You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-user@portals.apache.org by Mike Perham <Mi...@webifysolutions.com> on 2005/10/20 16:28:20 UTC
Jetspeed 2 on Geronimo
Has anyone integrated Jetspeed 2 with Geronimo? I'm specifically
interested in the security integration. For Geronimo SSO my
understanding is that the following steps are required:
1) Build a JAAS LoginModule which can talk with my custom user/role
store and link it into Geronimo as documented here
(http://wiki.apache.org/geronimo/Security)
2) Create a geronimo-web.xml within the J2 and portlet WARs to have it
use my realm
Will that effectively give me SSO across all my portlet wars? How does
J2's security and SSO code fit into the picture?
mike
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-user-help@portals.apache.org
Re: Jetspeed 2 on Geronimo
Posted by David Sean Taylor <da...@bluesunrise.com>.
David Jencks wrote:
>
> On Oct 20, 2005, at 7:28 AM, Mike Perham wrote:
>
>> Has anyone integrated Jetspeed 2 with Geronimo?
>
>
> If they have, the geronimo team would really like to hear about it.
> I've been hoping to find some time to work on this.... but not yet
> unfortunately.
>
me too. From our talk at the conference, we know what needs to be done.
Just a matter of scheduling it in.
I'm in the process of creating a list of tasks for the final release.
I will be send it to the jetspeed-dev list.
There will be a task 'Geronimo integration'
Should I pencil your name in...
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-user-help@portals.apache.org
Re: Jetspeed 2 on Geronimo
Posted by David Sean Taylor <da...@bluesunrise.com>.
Marky Goldstein wrote:
> I agree:
>
> Geronimo + Jetspeed is the Apache Operating System.
>
> Greets,
> Marky
I like the sound of that. Apache needs to get you in the marketing
department! (if they had one)
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-user-help@portals.apache.org
Re: Jetspeed 2 on Geronimo
Posted by Marky Goldstein <re...@rosa.com>.
I agree:
Geronimo + Jetspeed is the Apache Operating System.
Greets,
Marky
ยจ
David Jencks wrote:
>
> On Oct 20, 2005, at 7:28 AM, Mike Perham wrote:
>
>> Has anyone integrated Jetspeed 2 with Geronimo?
>
>
> If they have, the geronimo team would really like to hear about it.
> I've been hoping to find some time to work on this.... but not yet
> unfortunately.
>
>> I'm specifically
>> interested in the security integration. For Geronimo SSO my
>> understanding is that the following steps are required:
>>
>> 1) Build a JAAS LoginModule which can talk with my custom user/role
>> store and link it into Geronimo as documented here
>> (http://wiki.apache.org/geronimo/Security)
>
>
> That documentation is out of date, and I seem to have lost my ability
> to log on and update it. Here's an example of a realm using 2 login
> modules:
>
> <gbean name="client-properties-realm"
> class="org.apache.geronimo.security.realm.GenericSecurityRealm">
> <attribute name="realmName">client-properties-realm</attribute>
> <xml-reference name="LoginModuleConfiguration">
> <lc:login-config
> xmlns:lc="http://geronimo.apache.org/xml/ns/loginconfig">
> <lc:login-module control-flag="REQUIRED"
> server-side="true">
>
> <lc:login-domain-name>client-properties-realm</lc:login-domain-name>
> <lc:login-module-
> class>org.apache.geronimo.security.realm.providers.PropertiesFileLoginMo
> dule</lc:login-module-class>
> <lc:option
> name="usersURI">var/security/users.properties</lc:option>
> <lc:option
> name="groupsURI">var/security/groups.properties</lc:option>
> </lc:login-module>
> <lc:login-module control-flag="REQUIRED"
> server-side="true">
> <lc:login-domain-name>default</lc:login-domain-name>
> <lc:login-module-
> class>org.apache.geronimo.security.jaas.NamedUPCredentialLoginModule</
> lc:login-module-class>
> <lc:option
> name="org.apache.geronimo.jaas.NamedUPCredentialLoginModule.Name">defaul
> t</lc:option>
> </lc:login-module>
> </lc:login-config>
> </xml-reference>
> <reference name="ServerInfo">
> <module>org/apache/geronimo/System</module>
> <name>ServerInfo</name>
> </reference>
> <reference name="LoginService">
> <name>JaasLoginService</name>
> </reference>
> </gbean>
>
>
> At the moment there is a serious classloader problem with loading
> login modules and your best bet is to include you realm in the
> j2ee-security plan and rebuild that configuration.
