LDAP Security Realm Q

[Tod Thomas <tt...@chubb.com>]

I'm working with Geronimo for the first time from a fresh binary 
install.  I just defined a LDAP security realm, tested it, and it works.

Can I change the Geronimo server console to use my new LDAP Security 
Realm?  If so, how would I go about doing that?

Thanks.

Re: LDAP Security Realm Q

[David Jencks <da...@yahoo.com>]

On Feb 22, 2007, at 8:52 AM, Tod Thomas wrote:

> I'm working with Geronimo for the first time from a fresh binary  
> install.  I just defined a LDAP security realm, tested it, and it  
> works.
>
> Can I change the Geronimo server console to use my new LDAP  
> Security Realm?  If so, how would I go about doing that?

One way to do this without redeploying the admin console is to  
disable the properties realm currently used and name your new realm  
the same as the old one.


In trunk this realm is geronimo-admin.  So you'd modify the module  
entry in var/config/config.xml for j2ee-security something like this:

     <module name="org.apache.geronimo.configs/j2ee-security/$ 
{version}/car">
         <gbean name="geronimo-admin" load="false"/>
.... <!-- don't remove the rest of what's in here -->

and name your new ldap realm geronimo-admin

You may also be able to override the securityRealmName in config.xml  
directly.  I haven't tried this.  For jetty you'd modify the console  
entry to something like

     <module name="org.apache.geronimo.configs/webconsole-jetty6/$ 
{version}/car">
         <gbean name="framework.war">
             <attribute name="securityRealmName">ldap-realm</attribute>
         </gbean>
     </module>

Tomcat would be similar but I haven't checked that the attribute name  
is the same.

You can also redeploy the web console with a modified plan specifying  
your realm name, but I think either of the approaches above should  
work and be easier.

thanks
david jencks



>
> Thanks.