THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
Code Block | ||||
---|---|---|---|---|
| ||||
Subject subject = getSpringAuthenticatedSubject(); ContextManager.registerSubject(subject); //if the subject is cached in a session this should only happen once when the subject is first authenticated/constructed. //the following should happen on every request ContextManager.setCallers(subject, subject); try { //process request } finally { ContextManager.clearCallers(); } |
Using a pluggable encryption system
By default you get the old behavior with "{Simple}" encryption with a hard-coded key. If you want to have a fixed key generated by Geronimo, you can add this Gbean to the rmi-naming module in config.xml
:
Code Block |
---|
<gbean name="org.apache.geronimo.configs/rmi-naming/2.2-SNAPSHOT/car?name=ConfiguredEncryption,j2eeType=GBean" gbeanInfo="org.apache.geronimo.system.util.ConfiguredEncryption">
<attribute name="path">var/security/ConfiguredSecretKey.ser</attribute>
<reference name="ServerInfo"><pattern><name>ServerInfo</name></pattern></reference>
</gbean>
|
This will create a key the first time the server started, after that it will keep using the saved key at the location specified. If you put a serialized SecretKeySpec there it will use it instead.