Hi Keith,
I understand that it is not a good practice to limit the use of Realm interface. So I replaces the constructor parameters to use Realm interface instead.
Idea of introducing a RegistryRealm is to limit some actions to maintain registry user store in desired state. If you are using a different realm, you have take care of limiting such actions on the user store.
Thanks for pointing this out. Chathura Keith Chapman wrote:
Hi Chathura, This restricts the user to use the DefaultRealm. We are planning on using a custom Realm (WSASRealm) which will be using the user databases in WSAS. Now how are we suppose to reap these benifits if the registry limits us to using the Default realm? Thanks, Keith. Chathura C. Ekanayake wrote:Hi, I refactored the registry constructors, so now the instantiation is much simpler. I also added a RegistryRealm class, which extends the user manager's DefaultRealm. It restricts some actions based on the parameters, so that the registry user store doesn't get inconsistent. For example, it blocks the deletion of predefined users like system, admin, anonymous and performs default actions like adding each user to the "EVERYONE" role upon creation. It also simplifies the initiation of realms. Below are the steps for creating registry instances for various scenarios. 1) In memory registry without security Registry registry = new InMemoryJDBCRegistry(); 2) In memory registry with security RegistryRealm registryRealm = new InMemoryRegistryRealm(); Registry registry = new InMemoryJDBCRegistry(registryRealm); SecureRegistry secureRegistry = new SecureRegistry("user", "password", registry, registryRealm); 3) Secure registry using a data source RegistryRealm registryRealm = new RegistryRealm(datasource); Registry registry = new JDBCRegistry(datasource, registryRealm); SecureRegistry secureRegistry = new SecureRegistry("user", "password", registry, registryRealm); 4) Secure registry using a database connection URL (In this case, the RegistryDataSource creates a Apache DBCP data source and handles connection pooling) RegistryDataSource datasource = new RegistryDataSource(dbURL, driverName, userName, password); RegistryRealm registryRealm = new RegistryRealm(datasource); Registry registry = new JDBCRegistry(datasource, registryRealm); SecureRegistry secureRegistry = new SecureRegistry("user", "password", registry, registryRealm); Note that we have to give the realm to the JDBC registry as well, as media type handlers may use it to set authorizations on automatically imported resources. Thanks, Chathura _______________________________________________ Mashup-dev mailing list [EMAIL PROTECTED] http://www.wso2.org/cgi-bin/mailman/listinfo/mashup-dev_______________________________________________ Registry-dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/registry-dev
_______________________________________________ Registry-dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/registry-dev
