run-as handling is completely different in 2.0. Instead of
constructing a subject out of xml, the run-as subject comes from
logging into a login module just like any other subject. You have to
do several things:
-- set up a security realm so the desired subject can in fact be
created
Hello David,
To your last question: The SUN spec says
In addition to returning and setting the persistent state of the instance, the
property accessor methods
may contain other business logic as well, for example, to perform validation.
The persistence provider
runtime executes this logic
djencks wrote:
On Jul 16, 2007, at 11:10 AM, Viet Hung Nguyen wrote:
DevIn wrote:
Hi there,
I actually work on a EJB3 module which must access à Connection
Pool on a
Geronimo 2 server.
I've successfully created the data source (BigDB) in the geronimo
console
but my EJB
I have Apache 2.2.4 installation with mod_jk routing request to geronimo
application server. The setup works for G v1.1 and G v2.0 without any
changes, all I had to do was start the specific instance version and test
with the appriopriate URL. But doesn't work for G v1.2. This is surprising
to
Greetings:
I have an app with container managed security. There is a login form that
uses j_username and j_password to post to j_security_check. I would like to
perform some validation on the j_username and j_password to make sure the
data entered is valid before checking the credentials
The filter approach isn't going to work AFAIK because the security
constraints have to be evaluated/applied/etc before any user code
such as filters are run. In fact IIUC there is no j_security_check
servlet, that is handled directly by the web containers security
system.
Is there some
Thanks for your help djenks:
I got this idea / example from what must be some dated code on the IBM dev
site:
http://publib.boulder.ibm.com/infocenter/iseries/v5r3/index.jsp?topic=/rzatz/51/sec/secdform.htm
I think the additional JAAS login module in front of the Authentication
module
Hi All,
does anyone know, if it is possible to deploy an own ear which contains
a connector rar that uses JacORB instead of the ORB Implementation used
by Geronimo 1.1.1 itself.
I have the problem that the class loader loads the org.omg classes from
Hi,
I am trying to add a new dependency to a plugin (.car file) when
exporting it through the console. I added the dependency in the
dependency box on the console, but when I installed the modified
plugin it still loaded the old dependencies. I had the same problem
when I manually edited the
Beck, which version of geronimo are you using? Also can you
please paste your geronimo-plugin.xml and the ids of the old
dependencies that are incorrectly taking the place of the newer
dependencies you had intended? Any further diagnostic info you have
could help as well, such as the
We havent' tried this, and you probably won't be able to use the
corba ejb transport
I would start by moving to the almost released geronimo 1.2 or also
close to release 2.0 since they are set up to use a non-jdk orb,
namely yoko. I think it will be easier to switch which non-jdk orb
Thanks Paul. I think that the problem is occurring because the
config.serfile isn't up-to-date with the new dependencies..
I'm on geronimo tomcat-minimal from trunk (revision 556055), with the latest
from sandbox/portals. My geronimo-plugin looks like this (the bolded line is
the activemq-broker
I have tested it for 1.2 and it worked. Although I used a different version of
mod_jk it should still work for 1.2 if it did for 1.1 and 2.0
It seems like it can't get to port 8009. I you wouldn't be using localhost I
would say to check name resolution too, but that's not the case here.
Did
It's good to know that it works. So it probabl something I am doing wrong.
This is addition information that I have.
workers.properties:
worker.list=node1
worker.node1.type=ajp13
worker.node1.host=10.111.5.121
worker.node1.port=8009
Apache HTTP entry:
IfModule !mod_jk.c
LoadModule jk_module
On 7/18/07, becky smith [EMAIL PROTECTED] wrote:
Thanks Paul. I think that the problem is occurring because the config.ser
file isn't up-to-date with the new dependencies..
If so (and it sounds plausible) then you'll need to add the
dependencies to the plan you use to deploy the thing
I tried out the solution, but I'm still having problems in that the JSP is
not running under the desired run-as role. I cannot see in the
TomcatGeronimoRealm where this run-as role is being set, or if it is
accessing the credential store to get the run-as subject.
The actual configuration of the
Urrk, I'm trying to do too many things at once today :-(
Could you try putting the security realm in a separate configuration
and putting that in as a dependency for the ear? If we can see if
that eliminates the hiccup and whether that helps find the run-as
subject it would be very
On 7/18/07, becky smith [EMAIL PROTECTED] wrote:
Thanks Aaron. That works. I just hoped that there was an easier way..
It would be good if the dependencies you specified in the console
could overwrite the ones in config.ser, but right now I don't think we
have that ability. Mainly in the
I declared the security realm in a separate EAR, and then put a dependency
on that EAR from my real EAR, but it didn't solve the problem. In fact,
the realm lookup failed both the first time and the second time (instead of
succeeding the second time). Can an EAR access a Realm declared within
it should be able to, but maybe I'm missing something. The fake
ear started ok?
I was thinking you could just deploy a plain gbean plan with
dependencies on the jars that have the security classes, similar to
the built in server-security-config.
If you can get on IRC we might be able to
20 matches
Mail list logo