You are viewing a plain text version of this content. The canonical link for it is here.
Posted to slide-user@jakarta.apache.org by Bill Keese <bi...@tech.beacon-it.co.jp> on 2005/03/22 09:38:51 UTC
Custom authentication with WCK (WebDav Construction Kit) / JAASLoginModule
Is anyone using WCK with custom authentication? The wiki documentation
is a little weak about the configuration steps. Any help would be
appreciated!
As far as I can tell, these are the steps, but I'd love to get
confirmation from someone.
1. Create class (example: com.mycompany.myproduct.MyLoginManager) that
extends
org.apache.slide.simple.authentication.SessionAuthenticationManager
<http://jakarta.apache.org/slide/wck/javadoc/org/apache/slide/simple/authentication/SessionAuthenticationManager.html>
2. Create jaas.config file like this, in WEB-INF/conf directory.
slide_login {
org.apache.slide.simple.authentication.JAASLoginModule required
factoryClassName=com.mycompany.myproduct.MyLoginManager
slideRole=anonymous;
};
3. Specify jaas.config location as parameter to JVM
-Djava.security.auth.login.config=%CATALINA_HOME%/conf/jaas.config
4. Do I have to do something to disable Slide's default user checking? I
read that on the wiki or the Slide site but now I can't find it.
Maybe I edit slide.properties like this:
org.apache.slide.security=false
Or, do I comment out the <security-constraint> section in web.xml?
5. Edit web.xml to have code like this somewhere:
<Realm className="org.apache.catalina.realm.JAASRealm"
appName="slide_login"
userClassNames="org.apache.slide.jaas.spi.SlidePrincipal"
roleClassNames="org.apache.slide.jaas.spi.SlideRole"
debug="99"
useContextClassLoader="false"
/>
Bill
---------------------------------------------------------------------
To unsubscribe, e-mail: slide-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: slide-user-help@jakarta.apache.org
Re: Custom authentication with WCK (WebDav Construction Kit) / JAASLoginModule
Posted by C Kramer <cc...@gmail.com>.
look for <permission> tags
like this:
<objectnode classname="org.apache.slide.structure.SubjectNode" uri="/files">
<!-- to make clear to stores that rely on it
this is a collection -->
<revision>
<property
name="resourcetype"><![CDATA[<collection/>]]></property>
</revision>
<!-- <permission action="all" subject="all"
inheritable="true" />-->
<!-- <permission action="all"
subject="authenticated" inheritable="true"/>-->
<!-- <permission action="all"
subject="unauthenticated" inheritable="true"/>-->
<!-- <permission action="all" subject="/roles/user"
inheritable="true"/>-->
</objectnode>
You see, all permissions commented out. It only works this way if you
don't use Slide's access system and have your own, with JAAS too.
Bill Keese wrote:
> Thanks! But specifically how do I turn off security constraints in
> Domain.xml? Is it the <securitystore> tag? Or something else?
>
>
> C Kramer wrote:
>
>
>>You will also need to turn off Slide's secrity constraints in Domain.xml
>>Otherwise only user with login name "root" will have full rights, etc.
>>
>>Bill Keese wrote:
>>
>>
>>
>>>Is anyone using WCK with custom authentication? The wiki documentation
>>>is a little weak about the configuration steps. Any help would be
>>>appreciated!
>>>As far as I can tell, these are the steps, but I'd love to get
>>>confirmation from someone.
>>>
>>>1. Create class (example: com.mycompany.myproduct.MyLoginManager) that
>>>extends
>>>org.apache.slide.simple.authentication.SessionAuthenticationManager
>>><http://jakarta.apache.org/slide/wck/javadoc/org/apache/slide/simple/authentication/SessionAuthenticationManager.html>
>>>
>>>2. Create jaas.config file like this, in WEB-INF/conf directory.
>>>
>>>slide_login {
>>>org.apache.slide.simple.authentication.JAASLoginModule required
>>>factoryClassName=com.mycompany.myproduct.MyLoginManager
>>>slideRole=anonymous;
>>>};
>>>
>>>3. Specify jaas.config location as parameter to JVM
>>>-Djava.security.auth.login.config=%CATALINA_HOME%/conf/jaas.config
>>>
>>>4. Do I have to do something to disable Slide's default user checking? I
>>>read that on the wiki or the Slide site but now I can't find it.
>>>Maybe I edit slide.properties like this:
>>>org.apache.slide.security=false
>>>
>>>Or, do I comment out the <security-constraint> section in web.xml?
