You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@geronimo.apache.org by tb...@yahoo.com on 2005/10/12 23:41:35 UTC
Security app
I'm looking into building a simple application that
implements the security features of Geronimo that can
later be built upon.
The security aspect I'd like to focus on is limiting
access for certain users to a page, similar to HTTP
authentication.
This brings up a few questions:
- Where are the user names/passwords kept?
- Is there a URL someone could point me to that
documents any of the APIs above?
The purpose of the application is this: At the end of
the shopping cart process for a purchased electronic
item, such as an eBook, the application would give the
buyer access (by providing a user name/password) to
the directory where the file exists for download.
Without which, the user would not otherwise be able to
access the directory and download the product.
Any tips/pointers to any recommended API and/or
documentation would be greatly appreciated!
Thanks!
Tyler
__________________________________
Yahoo! Music Unlimited
Access over 1 million songs. Try it free.
http://music.yahoo.com/unlimited/
Re: Security app--demo app in source tree
Posted by tb...@yahoo.com.
Toby,
Thanks! Yeah it was my problem. I went through the
maven learning curve, as well as the learning where
the new server.jar was supposed to be curve :)
But I definitely know a lot more than I did about
Geronimo! Thanks again for that bugfix for me!!!
Tyler
--- toby cabot <to...@caboteria.org> wrote:
> On Thu, Oct 13, 2005 at 12:24:09PM -0700,
> tbot55@yahoo.com wrote:
> > ok, I'm looking at the demo app. I can find the
> user
> > name passwords, etc. So I've got it up and running
> on
> > localhost, but I always get the error page.
> >
> > I'm sure this is a simple error, or something I
> > haven't come across yet.
>
> I've been playing around with this and in order to
> get all of the
> gbeans to start I had to tweak one of the config
> files:
>
> http://issues.apache.org/jira/browse/GERONIMO-1061
>
> You'll know if this is the problem if you've got
> some gbeans that are
> stuck in the "starting" state and don't transition
> to "running". If
> this is your problem you can hack the file and then
> rebuild the
> modules/assembly directory.
>
__________________________________
Yahoo! Music Unlimited
Access over 1 million songs. Try it free.
http://music.yahoo.com/unlimited/
Re: Security app--demo app in source tree
Posted by toby cabot <to...@caboteria.org>.
On Thu, Oct 13, 2005 at 12:24:09PM -0700, tbot55@yahoo.com wrote:
> ok, I'm looking at the demo app. I can find the user
> name passwords, etc. So I've got it up and running on
> localhost, but I always get the error page.
>
> I'm sure this is a simple error, or something I
> haven't come across yet.
I've been playing around with this and in order to get all of the
gbeans to start I had to tweak one of the config files:
http://issues.apache.org/jira/browse/GERONIMO-1061
You'll know if this is the problem if you've got some gbeans that are
stuck in the "starting" state and don't transition to "running". If
this is your problem you can hack the file and then rebuild the
modules/assembly directory.
Re: Security app--demo app in source tree
Posted by tb...@yahoo.com.
ok, I'm looking at the demo app. I can find the user
name passwords, etc. So I've got it up and running on
localhost, but I always get the error page.
I'm sure this is a simple error, or something I
haven't come across yet.
Thanks,
Tyler
--- toby cabot <to...@caboteria.org> wrote:
> On Wed, Oct 12, 2005 at 02:41:35PM -0700,
> tbot55@yahoo.com wrote:
> > I'm looking into building a simple application
> that
> > implements the security features of Geronimo that
> can
> > later be built upon.
>
> You'll probably want to take a look at the demo
> application in the
> applications/demo directory of the geronimo source
> tree. It
> implements some of what you're looking for, although
> it isn't as
> dynamic as what you're proposing. It uses a couple
> of properties
> files (var/security/demo*.properties) to store the
> user and group
> data, and then sets up Geronimo's properties-based
> login manager to
> read those files. It will probably give you some
> useful pointers at
> least in terms of the configuration that you'll
> need.
>
__________________________________
Yahoo! Mail - PC Magazine Editors' Choice 2005
http://mail.yahoo.com
Re: Security app
Posted by toby cabot <to...@caboteria.org>.
