On Feb 19, 2009, at 11:27 AM, Michael2 wrote:
Hi David:
Good suggestions. Thanks.
I also want confirm that the SQL database security realm is used to
authenticate application users (not the admin console users) using the
username and password stored in the Derby or other databases (SQL
Server,
DB2, etc..), Is that right?
When you deploy a security realm you specify a name for it. These
form a single flat global namespace.
When you deploy a web app you specify the security realm you want to
use with the security-ream-name element in your geronimo plan.
The admin console is deployed specifying the security realm name
"geronimo-admin". We supply a security realm of that name. So, if
you want to use your realm for the admin console, you need to name
your realm "geronimo-admin" and make sure it is running instead of the
one we supply.
For your app to use your security realm you just need to make sure the
names match -- the security realm doesn't need to be "geronimo-admin"
unless you want to use your realm for the admin console.
Hope this clarifies things :-)
david jencks
Thanks again.
Michael
djencks wrote:
On Feb 19, 2009, at 5:31 AM, Michael2 wrote:
Hello Ying:
Thank you for the information.
I am not clear what you said about the SQL database security realm:
"the SQL
database security realm is used to authenticate username and
password from
the built-in Derby database". Could you explain more?
If we cannot use the realm to authenticate Admin Console users, can
we use
it the authenticate application users?
While what Ying said is correct, I don't think it answered your
question. IIUC what you want to do is covered by the instructions
here:
http://cwiki.apache.org/GMOxDOC22/basic-hints-on-security-configuration.html
Note that the admin console is set up to use a security realm named
"geronimo-admin" so you have to set up your SQL security realm with
that name and disable the realm of that name supplied with geronimo
(which will happen when you include the artifact aliases as
recommended in the article).
hope this helps
david jencks
Thanks.
Michael
Sophia Tang wrote:
Hi Michael,
As far as I can tell, the SQL database security realm is used to
authenticate username and password from the built-in Derby
database, not
for
Geronimo admin console.
For changing the username and password for the Administration
Console,
you
can use the *Users and Groups* portlet in the console.
Please see this page for more details:
http://cwiki.apache.org/GMOxDOC22/changing-the-username-and-password.html
Hope this helps.
Best Regards,
Ying Tang
2009/2/19 Michael2 <[email protected]>
I created a new SQL Security Realm, tested and deployed to
Geronimo 2.1.3
server, but when I reboot the server and try to use the new user
name and
password defined in the new SQL Security Realm to log into the
admin
console, it does not work. I have to use the default user name and
password
to get in.
My question is: can I use the SQL Security Realm for the Admin
Console
user
authentication?
Thanks for your help.
Michael.
--
View this message in context:
http://www.nabble.com/Admin-Console-Access-and-Security-Realm-tp22093927s134p22093927.html
Sent from the Apache Geronimo - Users mailing list archive at
Nabble.com.
--
View this message in context:
http://www.nabble.com/Admin-Console-Access-and-Security-Realm-tp22093927s134p22100434.html
Sent from the Apache Geronimo - Users mailing list archive at
Nabble.com.
--
View this message in context:
http://www.nabble.com/Admin-Console-Access-and-Security-Realm-tp22093927s134p22107931.html
Sent from the Apache Geronimo - Users mailing list archive at
Nabble.com.