>>>
>>>5. Edit web.xml to have code like this somewhere:
>>>
>>> <Realm className="org.apache.catalina.realm.JAASRealm"
>>> appName="slide_login"
>>> userClassNames="org.apache.slide.jaas.spi.SlidePrincipal"
>>> roleClassNames="org.apache.slide.jaas.spi.SlideRole"
>>> debug="99"
>>> useContextClassLoader="false"
>>> />
>>>
>>>
>>>
>>>Bill
>>>
>>>
>>
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: slide-user-unsubscribe@jakarta.apache.org
>>For additional commands, e-mail: slide-user-help@jakarta.apache.org
>>
>>
>>
>>
>>
---------------------------------------------------------------------
To unsubscribe, e-mail: slide-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: slide-user-help@jakarta.apache.org
Re: Custom authentication with WCK (WebDav Construction Kit) / JAASLoginModule
Posted by Bill Keese <bi...@tech.beacon-it.co.jp>.
Thanks! But specifically how do I turn off security constraints in
Domain.xml? Is it the <securitystore> tag? Or something else?
C Kramer wrote:
>You will also need to turn off Slide's secrity constraints in Domain.xml
>Otherwise only user with login name "root" will have full rights, etc.
>
>Bill Keese wrote:
>
>
>> Is anyone using WCK with custom authentication? The wiki documentation
>>is a little weak about the configuration steps. Any help would be
>>appreciated!
>>As far as I can tell, these are the steps, but I'd love to get
>>confirmation from someone.
>>
>>1. Create class (example: com.mycompany.myproduct.MyLoginManager) that
>>extends
>>org.apache.slide.simple.authentication.SessionAuthenticationManager
>><http://jakarta.apache.org/slide/wck/javadoc/org/apache/slide/simple/authentication/SessionAuthenticationManager.html>
>>
>>2. Create jaas.config file like this, in WEB-INF/conf directory.
>>
>>slide_login {
>>org.apache.slide.simple.authentication.JAASLoginModule required
>>factoryClassName=com.mycompany.myproduct.MyLoginManager
>>slideRole=anonymous;
>>};
>>
>>3. Specify jaas.config location as parameter to JVM
>>-Djava.security.auth.login.config=%CATALINA_HOME%/conf/jaas.config
>>
>>4. Do I have to do something to disable Slide's default user checking? I
>>read that on the wiki or the Slide site but now I can't find it.
>>Maybe I edit slide.properties like this:
>>org.apache.slide.security=false
>>
>>Or, do I comment out the <security-constraint> section in web.xml?
>>
>>5. Edit web.xml to have code like this somewhere:
>>
>> <Realm className="org.apache.catalina.realm.JAASRealm"
>> appName="slide_login"
>> userClassNames="org.apache.slide.jaas.spi.SlidePrincipal"
>> roleClassNames="org.apache.slide.jaas.spi.SlideRole"
>> debug="99"
>> useContextClassLoader="false"
>> />
>>
>>
>>
>>Bill
>>
>>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: slide-user-unsubscribe@jakarta.apache.org
>For additional commands, e-mail: slide-user-help@jakarta.apache.org
>
>
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: slide-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: slide-user-help@jakarta.apache.org
Re: Custom authentication with WCK (WebDav Construction Kit) / JAASLoginModule
Posted by C Kramer <cc...@gmail.com>.
You will also need to turn off Slide's secrity constraints in Domain.xml
Otherwise only user with login name "root" will have full rights, etc.
Bill Keese wrote:
> Is anyone using WCK with custom authentication? The wiki documentation
> is a little weak about the configuration steps. Any help would be
> appreciated!
> As far as I can tell, these are the steps, but I'd love to get
> confirmation from someone.
>
> 1. Create class (example: com.mycompany.myproduct.MyLoginManager) that
> extends
> org.apache.slide.simple.authentication.SessionAuthenticationManager
> <http://jakarta.apache.org/slide/wck/javadoc/org/apache/slide/simple/authentication/SessionAuthenticationManager.html>
>
> 2. Create jaas.config file like this, in WEB-INF/conf directory.
>
> slide_login {
> org.apache.slide.simple.authentication.JAASLoginModule required
> factoryClassName=com.mycompany.myproduct.MyLoginManager
> slideRole=anonymous;
> };
>
> 3. Specify jaas.config location as parameter to JVM
> -Djava.security.auth.login.config=%CATALINA_HOME%/conf/jaas.config
>
> 4. Do I have to do something to disable Slide's default user checking? I
> read that on the wiki or the Slide site but now I can't find it.
> Maybe I edit slide.properties like this:
> org.apache.slide.security=false
>
> Or, do I comment out the <security-constraint> section in web.xml?
>
> 5. Edit web.xml to have code like this somewhere:
>
> <Realm className="org.apache.catalina.realm.JAASRealm"
> appName="slide_login"
> userClassNames="org.apache.slide.jaas.spi.SlidePrincipal"
> roleClassNames="org.apache.slide.jaas.spi.SlideRole"
> debug="99"
> useContextClassLoader="false"
> />
>
>
>
> Bill
---------------------------------------------------------------------
To unsubscribe, e-mail: slide-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: slide-user-help@jakarta.apache.org