LowTypedRealm

[Piercarlo Alberto Beghetto - Diennea <pi...@diennea.com>]

Hi all,

i'm working on a java web application using EJBs and  I'm  looking at the container authentication for a secured access to the beans.

I found some discussions about an alternative implementation of TomEE Realm (org.apache.tomee.catalina.realm.LowTypedRealm) to customize the authentication process.

I suppose i need to implement a FORM authentication in the web application and  use SessionContext in EJBs to manage the authenticated Principal.

Since I can't find enough documentation for this personalization do you have any suggestion about the implementation of this Class?



Piercarlo Alberto Beghetto
Developer @ Diennea - MagNews
Tel.: (+39) 0546 667432 - Int. 967
Viale G.Marconi 30/14 - 48018 Faenza (RA)

[cid:image001.jpg@01CF3A11.BF348920]<http://www.magnews.it/it>
[cid:image010.jpg@01CF3A15.72D01F00]<http://www.linkedin.com/company/diennea---magnews>     [cid:image011.jpg@01CF3A15.72D01F00] <http://twitter.com/DienneaMagNews>      [cid:image012.jpg@01CF3A15.72D01F00] <http://www.facebook.com/pages/MagNews/197617841797>      [cid:image013.png@01CF3A15.72D01F00] <http://www.magnews.it/it/iscriviti-alla-newsletter>



________________________________
Rimani aggiornato sul mondo dell'email marketing e del digital marketing: visita il nostro blog! http://blog.magnews.it

Re: R: LowTypedRealm

[mauro2java2011 <ma...@gmail.com>]

http://www.byteslounge.com/subcategory/jaas

guardi questo link spero la possa aiutare.

Mauro








--
View this message in context: http://openejb.979440.n4.nabble.com/LowTypedRealm-tp4668134p4668142.html
Sent from the OpenEJB User mailing list archive at Nabble.com.

R: LowTypedRealm

[Piercarlo Alberto Beghetto - Diennea <pi...@diennea.com>]

What i try to achieve is use EJB's methods in the authentication process to avoid the raw SQL to get the user from my DB.

I'll try both options.




-----Messaggio originale-----
Da: José Luis Cetina [mailto:maxtorzito@gmail.com]
Inviato: venerdì 7 marzo 2014 15:32
A: users@tomee.apache.org
Oggetto: Re: LowTypedRealm

Hi Piercarlo, what i did and im using it, is a class that extends org.apache.catalina.realm.RealmBase class, then in my class i just overwrote some methods, i could pass my sql query to this class using the context.xml file, using something like this <Realm className="com.anypackage.TheNameOfMyClass"......., then my class return the authenticated user against a database checking their roles etc, i could retrive the principal with any issue in my ejb's.

Im not sure is what are you looking for.


2014-03-07 8:15 GMT-06:00 Romain Manni-Bucau <rm...@gmail.com>:

> Hi
>
> LowTypedRealm is a kind of hack to deploy the realm with the app. The
> normal way is to do a realm module you add in the container and
> configure in server.xml JAASRealm and configure your login module
> using the standard jaas system property.
>
> some info in this thread
> http://web.archiveorange.com/archive/v/mnKpLAD2LnoZfGUTlcx4
>
> *Romain Manni-Bucau*
> *Twitter: @rmannibucau <https://twitter.com/rmannibucau>*
> *Blog: **http://rmannibucau.wordpress.com/*<
> http://rmannibucau.wordpress.com/>
> *LinkedIn: **http://fr.linkedin.com/in/rmannibucau
> <http://fr.linkedin.com/in/rmannibucau>*
> *Github: https://github.com/rmannibucau
> <https://github.com/rmannibucau>*
>
>
>
> 2014-03-07 14:56 GMT+01:00 Piercarlo Alberto Beghetto - Diennea <
> piercarlo.beghetto@diennea.com>:
>
> >  Hi all,
> >
> >
> >
> > i'm working on a java web application using EJBs and  I'm  looking
> > at the container authentication for a secured access to the beans.
> >
> >
> >
> > I found some discussions about an alternative implementation of
> > TomEE Realm (org.apache.tomee.catalina.realm.LowTypedRealm) to
> > customize the authentication process.
> >
> >
> >
> > I suppose i need to implement a FORM authentication in the web
> application
> > and  use SessionContext in EJBs to manage the authenticated Principal.
> >
> > Since I can't find enough documentation for this personalization do
> > you
> have any suggestion about the implementation of this Class?
> >
> >
> >
> >
> >
> > *Piercarlo Alberto Beghetto*
> > Developer @ Diennea - MagNews
> > Tel.: (+39) 0546 667432 - Int. 967
> > Viale G.Marconi 30/14 - 48018 Faenza (RA)
> >
> > [image: Magnews.it] <http://www.magnews.it/it>
> >
> > [image: Linkedin]
> > <http://www.linkedin.com/company/diennea---magnews>
>   [image:
> > Twitter] <http://twitter.com/DienneaMagNews>     [image: Facebook]<
> http://www.facebook.com/pages/MagNews/197617841797>
> >      [image: Newsletter]<
> http://www.magnews.it/it/iscriviti-alla-newsletter>
> >
> >
> >
> > ------------------------------
> > Rimani aggiornato sul mondo dell'email marketing e del digital marketing:
> > visita il nostro blog! http://blog.magnews.it
> >
>



--
-------------------------------------------------------------------
*José Luis Cetina*
-------------------------------------------------------------------

Rimani aggiornato sul mondo dell’email marketing e del digital marketing: visita il nostro blog! http://blog.magnews.it

Re: LowTypedRealm

[José Luis Cetina <ma...@gmail.com>]

Hi Piercarlo, what i did and im using it, is a class that extends
org.apache.catalina.realm.RealmBase class, then in my class i just
overwrote some methods, i could pass my sql query to this class using the
context.xml file, using something like this <Realm
className="com.anypackage.TheNameOfMyClass"......., then my class return
the authenticated user against a database checking their roles etc, i could
retrive the principal with any issue in my ejb's.

