On 12 Sep, Scott M Stark wrote: > There is a service that does this in the testsuite. XMLLoginConfigs chain so > that multiple configs can be active.
Ah, that was a neat one, but one thing I do not get: say the mysql-service.xml is installed and uses this scheme to install a new "root" config with the old one as parent. Then postgres-service.xmlis installed with yet another Configuration, now with the mysql one as its parent. What happend if I uninstall mysql-service, will not the postgres config the be poped? I would really like to be able to remove a configuration by name. There must be something I don't understand here. Anyway, i think it would be nice with a service in the core (security/resource) which can ad and remove a named application-policy/security realm. Either my way ( by invoking addAppConfig on XMLLoginConfig), or your way - wich in many ways is better since it (at least not directly) do not need to know that it is using XMLLoginConfig. What do you say? //Peter > > > xxxxxxxxxxxxxxxxxxxxxxxx > Scott Stark > Chief Technology Officer > JBoss Group, LLC > xxxxxxxxxxxxxxxxxxxxxxxx > > ----- Original Message ----- > From: "Peter Antman" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Thursday, September 12, 2002 8:03 AM > Subject: [JBoss-dev] Dynamic configuration of XMLLoginConfig > > >> Hi, >> when converting some old adapters I had finally the chance to look at >> the new JAAS based autentication stuff for JCA adapters. Really neat. >> But one thing is somewhat iritating. It is not possible to configure a >> new adapter and hot deploy it. At least I could not figure out a >> standard way of doing it. Why? Because the new autentication scheme is >> dependand on the availability of a security realm in login-config.xml. >> To do this you have to restart the server. >> >> To solve this I wrote I little MBean to dynamically configure the >> XMLLoginConfig. Basically it let you set the real setting in the same >> *-service.xml file as you configure your adapter, ie: >> >> <mbean >> code="org.jboss.resource.connectionmanager.LocalTxConnectionManager" >name="jboss.jca:service=LocalTxCM,name=PostgresDS"> >> <depends> >> <mbean >> code="org.jboss.resource.security.LoginConfigurator" >name="jboss.jca:service=AuthenticationInfo,name=PostgresDS"> >> <depends >optional-attribute-name="LoginConfig">jboss.security:service=XMLLoginConfig</depends> >> <attribute name="AuthConfig"> >> <application-policy name = "PostgresDbRealm"> >> <authentication> >> <login-module code = >"org.jboss.resource.security.ConfiguredIdentityLoginModule" flag = "required"> >> <module-option name = "principal">yourprincipal</module-option> >> <module-option name = "userName">yourusername</module-option> >> <module-option name = "password">yourpassword</module-option> >> <module-option name = > >"managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=PostgresDS</module-option> >> </login-module> >> </authentication> >> </application-policy> >> </attribute> >> </mbean> >> </depends> >> bla,bla... >> >> I don't know if this goes agains some security restrictions (apart from >> it probably not working with a security manager installed and the >> correct right sto do this sort of stuff is not turned of). >> >> Basically I am wondering this: any interest in me checking this >> little utility class in (and perhaps refactor XMLLoginConfig so that the >> XML parsing code does not need to be in two places)? Any ideas about >> which is the best place? org.jboss.resource.security or >> org.jboss.security.auth.login or perhaps not at all, what do you say >> Scott? >> >> //Peter >> -- >> ------------------------------------------------------------ >> Peter Antman Chief Systems Architect, Business Development >> Technology in Media, Box 34105 100 26 Stockholm >> WWW: http://www.tim.se WWW: http://www.backsource.org >> Email: [EMAIL PROTECTED] >> Phone: +46-(0)8-506 381 11 Mobile: 070-675 3942 >> ------------------------------------------------------------ >> >> >> >> ------------------------------------------------------- >> This sf.net email is sponsored by:ThinkGeek >> Welcome to geek heaven. >> http://thinkgeek.com/sf >> _______________________________________________ >> Jboss-development mailing list >> [EMAIL PROTECTED] >> https://lists.sourceforge.net/lists/listinfo/jboss-development >> > > > > ------------------------------------------------------- > This sf.net email is sponsored by:ThinkGeek > Welcome to geek heaven. > http://thinkgeek.com/sf > _______________________________________________ > Jboss-development mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/jboss-development -- ------------------------------------------------------------ Peter Antman Technology in Media, Box 34105 100 26 Stockholm Systems Architect WWW: http://www.tim.se Email: [EMAIL PROTECTED] WWW: http://www.backsource.org Phone: +46-(0)8-506 381 11 Mobile: 070-675 3942 ------------------------------------------------------------ ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Jboss-development mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-development
