You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@geronimo.apache.org by Cristian Roldan <ro...@yahoo.com.ar> on 2006/01/20 21:52:45 UTC
Security configuration
Hi All,
Is there any way to setup "all-authenticated" for the role content-administrator ?
I was looking at the security schema and didn't see any attribute or tag for all-authenticated.
Thanks.
<?xml version="1.0" encoding="UTF-8"?>
<web-app configId="geronimo/ldap-demo-tomcat/1.0-SNAPSHOT/car" parentId="geronimo/ldap-realm/1.0-SNAPSHOT/car" xmlns="http://geronimo.apache.org/xml/ns/j2ee/web/tomcat-1.0" xmlns:sec="http://geronimo.apache.org/xml/ns/security">
<context-root>/ldap-demo</context-root>
<context-priority-classloader>false</context-priority-classloader>
<security-realm-name>ldap-realm</security-realm-name>
<security>
<default-principal realm-name="ldap-realm">
<principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="system"/>
</default-principal>
<role-mappings>
<role role-name="content-administrator">
<realm realm-name="ldap-realm">
<principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="admin" designated-run-as="true"/>
<principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="system"/>
</realm>
</role>
<role role-name="guest">
<realm realm-name="ldap-realm">
<principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="guest" designated-run-as="true"/>
<principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="user1"/>
<principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="user2"/>
</realm>
</role>
</role-mappings>
</security>
</web-app>
---------------------------------
1GB gratis, Antivirus y Antispam
Correo Yahoo!, el mejor correo web del mundo
Abrí tu cuenta aquí
Re: Security configuration
Posted by Cristian Roldan <ro...@yahoo.com.ar>.
Hi Aaron,
I know that this feature could be a little chancy, but in some little companies may be necesary this feature also I have seen this feature in development environments.
Another question ... How can emulate this feature with the current security schema ?
Thanks.
Aaron Mulder <am...@alumni.princeton.edu> escribió:
You mean, do we have a setting so that anyone who successfully logs in
counts as a member of that role? We don't have that right now. It
would be a little chancy because we allow you to configure multiple
security realms in the server, so you'd have to be careful... But I
can see that it would be a nice convenience.
Aaron
On 1/20/06, Cristian Roldan wrote:
>
> Hi All,
> Is there any way to setup "all-authenticated" for the role
> content-administrator ?
> I was looking at the security schema and didn't see any attribute or tag for
> all-authenticated.
>
> Thanks.
>
>
> > configId="geronimo/ldap-demo-tomcat/1.0-SNAPSHOT/car"
> parentId="geronimo/ldap-realm/1.0-SNAPSHOT/car"
> xmlns="http://geronimo.apache.org/xml/ns/j2ee/web/tomcat-1.0"
> xmlns:sec="http://geronimo.apache.org/xml/ns/security">
> /ldap-demo
>
> false
> ldap-realm
>
>
>
> class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"
> name="system"/>
>
>
>
>
>
> class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal"
> name="admin" designated-run-as="true"/>
>
> class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"
> name="system"/>
>
>
>
>
>
> class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal"
> name="guest" designated-run-as="true"/>
>
> class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"
> name="user1"/>
>
> class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"
> name="user2"/>
>
>
>
>
>
>
> ________________________________
> 1GB gratis, Antivirus y Antispam
> Correo Yahoo!, el mejor correo web del mundo
> Abrí tu cuenta aquí
>
>
---------------------------------
1GB gratis, Antivirus y Antispam
Correo Yahoo!, el mejor correo web del mundo
Abrí tu cuenta aquí
Re: Security configuration
Posted by Aaron Mulder <am...@alumni.princeton.edu>.
You mean, do we have a setting so that anyone who successfully logs in
counts as a member of that role? We don't have that right now. It
would be a little chancy because we allow you to configure multiple
security realms in the server, so you'd have to be careful... But I
can see that it would be a nice convenience.
Aaron
On 1/20/06, Cristian Roldan <ro...@yahoo.com.ar> wrote:
>
> Hi All,
> Is there any way to setup "all-authenticated" for the role
> content-administrator ?
> I was looking at the security schema and didn't see any attribute or tag for
> all-authenticated.
>
> Thanks.
>
> <?xml version="1.0" encoding="UTF-8"?>
> <web-app
> configId="geronimo/ldap-demo-tomcat/1.0-SNAPSHOT/car"
> parentId="geronimo/ldap-realm/1.0-SNAPSHOT/car"
> xmlns="http://geronimo.apache.org/xml/ns/j2ee/web/tomcat-1.0"
> xmlns:sec="http://geronimo.apache.org/xml/ns/security">
> <context-root>/ldap-demo</context-root>
>
> <context-priority-classloader>false</context-priority-classloader>
> <security-realm-name>ldap-realm</security-realm-name>
> <security>
> <default-principal realm-name="ldap-realm">
> <principal
> class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"
> name="system"/>
> </default-principal>
> <role-mappings>
> <role role-name="content-administrator">
> <realm realm-name="ldap-realm">
> <principal
> class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal"
> name="admin" designated-run-as="true"/>
> <principal
> class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"
> name="system"/>
> </realm>
> </role>
> <role role-name="guest">
> <realm realm-name="ldap-realm">
> <principal
> class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal"
> name="guest" designated-run-as="true"/>
> <principal
> class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"
> name="user1"/>
> <principal
> class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"
> name="user2"/>
> </realm>
> </role>
> </role-mappings>
> </security>
> </web-app>
>
> ________________________________
> 1GB gratis, Antivirus y Antispam
> Correo Yahoo!, el mejor correo web del mundo
> Abrí tu cuenta aquí
>
>