THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
The plan configures a security realm hudson-realm as well as /hudson as a context for hudson.war.
| Code Block | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| |||||||||
<?xml version="1.0" encoding="UTF-8"?> <module xmlns="http://geronimo.apache.org/xml/ns/deployment-1.2"> <environment> <moduleId> <groupId>console.realm</groupId> <artifactId>hudson-realm</artifactId> <version>1.0</version> <type>car</type> </moduleId> <dependencies> <dependency> <groupId>org.apache.geronimo.framework</groupId> <artifactId>j2ee-security</artifactId> <type>car</type> </dependency> </dependencies> </environment> <gbean name="hudson-realm" class="org.apache.geronimo.security.realm.GenericSecurityRealm" xsi:type="dep:gbeanType" xmlns:dep="http://geronimo.apache.org/xml/ns/deployment-1.2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <attribute name="realmName">hudson-realm</attribute> <attribute name="global">false</attribute> <reference name="ServerInfo"> <name>ServerInfo</name> </reference> <xml-reference name="LoginModuleConfiguration"> <log:login-config xmlns:log="http://geronimo.apache.org/xml/ns/loginconfig-2.0"> <log:login-module control-flag="REQUIRED" wrap-principals="false"> <log:login-domain-name>hudson-realm</log:login-domain-name> <log:login-module-class>org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule </log:login-module-class> <log:option name="usersURI">var/security/users.properties </log:option> <log:option name="groupsURI">var/security/groups.properties </log:option> </log:login-module> </log:login-config> </xml-reference> </gbean> </module> |
It appears that Hudson uses a customized version of Apache JEXL made specifically for itself, so filtering the package from the web classloader is required. Note that <hidden-classes/> tag is not supported in Geronimo 3.0 any more, you can use <import-package>!org.apache.commons.lang.*</import-package> to keep org.apache.common.lang.* package in Geronimo server repository from loading into the classloader.
| Code Block | ||||||||
|---|---|---|---|---|---|---|---|---|
| ||||||||
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://geronimo.apache.org/xml/ns/j2ee/web-2.0">
<environment xmlns="http://geronimo.apache.org/xml/ns/deployment-1.2">
<moduleId>
<groupId>hudson</groupId>
<artifactId>hudson</artifactId>
<version>2.0.0</version>
<type>war</type>
</moduleId>
<dependencies>
<dependency>
<groupId>org.apache.geronimo.framework</groupId>
<artifactId>j2ee-security</artifactId>
<type>car</type>
</dependency>
<dependency>
<groupId>console.realm</groupId>
<artifactId>hudson-realm</artifactId>
<version>1.0</version>
<type>car</type>
</dependency>
</dependencies>
<import-package>!org.apache.commons.*</import-package>
<import-package>!com.thoughtworks.*</import-package>
<import-package>!org.dom4j.*</import-package>
<!--
<hidden-classes>
<filter>org.apache.commons.lang.</filter>
<filter>org.apache.commons.jexl.</filter>
<filter>com.thoughtworks.xstream.</filter>
</hidden-classes>
-->
</environment>
<context-root>/hudson</context-root>
<security-realm-name>hudson-realm</security-realm-name>
<security>
<default-principal realm-name="hudson-realm">
<principal name="anonymous" class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" />
</default-principal>
<role-mappings>
<role role-name="admin">
<realm realm-name="hudson-realm">
<principal name="AdminGroup" class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" />
</realm>
<principal name="system" class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" />
</role>
</role-mappings>
</security>
</web-app>
|
...