THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
- In the Console Navigation menu on the left click on Database Manager.
- Enter SecurityDatabase in the Create DB: field and click Create.
- Select the SecurityDatabase database from the Use DB: pull-down menu, enter the following SQL command and click Run SQL.
CREATE TABLE USERS
(username VARCHAR(15),
password VARCHAR(15));
CREATE TABLE GROUPS
(username VARCHAR(15),
groupname VARCHAR(15));
- Select the SecurityDatabase database from the Use DB: pull-down menu, enter the following SQL command and click Run SQL.
INSERT INTO USERS VALUES('USERONE','P1');
INSERT INTO USERS VALUES('USERTWO','P2');
INSERT INTO USERS VALUES('USERTHREE','P3');
INSERT INTO GROUPS VALUES('USERONE','admin');
INSERT INTO GROUPS VALUES('USERTWO','admin');
INSERT INTO GROUPS VALUES('USERTHREE','user');
Create connection pool
- In the Console Navigation menu on the left click on Database Pools.
- Click on Using the Geronimo database pool wizard.
- Enter SecurityDatabase as the database pool name. Select Derby embedded from the database pool type pull-down menu and click Next.
- Verify the JDBC driver class is org.apache.derby.jdbc.EmbeddedDriver.
- From the Driver Jar pull-down menu select org.apache.derby/derby/10.1.1.0/jar.
- Enter UserOne and p1 as the connection user name and password.
- Enter SecurityDatabase as the database name and click Next.
- Click Test Connection.
- Click Deploy.
...
Security realm for using with database authentication.
Code Block | ||||||
---|---|---|---|---|---|---|
| ||||||
<configuration configId="SecurityRealm-new-geronimo-realm" xmlns="http://geronimo.apache.org/xml/ns/deployment-1.0"> |
...
<import> <uri>user/database-pool-SecurityDatabase/1/car</uri> |
...
</import> |
...
<gbean name="new-geronimo-realm" class="org.apache.geronimo.security.realm.GenericSecurityRealm"> |
...
<attribute name="realmName">new-geronimo-realm</attribute> |
...
<reference name="ServerInfo"> |
...
<gbean-name>geronimo.server:J2EEApplication=null,J2EEModule=geronimo/j2ee-system/1.0/car,J2EEServer=geronimo,j2eeType=GBean,name=ServerInfo</gbean-name> |
...
</reference> |
...
<reference name="LoginService"> |
...
<gbean-name>geronimo.server:J2EEApplication=null,J2EEModule=geronimo/j2ee-security/1.0/car,J2EEServer=geronimo,j2eeType=JaasLoginService,name=JaasLoginService</gbean-name> |
...
</reference> |
...
<xml-reference name="LoginModuleConfiguration"> |
...
<log:login-config xmlns:log="http://geronimo.apache.org/xml/ns/loginconfig-1.0"> |
...
<log:login-module control-flag="REQUIRED" server-side="true" wrap-principals="false"> |
...
<log:login-domain-name>new-geronimo-realm</log:login-domain-name> |
...
<log:login-module-class>org.apache.geronimo.security.realm.providers.SQLLoginModule</log:login-module-class> |
...
<log:option name="userSelect">select username, password from users where username=?</log:option> |
...
<log:option name="dataSourceApplication">null</log:option> |
...
<log:option name="groupSelect">select username, groupname from groups where username=?</log:option> |
...
<log:option name="dataSourceName">SecurityDatabase</log:option> |
...
</log:login-module> |
...
</log:login-config> |
...
</xml-reference> |
...
</gbean> |
...
</configuration> |
Administering certificates
...