Hi Norman,
We are using WSO2 User Manager
(http://wso2.org/projects/commons/user-manager) library for user
authentication and authorization in the Registry.
It provides an API (org.wso2.usermanager.Realm) to manage users and
permissions. So it is possible to switch the Registry persistence
implementation to ORM and still use the user manager API to handle users
and permissions. You can create an instance of the ORMRegistry and
construct a SecureRegistry instance by passing the ORMRegistry instance
to the constructor. Then the SecureRegistry will handle all
authentication and authorization work and delegate valid requests to the
ORMRegistry.
Take a look at the "public void init(ServletConfig config)" method
org.wso2.registry.servlet.RegistryServlet class for Registry
instantiation steps.
org.wso2.registry.secure.SecureRegistry is the secure registry
implementation which wraps around persistence registry impl to provide
authentication and authorization.
I will be able to comment more on this if you can attach your code as a
patch file in Registry JIRA (https://wso2.org/jira/browse/REGISTRY).
Thanks,
Chathura
Norman Barker wrote:
Hi,
I don't normally follow up to my own thread but I immediately ran into
a problem with the UserManager. I think I have worked round this now
by keeping JDBC for user authentication but there seems to be a
dependency on JDBC for the user manager access. I tried to use acegi
for spring and the authenticator class but it requires an authorizer
and in particular methods such as getAllRoles which I don't think is
compatible. What are the plans for user authentication within the
registry?
Many thanks,
Norman
On Jan 7, 2008 11:16 AM, Norman Barker <[EMAIL PROTECTED]> wrote:
Hi,
I have written the initial ORMRegistry now using Spring JPA and
Hibernate (though it should port to OpenJPA etc.) - to be able to test
it out it is probably easiest to use a download of JBoss. How do I
get this code into the Registry SVN (or JIRA)?
Also I would really like to test this out before submitting it, is
there a page describing the complete protocol for the registry and is
it possible to test the registry using cURL?
Personally I think the code now looks a lot cleaner, and all the
database crud (excuse the pun) is taken away.
Many thanks,
Norman
_______________________________________________
Registry-dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/registry-dev
_______________________________________________
Registry-dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/registry-dev
