|
David,
The
orionconsole application allows you to add and remove users, but it is VERY
buggy, and not supported by IronFlare:
java
-jar orionconsole.jar
Most
of us write a admin web module to administer user's.
Here
are the relavent API's:
1.
roleManager: This class can be instanced by using the following jndi
lookup:
RoleManager manager = (RoleManager)new
InitialContext().lookup("java:comp/RoleManager");
It has
things like addToRole, login, getPrincipal, and removePrincipal. This api is the
class you should use to interact with a second api, usermanager. Check out the
api here http://www.orionserver.com/docs/api/index.html.
2.
UserManager: There are three of these builtin,
- XMLUserManager. This one is used by the
container for the global application, and users, and role/group mapping is
stored in the principals.xml file of the orion/config directory. Since it is
usually the parent of all other usermanagers, the principals.xml file should be
included in each ear/META-INF directory with its own
usersecurity.
- DataSourceUserManager. This usermanager uses a database
to store user information, groups, etc.
- EJBUserManager. This usermanager uses an ejb to store
user information, groups, etc.
You
can write your own user manager to interface with LDAP or any other security
datastore. A good example is in http://www.orionsupport.com/articles/usermanager.html (or http://uk.orionsupport.com/articles/usermanager.html
mirror).
These
security api's are specific to Orion, since there is no specification for how
containers impement user security in j2ee.
If you
want to use user security, www.jollem.com
has a draft tutorial on user security which talks about the specifics of
configuring security for an application in orion.
regards,
the
elephantwalker
|
- HELP !!! SECURITY David Bonilla
- RE: HELP !!! SECURITY The elephantwalker
- RE: HELP !!! SECURITY Juan Lorandi (Chile)
