Versions Compared

Old Version 3

changes.mady.by.user Runhua Chi

Saved on

compared with

New Version 4

changes.mady.by.user Runhua Chi

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The <security-realm-name> element is used to specify the name of the security realm that will be used for user authentication for the web application. It is used in conjunction with the <security-constraint> element in the corresponding web.xml deployment plan for this web application. This element will not cause the creation of a new security realm in Geronimo, it references a security realm that has already been created and configured. See Administering Security for details on how this is typically accomplished from the Geronimo Admin Console.

<sec:security>

<authenticaiton>

The <authenticaiton> element is used to specify the configuration for a specific JASPI AuthConfProvider, ServerAuthConfig, ServerAuthContext, or ServerAuthModule to be used for authentication rather than a standard authentication method configured in web.xml.

<jaspi:AuthConfProvider>, <jaspi:ServerAuthConfig>, <jaspi;ServerAuthContext》, and <jaspi:ServerAuthModule> XML elements use the Geronimo JASPI namespace, and is documented here:

Code Block
xml
xml
borderStylesolid
title<authentication> Example

<web-app xmlns="http://geronimo.apache.org/xml/ns/j2ee/web-2.0.1"
         xmlns:sys="http://geronimo.apache.org/xml/ns/deployment-1.2">

    <sys:environment>
        <sys:moduleId>
            <sys:groupId>default</sys:groupId>
            <sys:artifactId>geronimo-web-6</sys:artifactId>
            <sys:version>1.0</sys:version>
            <sys:type>car</sys:type>
        </sys:moduleId>
    </sys:environment> 

    <authentication>
      <jaspi xmlns="http://geronimo.apache.org/xml/ns/geronimo-jaspi">
	<configProvider>
		<messageLayer>Http</messageLayer>
		<appContext>test-app1</appContext>
		<description>description</description>
		<clientAuthConfig>
			<authenticationContextID>authenticationContextID1
			</authenticationContextID>
			<protected>true</protected>
			<clientAuthContext>
				<clientAuthModule>
					<className>org.apache.geronimo.components.jaspi.providers.DummyClientAuthModule</className>
				</clientAuthModule>
			</clientAuthContext>
		</clientAuthConfig>
		<serverAuthConfig>
			<authenticationContextID>authenticationContextID2
			</authenticationContextID>
			<protected>true</protected>
			<serverAuthContext>
				<serverAuthModule>
					<className>org.apache.geronimo.components.jaspi.providers.DummyServerAuthModule</className>
				</serverAuthModule>
			</serverAuthContext>
		</serverAuthConfig>
		<persistent>true</persistent>
	</configProvider>
       </jaspi>
    </authentication>

</web-app>

<app:security>

The <appThe <sec:security> XML element uses the Geronimo Security namespace, and is documented here:

The <sec<app:security> element groups the security role mapping settings for the web application. This is an optional element, but if it is present all the web modules must make the appropriate access checks as outlined in the JACC specification. This element includes the <role-mapping> section that references the role(s) defined in the <security-role> element in the web.xml file. An example web.xml and corresponding geronimo-web.xml file is shown below with the "admin" role name defined in the web.xml is referenced in the geronimo-web.xml:

...