[Geronimo Wiki] Update of "Security" by AaronMulder

[Apache Wiki <wi...@apache.org>]

Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Geronimo Wiki" for change notification.

The following page has been changed by AaronMulder:
http://wiki.apache.org/geronimo/Security

The comment on the change is:
Update to unified web deployment plan format

------------------------------------------------------------------------------
  
  The JMX remoting implementation looks for a configuration entry called "JMX".  You can either create a security realm with that name, or (more likely) add a {{{ServerRealmConfigurationEntry}}} mapping "JMX" to some security realm name.
  
- The Jetty web container should let you configure a security realm in {{{geronimo-jetty.xml}}} and then pop in a {{{JAASJettyRealm}}} that logs in using the automatic configuration entry named for that security realm.  The second half of that works, but there's no entry in {{{geronimo-jetty.xml}}} yet.  Anyway, after login, Jetty probably wants to look up the server-side Subject and use that (rather than the more limited client-side Subject, since Jetty would need the {{{RealmPrincipal}}}s).
+ The Jetty web container should let you configure a security realm in {{{geronimo-web.xml}}} and then pop in a {{{JAASJettyRealm}}} that logs in using the automatic configuration entry named for that security realm.  The second half of that works, but there's no entry in {{{geronimo-web.xml}}} yet.  Anyway, after login, Jetty probably wants to look up the server-side Subject and use that (rather than the more limited client-side Subject, since Jetty would need the {{{RealmPrincipal}}}s).
  
  Tomcat or any other web container would need to do something similar.