Im not sure is what are you looking for.


2014-03-07 8:15 GMT-06:00 Romain Manni-Bucau <rm...@gmail.com>:

> Hi
>
> LowTypedRealm is a kind of hack to deploy the realm with the app. The
> normal way is to do a realm module you add in the container and configure
> in server.xml JAASRealm and configure your login module using the standard
> jaas system property.
>
> some info in this thread
> http://web.archiveorange.com/archive/v/mnKpLAD2LnoZfGUTlcx4
>
> *Romain Manni-Bucau*
> *Twitter: @rmannibucau <https://twitter.com/rmannibucau>*
> *Blog: **http://rmannibucau.wordpress.com/*<
> http://rmannibucau.wordpress.com/>
> *LinkedIn: **http://fr.linkedin.com/in/rmannibucau
> <http://fr.linkedin.com/in/rmannibucau>*
> *Github: https://github.com/rmannibucau <https://github.com/rmannibucau>*
>
>
>
> 2014-03-07 14:56 GMT+01:00 Piercarlo Alberto Beghetto - Diennea <
> piercarlo.beghetto@diennea.com>:
>
> >  Hi all,
> >
> >
> >
> > i'm working on a java web application using EJBs and  I'm  looking at the
> > container authentication for a secured access to the beans.
> >
> >
> >
> > I found some discussions about an alternative implementation of TomEE
> > Realm (org.apache.tomee.catalina.realm.LowTypedRealm) to customize the
> > authentication process.
> >
> >
> >
> > I suppose i need to implement a FORM authentication in the web
> application
> > and  use SessionContext in EJBs to manage the authenticated Principal.
> >
> > Since I can't find enough documentation for this personalization do you
> have any suggestion about the implementation of this Class?
> >
> >
> >
> >
> >
> > *Piercarlo Alberto Beghetto*
> > Developer @ Diennea - MagNews
> > Tel.: (+39) 0546 667432 - Int. 967
> > Viale G.Marconi 30/14 - 48018 Faenza (RA)
> >
> > [image: Magnews.it] <http://www.magnews.it/it>
> >
> > [image: Linkedin] <http://www.linkedin.com/company/diennea---magnews>
>   [image:
> > Twitter] <http://twitter.com/DienneaMagNews>     [image: Facebook]<
> http://www.facebook.com/pages/MagNews/197617841797>
> >      [image: Newsletter]<
> http://www.magnews.it/it/iscriviti-alla-newsletter>
> >
> >
> >
> > ------------------------------
> > Rimani aggiornato sul mondo dell'email marketing e del digital marketing:
> > visita il nostro blog! http://blog.magnews.it
> >
>



-- 
-------------------------------------------------------------------
*José Luis Cetina*
-------------------------------------------------------------------

Re: LowTypedRealm

[Romain Manni-Bucau <rm...@gmail.com>]

Hi

LowTypedRealm is a kind of hack to deploy the realm with the app. The
normal way is to do a realm module you add in the container and configure
in server.xml JAASRealm and configure your login module using the standard
jaas system property.

some info in this thread
http://web.archiveorange.com/archive/v/mnKpLAD2LnoZfGUTlcx4

*Romain Manni-Bucau*
*Twitter: @rmannibucau <https://twitter.com/rmannibucau>*
*Blog: **http://rmannibucau.wordpress.com/*<http://rmannibucau.wordpress.com/>
*LinkedIn: **http://fr.linkedin.com/in/rmannibucau
<http://fr.linkedin.com/in/rmannibucau>*
*Github: https://github.com/rmannibucau <https://github.com/rmannibucau>*



2014-03-07 14:56 GMT+01:00 Piercarlo Alberto Beghetto - Diennea <
piercarlo.beghetto@diennea.com>:

>  Hi all,
>
>
>
> i'm working on a java web application using EJBs and  I'm  looking at the
> container authentication for a secured access to the beans.
>
>
>
> I found some discussions about an alternative implementation of TomEE
> Realm (org.apache.tomee.catalina.realm.LowTypedRealm) to customize the
> authentication process.
>
>
>
> I suppose i need to implement a FORM authentication in the web application
> and  use SessionContext in EJBs to manage the authenticated Principal.
>
> Since I can't find enough documentation for this personalization do you have any suggestion about the implementation of this Class?
>
>
>
>
>
> *Piercarlo Alberto Beghetto*
> Developer @ Diennea - MagNews
> Tel.: (+39) 0546 667432 - Int. 967
> Viale G.Marconi 30/14 - 48018 Faenza (RA)
>
> [image: Magnews.it] <http://www.magnews.it/it>
>
> [image: Linkedin] <http://www.linkedin.com/company/diennea---magnews>     [image:
> Twitter] <http://twitter.com/DienneaMagNews>     [image: Facebook]<http://www.facebook.com/pages/MagNews/197617841797>
>      [image: Newsletter]<http://www.magnews.it/it/iscriviti-alla-newsletter>
>
>
>
> ------------------------------
> Rimani aggiornato sul mondo dell'email marketing e del digital marketing:
> visita il nostro blog! http://blog.magnews.it
>