You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@geronimo.apache.org by Ivan <xh...@gmail.com> on 2008/10/27 02:55:55 UTC
JAAS Configuration
Hi:
While configuring the JAAS Login in the Geronimo, I just found that we
use GeronimoLoginConfiguration to replace the JVM's ConfigurationFile, shall
we give an opportunity to let the user to get the config from JVM's
Configuration.
For example, we could first to check from Gronimo's setting, if null is
returned, we could invoke oldConguration.getAppConfigurationEntry(name).
Or do we have a reason that we should not retrieve the configuration
from JVM's Setting ? Thanks !
--
Ivan
Re: JAAS Configuration
Posted by Ivan <xh...@gmail.com>.
Thanks for the history story, I opened a JIRA
*GERONIMO-4379<https://issues.apache.org/jira/browse/GERONIMO-4379>for
it, and I will post a patch soon.
*
2008/10/27 David Jencks <da...@yahoo.com>
>
> On Oct 26, 2008, at 6:55 PM, Ivan wrote:
>
> Hi:
>> While configuring the JAAS Login in the Geronimo, I just found that we
>> use GeronimoLoginConfiguration to replace the JVM's ConfigurationFile, shall
>> we give an opportunity to let the user to get the config from JVM's
>> Configuration.
>> For example, we could first to check from Gronimo's setting, if null is
>> returned, we could invoke oldConguration.getAppConfigurationEntry(name).
>> Or do we have a reason that we should not retrieve the configuration
>> from JVM's Setting ? Thanks !
>>
>
> We used to have a lot of reasons not to consider the jvm's Configuration,
> but since we stopped trying to do combined local-remote login configurations
> there are no strong reasons I can think of right now that would prevent the
> default Configuration from working for non-geronimo login modules. Most of
> our login modules use special configuration options that won't work with
> the default Configuration.
>
> I'm not likely to try to implement this myself soon but if you wanted to
> look into modfifying the GeronimoLoginConfiguration to delegate to the
> default Configuration if the realm name is not known I'd certainly look at
> the patch and if I don't see anything that interferes seriously with our
> current setup apply it.
>
> I'd prefer that we try our configuration first, then the default
> configuration since ours doesn't involve reading any files.
>
> Alternatively if you don't need any geronimo login modules you could
> probably turn off the GeronimoLoginConfiguration gbean at which point the
> default would start working.
>
> thanks
> david jencks
>
>
>
>>
>> --
>> Ivan
>>
>
>
--
Ivan
Re: JAAS Configuration
Posted by David Jencks <da...@yahoo.com>.
On Oct 26, 2008, at 6:55 PM, Ivan wrote:
> Hi:
> While configuring the JAAS Login in the Geronimo, I just found
> that we use GeronimoLoginConfiguration to replace the JVM's
> ConfigurationFile, shall we give an opportunity to let the user to
> get the config from JVM's Configuration.
> For example, we could first to check from Gronimo's setting, if
> null is returned, we could invoke
> oldConguration.getAppConfigurationEntry(name).
> Or do we have a reason that we should not retrieve the
> configuration from JVM's Setting ? Thanks !
We used to have a lot of reasons not to consider the jvm's
Configuration, but since we stopped trying to do combined local-remote
login configurations there are no strong reasons I can think of right
now that would prevent the default Configuration from working for non-
geronimo login modules. Most of our login modules use special
configuration options that won't work with the default Configuration.
I'm not likely to try to implement this myself soon but if you wanted
to look into modfifying the GeronimoLoginConfiguration to delegate to
the default Configuration if the realm name is not known I'd certainly
look at the patch and if I don't see anything that interferes
seriously with our current setup apply it.
I'd prefer that we try our configuration first, then the default
configuration since ours doesn't involve reading any files.
Alternatively if you don't need any geronimo login modules you could
probably turn off the GeronimoLoginConfiguration gbean at which point
the default would start working.
thanks
david jencks
>
>
> --
> Ivan