Re: How to use my own realm?

Thu, 06 Nov 2008 12:32:54 -0800 

Hey John,
Most users building webapps with JSecurity use the JSecurityFilter, which is easier than declaring the security manager yourself. Check out web.xml in the quickstart app included in the sample app for an example. 


If you are using Spring, you will want to declare the  
SpringJSecurityFilter.  Using this filter, if you want to use the  
default security manager, you can simply declare a Realm in spring and  
the filter will automatically use it.  If you want to configure the  
security manager manually, you can just drop the security manager in  
your Spring application context, and the SpringJSecurityFilter will  
automatically pick that up.



If you want to use the default JSecurityFilter without spring, you can  
specify a custom realm by adding a [main] section to your JSecurity  
config (either specified in web.xml or in jsecurity.ini) such as:

myRealm = com.mydomain.MyRealm


Hope this helps you get started.  Let me know if you run into any  
problems!


Jeremy

On Nov 4, 2008, at 5:13 PM, John Cladmore wrote:


Hi all,


I am new to JSec.  I was messing with Spring Security before  
deciding to try JS.  Here is where I am stuck.  I have created a  
simple web app using the jsp pages from the web sample in the JS  
distribution.  I have successfully configured JS to use either Basic  
Auth or Form Auth filters.  I read that to use my own realm, I could  
set my own realm in the default security manager (which is the only  
implemented security manager and which is created by default).  So i  
did something like this:


  MyRealm myRealm = new MyRealm();

  DefaultWebSecurityManager dsm = new  
DefaultWebSecurityManager(myRealm);

  SecurityUtils.setSecurityManager(dsm);


MyRealm implements Realm, I have also tired extending one of the  
other realms.  I have even tried creating a default security manager  
and setting the realm.



None of my efforts have been successful so far.   So what exactly am  
I doing wrong or missing?



I have been able to get the login page and my servlet to handle the  
login form to invoke.  In my servlet i tried to do all of this and  
login (this is just testing stuff).


Please help.

Thanks.

.v
























					Reply via email to