <definition> (one for J2EE and one for my custom
principal store), or do I setup one <store> entry and use my custom class for
the <securitystore ...> element? Something like:
<securitystore classname="com...SpringDAOPrincipalStore">
...
</securitystore>
If I setup two entries, they might look something like:
<store name="j2ee">
<nodestore classname="org.apache.slide.store.impl.rdbms.J2EEStore">
...
</nodestore>
<securitystore>
<reference store="nodestore"/>
</securitystore>
...
</store>
<store name="principal">
<nodestore classname="com...SpringDAOPrincipalStore">
...
</nodestore>
<securitystore>
<reference store="nodestore"/>
</securitystore>
</store>
<scope match="/" store="j2ee"/>
<scope match="/users" store="principal"/>
<scope match="/roles" store="principal"/>
Is this even right? And if so, I'm a little confused what <securitystore> is
all about? If someone has a configuration similar working with
JNDIPrincipalStore, I'd love to see it. The Wiki was unhelpful concerning
how I should approach this. It has a section on multiple store
configurations, but doesn't address if one of the stores happens to handle
principal information. The <securitystore> element is what's throwing me off
here.
Thanks,
Andy
---------------------------------------------------------------------
To unsubscribe, e-mail: slide-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: slide-user-help@jakarta.apache.org
Re: Configuring a principal store
Posted by James Mason <ma...@apache.org>.
Your second example is correct. The securitystore is for controlling
access to the nodes from that store. So in this case it would hold
permissions for who is allowed to view information about your users (or
roles).
You can see an example config in CVS:
http://cvs.apache.org/viewcvs.cgi/jakarta-slide/src/conf/webapp/JNDI-Domain.xml?rev=1.3&view=markup
-James
On Thu, 2005-02-10 at 17:15 -0800, Andy Depue wrote:
> OK, I've coded my own Principal store based on code from JNDIPrincipalStore
> and am setting up a test configuration. I'm a little confused how to setup
> domain.xml. First, my store will only handle /users and /roles. Everything
> else will be handled by J2EEStore. So, do I setup two separate and distinct
> <store> entries under <definition> (one for J2EE and one for my custom
> principal store), or do I setup one <store> entry and use my custom class for
> the <securitystore ...> element? Something like:
>
> <securitystore classname="com...SpringDAOPrincipalStore">
> ...
> </securitystore>
>
> If I setup two entries, they might look something like:
>
> <store name="j2ee">
> <nodestore classname="org.apache.slide.store.impl.rdbms.J2EEStore">
> ...
> </nodestore>
> <securitystore>
> <reference store="nodestore"/>
> </securitystore>
> ...
> </store>
>
> <store name="principal">
> <nodestore classname="com...SpringDAOPrincipalStore">
> ...
> </nodestore>
> <securitystore>
> <reference store="nodestore"/>
> </securitystore>
> </store>
>
> <scope match="/" store="j2ee"/>
> <scope match="/users" store="principal"/>
> <scope match="/roles" store="principal"/>
>
> Is this even right? And if so, I'm a little confused what <securitystore> is
> all about? If someone has a configuration similar working with
> JNDIPrincipalStore, I'd love to see it. The Wiki was unhelpful concerning
> how I should approach this. It has a section on multiple store
> configurations, but doesn't address if one of the stores happens to handle
> principal information. The <securitystore> element is what's throwing me off
> here.
>
> Thanks,
> Andy
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: slide-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: slide-user-help@jakarta.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: slide-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: slide-user-help@jakarta.apache.org