Date: 2004-02-17T06:01:56
Editor: VadimGritsenko <[EMAIL PROTECTED]>
Wiki: Xindice Wiki
Page: BasicAuthentication
URL: http://wiki.apache.org/xindice/BasicAuthentication
no comment
New Page:
##language:en
#pragma section-numbers off
= Securing Xindice XML-RPC Server With Basic Authentication =
Xindice XML-RPC server, and Xindice XML-RPC driver both support HTTP Basic
Authentication (starting with 1.1b4 development version). To implement basic
authentication of your server, you have to do the following:
* Configure users and roles in the servlet engine
* Configure Xindice XML-RPC Server
* Configure Xindice XML-RPC Driver (Client side)
== Configure users and roles in the servlet engine ==
Xindice XML-RPC server is deployed as web application on top of the servlet
engine, so first servlet engine should be configured to support authentication.
This configuration is servlet engine dependent, and for Jetty consists from the
following steps:
1. Add / edit / verify users and roles in realm.properties file (see
tools/jetty/conf/realm.properties)
{{{
# This is a HashUserRealm defining users passwords and roles.
# The format is
# <username>: <password>[,<rolename> ...]
#
# Passwords may be clear text, obfuscated or checksummed. The class
# org.mortbay.util.Password should be used to generate obfuscated
# passwords or password checksums
xindice: manager, xindice
}}}
This creates user xindice with role xindice and password manager.
2. Edit / verify main.xml file (see tools/jetty/conf/main.xml)
{{{
<!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
<!-- Add and configure "xindice" user realm -->
<!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
<Call name="addRealm">
<Arg>
<New class="org.mortbay.http.HashUserRealm">
<Arg>xindice</Arg>
<Arg><SystemProperty name="xindice.home"
default="."/>/tools/jetty/conf/realm.properties</Arg>
<Set name="Name">xindice</Set>
</New>
</Arg>
</Call>
}}}
== Configure Xindice XML-RPC Server ==
This consists of editing web.xml file (see config/web.xml) and specifying role
name for the Xindice server web application:
{{{
<!--
- Security constraint on the Xindice WebApp allows to protect
- Xindice XML-RPC server with Basic HTTP Authentication.
-
- In addition to this configuration, servlet engine should have
- "xindice" realm configuration. For Jetty config, see tools/jetty/main.xml
-
-->
<security-constraint>
<web-resource-collection>
<web-resource-name>Xindice Server</web-resource-name>
<url-pattern>/</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>xindice</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>xindice</realm-name>
</login-config>
<security-role>
<role-name>xindice</role-name>
</security-role>
}}}
== Configure Xindice XML-RPC Driver (Client side) ==
Xindice XML-RPC driver should be configured to know the username and password
it should use to access the server. This can be done with system properties:
{{{
-Dxindice.xmlrpc.user=xindice
-Dxindice.xmlrpc.password=manager
}}}
Or programmatically:
{{{
driver.setProperty(DatabaseImpl.PROP_XMLRPC_USER, "xindice");
driver.setProperty(DatabaseImpl.PROP_XMLRPC_PASSWORD, "manager");
}}}
