Hi found https://gist.github.com/rmannibucau/2079015, not sure it is still relevant,
about the real just configure JAASRealm in server.xml and configure JAAS asusual in tomee http://tomee.apache.org/tomee-jaas.html Romain Manni-Bucau Twitter: @rmannibucau Blog: http://rmannibucau.wordpress.com/ LinkedIn: http://fr.linkedin.com/in/rmannibucau Github: https://github.com/rmannibucau 2014-03-11 9:38 GMT+01:00 mauro2java2011 <[email protected]>: > the following link > https://bitbucket.org/VineetReynolds/java-ee-6-galleria > into the source contain a ear applicatio nwith ejb and jsf . > it use security and roles > > It is writed for glassfish . > > How i can use it with tomee ? > i have simple to create groups and user to associate to gorups into > server.xml? > > if you read at : > https://bitbucket.org/VineetReynolds/java-ee-6-galleria/src/b76114fb0477072853ddc459e3e746a5fc70851b/galleria-ejb/glassfish-integrationtest-install/glassfish/domains/domain1/config/domain.xml?at=default > > ------------------------------ > <!-- THE PART OF SECURITY > <security-service activate-default-principal-to-role-mapping="true" > jacc="simple"> > <auth-realm > classname="com.sun.enterprise.security.auth.realm.file.FileRealm" > name="admin-realm"> > <property > value="${com.sun.aas.instanceRoot}/config/admin-keyfile" > name="file"/> > <property value="fileRealm" name="jaas-context"/> > </auth-realm> > <auth-realm > classname="com.sun.enterprise.security.auth.realm.file.FileRealm" > name="file"> > <property value="${com.sun.aas.instanceRoot}/config/keyfile" > name="file"/> > <property value="fileRealm" name="jaas-context"/> > </auth-realm> > <auth-realm > classname="com.sun.enterprise.security.auth.realm.certificate.CertificateRealm" > name="certificate"/> > <auth-realm name="GalleriaRealm" > classname="com.sun.enterprise.security.auth.realm.jdbc.JDBCRealm"> > <property description="null" name="jaas-context" > value="jdbcRealm"></property> > <property name="encoding" value="Hex"></property> > <property description="null" name="password-column" > value="PASSWORD"></property> > <property name="datasource-jndi" > value="jdbc/galleriaDS"></property> > <property name="group-table" value="USERS_GROUPS"></property> > <property name="user-table" value="USERS"></property> > <property description="null" name="group-name-column" > value="GROUPID"></property> > <property name="digest-algorithm" value="SHA-512"></property> > <property description="null" name="user-name-column" > value="USERID"></property> > </auth-realm> > <jacc-provider > policy-configuration-factory-provider="com.sun.enterprise.security.provider.PolicyConfigurationFactoryImpl" > policy-provider="com.sun.enterprise.security.provider.PolicyWrapper" > name="default"> > <property value="${com.sun.aas.instanceRoot}/generated/policy" > name="repository"/> > </jacc-provider> > <jacc-provider > policy-configuration-factory-provider="com.sun.enterprise.security.jacc.provider.SimplePolicyConfigurationFactory" > policy-provider="com.sun.enterprise.security.jacc.provider.SimplePolicyProvider" > name="simple"/> > <audit-module classname="com.sun.enterprise.security.Audit" > name="default"> > <property value="false" name="auditOn"/> > </audit-module> > <message-security-config auth-layer="SOAP"> > <provider-config provider-id="XWS_ClientProvider" > class-name="com.sun.xml.wss.provider.ClientSecurityAuthModule" > provider-type="client"> > <request-policy auth-source="content"/> > <response-policy auth-source="content"/> > <property value="s1as" name="encryption.key.alias"/> > <property value="s1as" name="signature.key.alias"/> > <property value="false" name="dynamic.username.password"/> > <property value="false" name="debug"/> > </provider-config> > <provider-config provider-id="ClientProvider" > class-name="com.sun.xml.wss.provider.ClientSecurityAuthModule" > provider-type="client"> > <request-policy auth-source="content"/> > <response-policy auth-source="content"/> > <property value="s1as" name="encryption.key.alias"/> > <property value="s1as" name="signature.key.alias"/> > <property value="false" name="dynamic.username.password"/> > <property value="false" name="debug"/> > <property > value="${com.sun.aas.instanceRoot}/config/wss-server-config-1.0.xml" > name="security.config"/> > </provider-config> > <provider-config provider-id="XWS_ServerProvider" > class-name="com.sun.xml.wss.provider.ServerSecurityAuthModule" > provider-type="server"> > <request-policy auth-source="content"/> > <response-policy auth-source="content"/> > <property value="s1as" name="encryption.key.alias"/> > <property value="s1as" name="signature.key.alias"/> > <property value="false" name="debug"/> > </provider-config> > <provider-config provider-id="ServerProvider" > class-name="com.sun.xml.wss.provider.ServerSecurityAuthModule" > provider-type="server"> > <request-policy auth-source="content"/> > <response-policy auth-source="content"/> > <property value="s1as" name="encryption.key.alias"/> > <property value="s1as" name="signature.key.alias"/> > <property value="false" name="debug"/> > <property > value="${com.sun.aas.instanceRoot}/config/wss-server-config-1.0.xml" > name="security.config"/> > </provider-config> > </message-security-config> > <property value="SHA-256" name="default-digest-algorithm"/> > </security-service> > > > > ------------------ > if you see at > https://bitbucket.org/VineetReynolds/java-ee-6-galleria/src/b76114fb0477072853ddc459e3e746a5fc70851b/galleria-ejb/src/main/java/info/galleria/service/ejb/AlbumServiceImpl.java?at=default > > you can see that into the declaration for the ejb : > @Stateless > @EJB(name = "java:global/galleria/galleria-ejb/AlbumService", beanInterface > = AlbumService.class) > @RolesAllowed({ "RegisteredUsers" }) > @TransactionAttribute(TransactionAttributeType.REQUIRED) > public class AlbumServiceImpl implements AlbumService > { > > > the methods for the ejb are permit to "RegistredUsers" . > > you can see that it is created a realm NAMED "GalleriaRealm" into glassfish > server > HOW I CAN ADAPT TO TOMEE ??? > > > tank you for your attention > > > > > > > > > > > > -- > View this message in context: > http://openejb.979440.n4.nabble.com/use-the-java-ee-glaaery-into-TOMEE-with-secuirity-tp4668156.html > Sent from the OpenEJB User mailing list archive at Nabble.com.