>
> 2) Create a geronimo-web.xml within the J2 and portlet WARs to have it
>
>> use my realm
>
> I recommend keeping the plans separate from the wars, but you can
> include them if you wish.
>
> Which database are you using? We (geronimo) would be very interested
> in using derby.
>
> Please keep us up to date on your progress on dev@geronimo.apache.org
>
> thanks
> david jencks
>
>
>
>>
>> Will that effectively give me SSO across all my portlet wars? How does
>> J2's security and SSO code fit into the picture?
>>
>> mike
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
>> For additional commands, e-mail: jetspeed-user-help@portals.apache.org
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
> For additional commands, e-mail: jetspeed-user-help@portals.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-user-help@portals.apache.org
Re: Jetspeed 2 on Geronimo
Posted by David Jencks <da...@yahoo.com>.
On Oct 20, 2005, at 7:28 AM, Mike Perham wrote:
> Has anyone integrated Jetspeed 2 with Geronimo?
If they have, the geronimo team would really like to hear about it.
I've been hoping to find some time to work on this.... but not yet
unfortunately.
> I'm specifically
> interested in the security integration. For Geronimo SSO my
> understanding is that the following steps are required:
>
> 1) Build a JAAS LoginModule which can talk with my custom user/role
> store and link it into Geronimo as documented here
> (http://wiki.apache.org/geronimo/Security)
That documentation is out of date, and I seem to have lost my ability
to log on and update it. Here's an example of a realm using 2 login
modules:
<gbean name="client-properties-realm"
class="org.apache.geronimo.security.realm.GenericSecurityRealm">
<attribute name="realmName">client-properties-realm</attribute>
<xml-reference name="LoginModuleConfiguration">
<lc:login-config
xmlns:lc="http://geronimo.apache.org/xml/ns/loginconfig">
<lc:login-module control-flag="REQUIRED"
server-side="true">
<lc:login-domain-name>client-properties-realm</lc:login-domain-name>
<lc:login-module-
class>org.apache.geronimo.security.realm.providers.PropertiesFileLoginMo
dule</lc:login-module-class>
<lc:option
name="usersURI">var/security/users.properties</lc:option>
<lc:option
name="groupsURI">var/security/groups.properties</lc:option>
</lc:login-module>
<lc:login-module control-flag="REQUIRED"
server-side="true">
<lc:login-domain-name>default</lc:login-domain-name>
<lc:login-module-
class>org.apache.geronimo.security.jaas.NamedUPCredentialLoginModule</
lc:login-module-class>
<lc:option
name="org.apache.geronimo.jaas.NamedUPCredentialLoginModule.Name">defaul
t</lc:option>
</lc:login-module>
</lc:login-config>
</xml-reference>
<reference name="ServerInfo">
<module>org/apache/geronimo/System</module>
<name>ServerInfo</name>
</reference>
<reference name="LoginService">
<name>JaasLoginService</name>
</reference>
</gbean>
At the moment there is a serious classloader problem with loading login
modules and your best bet is to include you realm in the j2ee-security
plan and rebuild that configuration.
2) Create a geronimo-web.xml within the J2 and portlet WARs to have it
> use my realm
I recommend keeping the plans separate from the wars, but you can
include them if you wish.
Which database are you using? We (geronimo) would be very interested
in using derby.
Please keep us up to date on your progress on dev@geronimo.apache.org
thanks
david jencks
>
> Will that effectively give me SSO across all my portlet wars? How does
> J2's security and SSO code fit into the picture?
>
> mike
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
> For additional commands, e-mail: jetspeed-user-help@portals.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-user-help@portals.apache.org