On Wed, Oct 12, 2005 at 02:41:35PM -0700, tbot55@yahoo.com wrote:
> I'm looking into building a simple application that
> implements the security features of Geronimo that can
> later be built upon.
You'll probably want to take a look at the demo application in the
applications/demo directory of the geronimo source tree. It
implements some of what you're looking for, although it isn't as
dynamic as what you're proposing. It uses a couple of properties
files (var/security/demo*.properties) to store the user and group
data, and then sets up Geronimo's properties-based login manager to
read those files. It will probably give you some useful pointers at
least in terms of the configuration that you'll need.
Re: Security app
Posted by tb...@yahoo.com.
I get it. Thanks for the URL, I'll keep you posted if
I come up with issues.
Also, about the app, I will first focus as though they
have already paid.
Thanks!
Tyler
--- David Jencks <da...@yahoo.com> wrote:
> Some info to get you started is in this
> developerworks article:
>
>
http://www-128.ibm.com/developerworks/java/library/os-ag-security/
>
> index.html
>
> it is only slightly out of date :-) I think the
> problems mentioned in
> it have been fixed in M5.
>
> I may not understand your application well enough,
> but I think you will
> need to go beyond declarative j2ee security and
> implement some logic to
> determine whether the user can download a file: you
> don't normally
> change permissions dynamically for a user depending
> on whether they
> have paid or not.
>
> Hope this helps,
> david jencks
>
> On Oct 12, 2005, at 2:41 PM, <tb...@yahoo.com>
> wrote:
>
> > I'm looking into building a simple application
> that
> > implements the security features of Geronimo that
> can
> > later be built upon.
> >
> > The security aspect I'd like to focus on is
> limiting
> > access for certain users to a page, similar to
> HTTP
> > authentication.
> >
> > This brings up a few questions:
> > - Where are the user names/passwords kept?
> > - Is there a URL someone could point me to that
> > documents any of the APIs above?
> >
> > The purpose of the application is this: At the end
> of
> > the shopping cart process for a purchased
> electronic
> > item, such as an eBook, the application would give
> the
> > buyer access (by providing a user name/password)
> to
> > the directory where the file exists for download.
> > Without which, the user would not otherwise be
> able to
> > access the directory and download the product.
> >
> > Any tips/pointers to any recommended API and/or
> > documentation would be greatly appreciated!
> >
> > Thanks!
> > Tyler
> >
> >
> >
> > __________________________________
> > Yahoo! Music Unlimited
> > Access over 1 million songs. Try it free.
> > http://music.yahoo.com/unlimited/
> >
>
>
__________________________________
Start your day with Yahoo! - Make it your home page!
http://www.yahoo.com/r/hs
Re: Security app
Posted by David Jencks <da...@yahoo.com>.
Some info to get you started is in this developerworks article:
http://www-128.ibm.com/developerworks/java/library/os-ag-security/
index.html
it is only slightly out of date :-) I think the problems mentioned in
it have been fixed in M5.
I may not understand your application well enough, but I think you will
need to go beyond declarative j2ee security and implement some logic to
determine whether the user can download a file: you don't normally
change permissions dynamically for a user depending on whether they
have paid or not.
Hope this helps,
david jencks
On Oct 12, 2005, at 2:41 PM, <tb...@yahoo.com> wrote:
> I'm looking into building a simple application that
> implements the security features of Geronimo that can
> later be built upon.
>
> The security aspect I'd like to focus on is limiting
> access for certain users to a page, similar to HTTP
> authentication.
>
> This brings up a few questions:
> - Where are the user names/passwords kept?
> - Is there a URL someone could point me to that
> documents any of the APIs above?
>
> The purpose of the application is this: At the end of
> the shopping cart process for a purchased electronic
> item, such as an eBook, the application would give the
> buyer access (by providing a user name/password) to
> the directory where the file exists for download.
> Without which, the user would not otherwise be able to
> access the directory and download the product.
>
> Any tips/pointers to any recommended API and/or
> documentation would be greatly appreciated!
>
> Thanks!
> Tyler
>
>
>
> __________________________________
> Yahoo! Music Unlimited
> Access over 1 million songs. Try it free.
> http://music.yahoo.com/unlimited/
>