[
https://issues.apache.org/jira/browse/GERONIMO-4207?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12613459#action_12613459
]
Kevan Miller commented on GERONIMO-4207:
----------------------------------------
Committed module. Should add some doc to the Wiki.
In the meantime, adding something like the following to an existing
LoginModuleConfiguration is a usage example...
<log:login-module control-flag="REQUIRED"
wrap-principals="false">
<log:login-domain-name>Constant</log:login-domain-name>
<log:login-module-class>org.apache.geronimo.security.realm.providers.ConstantLoginModule</log:login-module-class>
<log:option name="principalName">authenticated</log:option>
<log:option name="groupNames">group1,group2</log:option>
</log:login-module>
> Provide a LoginModule which can be used to add user or group principals via
> configuration
> -----------------------------------------------------------------------------------------
>
> Key: GERONIMO-4207
> URL: https://issues.apache.org/jira/browse/GERONIMO-4207
> Project: Geronimo
> Issue Type: Improvement
> Security Level: public(Regular issues)
> Components: security
> Affects Versions: 2.1.2, 2.2
> Reporter: Kevan Miller
> Fix For: 2.1.2, 2.2
>
>
> In some cases, it would be helpful if user or group principals could be added
> to an authenticated Subject. For instance, you may want any authenticated
> LDAP user to have the capability to perform some action. However, LDAP may
> not have a group that can be used for this purpose. A configurable login
> module could be used to automatically add a user/group principals to the
> Subject.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
