Chatura, I think you will be surprised at how much JDBCRegistry leans on UserManager and in particular the readwrite JDBC store - I tried switching to Acegi and the code breaks because of the need for an authorizer as well as an authenticator - I will detail more in the JIRA.
I am working through ORMRegistry now with a test suite - hopefully have something for comment later on today. Norman On Jan 8, 2008 10:07 AM, Chathura C. Ekanayake <[EMAIL PROTECTED]> wrote: > > Hi Norman, > > We are using WSO2 User Manager > (http://wso2.org/projects/commons/user-manager) library for user > authentication and authorization in the Registry. > It provides an API (org.wso2.usermanager.Realm) to manage users and > permissions. So it is possible to switch the Registry persistence > implementation to ORM and still use the user manager API to handle users > and permissions. You can create an instance of the ORMRegistry and > construct a SecureRegistry instance by passing the ORMRegistry instance > to the constructor. Then the SecureRegistry will handle all > authentication and authorization work and delegate valid requests to the > ORMRegistry. > > Take a look at the "public void init(ServletConfig config)" method > org.wso2.registry.servlet.RegistryServlet class for Registry > instantiation steps. > org.wso2.registry.secure.SecureRegistry is the secure registry > implementation which wraps around persistence registry impl to provide > authentication and authorization. > > I will be able to comment more on this if you can attach your code as a > patch file in Registry JIRA (https://wso2.org/jira/browse/REGISTRY). > > Thanks, > Chathura > > > Norman Barker wrote: > > Hi, > > > > I don't normally follow up to my own thread but I immediately ran into > > a problem with the UserManager. I think I have worked round this now > > by keeping JDBC for user authentication but there seems to be a > > dependency on JDBC for the user manager access. I tried to use acegi > > for spring and the authenticator class but it requires an authorizer > > and in particular methods such as getAllRoles which I don't think is > > compatible. What are the plans for user authentication within the > > registry? > > > > Many thanks, > > > > Norman > > > > > > On Jan 7, 2008 11:16 AM, Norman Barker <[EMAIL PROTECTED]> wrote: > > > >> Hi, > >> > >> I have written the initial ORMRegistry now using Spring JPA and > >> Hibernate (though it should port to OpenJPA etc.) - to be able to test > >> it out it is probably easiest to use a download of JBoss. How do I > >> get this code into the Registry SVN (or JIRA)? > >> > >> Also I would really like to test this out before submitting it, is > >> there a page describing the complete protocol for the registry and is > >> it possible to test the registry using cURL? > >> > >> Personally I think the code now looks a lot cleaner, and all the > >> database crud (excuse the pun) is taken away. > >> > >> Many thanks, > >> > >> Norman > >> > >> > > > > > _______________________________________________ > > Registry-dev mailing list > > [email protected] > > http://wso2.org/cgi-bin/mailman/listinfo/registry-dev > > > > > > > _______________________________________________ > Registry-dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/registry-dev > _______________________________________________ Registry-dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/registry-dev
