You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by Apache Wiki <wi...@apache.org> on 2005/07/04 05:02:58 UTC
[Geronimo Wiki] Update of "Security" by AaronMulder
Dear Wiki user,
You have subscribed to a wiki page or wiki category on "Geronimo Wiki" for change notification.
The following page has been changed by AaronMulder:
http://wiki.apache.org/geronimo/Security
The comment on the change is:
Update to unified web deployment plan format
------------------------------------------------------------------------------
The JMX remoting implementation looks for a configuration entry called "JMX". You can either create a security realm with that name, or (more likely) add a {{{ServerRealmConfigurationEntry}}} mapping "JMX" to some security realm name.
- The Jetty web container should let you configure a security realm in {{{geronimo-jetty.xml}}} and then pop in a {{{JAASJettyRealm}}} that logs in using the automatic configuration entry named for that security realm. The second half of that works, but there's no entry in {{{geronimo-jetty.xml}}} yet. Anyway, after login, Jetty probably wants to look up the server-side Subject and use that (rather than the more limited client-side Subject, since Jetty would need the {{{RealmPrincipal}}}s).
+ The Jetty web container should let you configure a security realm in {{{geronimo-web.xml}}} and then pop in a {{{JAASJettyRealm}}} that logs in using the automatic configuration entry named for that security realm. The second half of that works, but there's no entry in {{{geronimo-web.xml}}} yet. Anyway, after login, Jetty probably wants to look up the server-side Subject and use that (rather than the more limited client-side Subject, since Jetty would need the {{{RealmPrincipal}}}s).
Tomcat or any other web container would need to do something similar.