Yes, I can configure the josso login module in a geronimo security realm with no problems. such as following deployment plan: <module xmlns="http://geronimo.apache.org/xml/ns/deployment-1.1";> <environment> <moduleId> <groupId>console</groupId> <artifactId>josso-realm</artifactId> <version>1.0</version> <type>car</type> </moduleId> <dependencies> <dependency> <groupId>geronimo</groupId> <artifactId>j2ee-security</artifactId> <type>car</type> </dependency> <dependency> <groupId>geronimo</groupId> <artifactId>tomcat</artifactId> <type>car</type> </dependency> <dependency> <groupId>josso</groupId> <artifactId>josso-core</artifactId> <version>1.5</version> </dependency> <dependency> <groupId>josso</groupId> <artifactId>josso-plugin</artifactId> <version>1.5</version> </dependency> <dependency> <groupId>tomcat</groupId> <artifactId>catalina</artifactId> <version>5.5.15</version> </dependency> <dependency> <groupId>tomcat</groupId> <artifactId>catalina-optional</artifactId> <version>5.5.15</version> </dependency> <dependency> <groupId>geronimo</groupId> <artifactId>geronimo-tomcat</artifactId> <version>1.1.1</version> </dependency> </dependencies> </environment> <gbean name="josso" class="org.apache.geronimo.security.realm.GenericSecurityRealm"> <attribute name="realmName">josso</attribute> <reference name="ServerInfo"> <name>ServerInfo</name> </reference> <reference name="LoginService"> <name>JaasLoginService</name> </reference> <xml-reference name="LoginModuleConfiguration"> <log:login-config xmlns:log="http://geronimo.apache.org/xml/ns/loginconfig-1.1";> <log:login-module control-flag="REQUIRED" server-side="true" wrap-principals="false"> <log:login-domain-name>josso</log:login-domain-name> <log:login-module-class>org.josso.tc55.agent.jaas.SSOGatewayLoginModule</log:login-module-class> </log:login-module> </log:login-config> </xml-reference> </gbean> </module>
It can be deployed successfully, but I don't think it can works. Also, I am not quite clear how the generic security realm works with the custom login module. I look into the GenericSecurityRealm source code, I didn't see any code related the the authentication (only a getDefaultPrincipal method). Over all, I would like to use the Tomcat Relam so that I can reuse the Tomcat Agent code provided by JOSSO. Here is the JOSSO developer suggestion for implementing the plugin: http://sourceforge.net/forum/message.php?msg_id=2786451 Any suggestions? djencks wrote: > > I looked at the JOSSO documentation really quickly and think that > there won't be an advantage to using the tomcat realm rather than the > default jacc based realm. I think you can configure the josso login > module in a geronimo security realm with no problems. The only > possible tricky parts are installing the JOSSO valve and running the > josso agent. There are instructions available somewhere on how to > install a valve in geronimo-tomcat. I don't understand from the docs > if you are supposed to run a separate agent: if so you will probably > have to write a gbean to start/stop it. > > hope this overly brief comment is of some help... > > david jencks > -- View this message in context: http://www.nabble.com/JOSSO-with-Geronimo-tf4430200s134.html#a12758822 Sent from the Apache Geronimo - Users mailing list archive at Nabble.com.
