Versions Compared

Old Version 13

changes.mady.by.user Unknown User (hcunico@gmail.com)

Saved on

compared with

New Version 14

changes.mady.by.user Unknown User (hcunico@gmail.com)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Once deployed you should see a confirmation message similar to this onethe following example:

No Format
bgColor#000000
borderStylesolid
E:\geronimo\bin>java -jar deployer.jar --user system --password manager deploy e:/ldap-jetty/ldap-realm.xml
    Deployed org/apache/geronimo/ldap-secure

Deployment plans

The deployment plans are located in the <ldap_home>/WEB-INF directory. Clearly, geronimo-web.xml is the Geronimo specific deployment plan. It provides the details on what security realm to use and user role mappings as well as the Geronimo specific namespace used to identify the elements in the security configuration. Common to other types of applications, not just security, the deployment plan also provides the main namespace for the deployment plan, a module identification (optional), a parent module configuration ID (also optional) and a context root. The following example illustrates the deployment plan.

Code Block
xml
xml
borderStylesolid
titlegeronimo-web.xml

<?xml version="1.0" encoding="UTF-8"?>
<web-app
    xmlns="http://geronimo.apache.org/xml/ns/web"
    xmlns:sec="http://geronimo.apache.org/xml/ns/security"
    configId="org/apache/geronimo/ldap-secure-demo"
    parentId="org/apache/geronimo/ldap-secure">
    <context-root>/ldap-demo</context-root>
    <context-priority-classloader>false</context-priority-classloader>
    <security-realm-name>ldap-realm</security-realm-name>
    <security>
        <default-principal realm-name="ldap-realm">
            <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="system"/>
        </default-principal>
        <role-mappings>
            <role role-name="content-administrator">
                <realm realm-name="ldap-realm">
                    <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="admin" designated-run-as="true"/>
                    <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="system"/>
                </realm>
            </role>
            <role role-name="guest">
                <realm realm-name="ldap-realm">
                    <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="guest" designated-run-as="true"/>
                    <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="user1"/>
                    <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="user2"/>
                </realm>
            </role>
        </role-mappings>
    </security>
</web-app>

Package the sample application

Deploy the application

Configure Geronimo LDAP using Tomcat
Anchor
tomcat
tomcat