THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
Depending on the selected authenticating system, a JAAS login module is selected and configured in a Security Realm. JAAS login modules connect to corresponding user/group repositories and perform authentication and retrieve authorization information. Geronimo provides login modules that connect to different types of user/group repositories. These are PropertiesFileLoginModule, LDAPLoginModule, SQLLoginModule and CertificatePropertiesFileLoginModule.
...
Security realm deployment plan is an XML file that uses http://geronimo.apache.org/xml/ns/deployment-1.2 schema for moduleid, dependency and security realm GBean configurations. The XML file uses [http://geronimo.apache.org/xml/ns/loginconfig-2.0|http://geronimo.apache.org/xml/ns/loginconfig-2.0" schema for login module configuration. All the XML schema files .xsd files are located at <geronimo_home>/schema directory.
...
User/Group Repository | LoginModule |
|---|---|
Property files | |
Database | |
Ldap repository | |
Certificate Repository | |
Any other | User has to supply the custom JAAS module. Admin console can be used to deploy a security |
...
Once a security realm is deployed, it's available for any JEE5 application deployed in Apache Geronimo geronimo to map declared roles to actual users/groups through a Geronimo geronimo deployment plan.
Applications
An enterprise application archive (EARear) can consist of several application modules. The application modules can be several Web Application Archives {(WAR{war)}} , EJB modules (JARjar), application client modules (JARjar) or Resource Archive modules (RARrar). User can either deploy these modules individually or bundle them into a single EAR file and deploy the EAR ear file.
When deployed individually, each application module should accompany a Geronimo geronimo deployment plan to map declared resources names, ejb names, security roles, JMS roles (if any) to actual resources in the server. The Geronimo geronimo deployment plans also contain any Geronimo geronimo specific settings and configurations. When deployed as a single bundle (EARear), user can create a single Geronimo geronimo deployment plan accomplish to perform all the mappings/settings and configurations.
The following table summarizes different JEE5 modules and corresponding Geronimo geronimo deployment plans accompany them.
JEE module | JEE deployment descriptor | Geronimo geronimo deployment plan |
|---|---|---|
Web Application Archive | | |
EJB Application Archive | | |
Resource Adapter Archive | | |
Enterprise Application Archive | | |
Enterprise Application Client Archive | |
Web Application deployment plan (geronimo-web.xml)
In the geronimo-web.xml file, application deployer maps the security roles, ejb names, database resources, JMS resources, etc. declared in web.xml to corresponding entities deployed in the server. In addition to that, if there are any web container specific configurations, such as Tomcat tomcat or Jetty jetty specific, depending on the application needs, all these settings are configured as well here. If the web application depends on any third party libraries or other services running in the server, all these dependencies are declared in the plan. Some web applications require class loading requirements different from the default class loading behavior. The geronimo-web.xml allows application deployer to configure this as well. There are many more configurations that could be done through geronimo-web.xml depending on the needs of web application. The following sections briefly explain how geronimo-web.xml can be used configure the web container and web applications.
The geronimo-web.xml uses XML elements from http://geronimo.apache.org/xml/ns/j2ee/web-2.0.1 namespace and one or more namespaces mentioned in "XML Schemas - {*}Common elements and Configuration" section above in the document. Please go through the section to know what elements does each schema describe.
For example, the following web.xml and geronimo-web.xml are the deployment descriptor and geronimo deployment plan respectively, of a web application that connects to a datasource deployed on DB2 and retrieves data from a table.
Sample web.xml
| Code Block | ||||||||
|---|---|---|---|---|---|---|---|---|
| ||||||||
<?xml version="1.0" encoding="ISO-8859-1"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
version="2.5">
<resource-ref>
<res-ref-name>jdbc/DataSource</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Container</res-auth>
<res-sharing-scope>Shareable</res-sharing-scope>
</resource-ref>
<welcome-file-list>
<welcome-file>jsp/EMPdemo.jsp</welcome-file>
</welcome-file-list>
</web-app>
|
...
| Note |
|---|
With servlet2.5 spec, many of the declarations done through |
Sample geronimo-web.xml xml
| Code Block | ||||||||
|---|---|---|---|---|---|---|---|---|
| ||||||||
<web-app xmlns="http://geronimo.apache.org/xml/ns/j2ee/web-2.0.1"
xmlns:naming="http://geronimo.apache.org/xml/ns/naming-1.2"
xmlns:sec="http://geronimo.apache.org/xml/ns/security-2.0"
xmlns:sys="http://geronimo.apache.org/xml/ns/deployment-1.2">
<sys:environment>
<sys:moduleId>
<sys:groupId>samples</sys:groupId>
<sys:artifactId>EmployeeDemo</sys:artifactId>
<sys:version>2.1</sys:version>
<sys:type>war</sys:type>
</sys:moduleId>
<sys:dependencies>
<sys:dependency>
<sys:groupId> samples</sys:groupId>
<sys:artifactId>EmployeeDatasource</sys:artifactId>
<sys:version>2.1</sys:version>
<sys:type>rar</sys:type>
</sys:dependency>
</sys:dependencies>
</sys:environment>
<context-root>/EmployeeDemo</context-root>
<naming:resource-ref>
<naming:ref-name>jdbc/DataSource</naming:ref-name>
<naming:resource-link>jdbc/EmployeeDatasource</naming:resource-link>
</naming:resource-ref>
</web-app>
|
Please observe the different namespace prefixes and corresponding namespaces used to configure dependencies and resource mapping. Also observe how the Datasource name 'jdbc/DataSource' in the web.xml is mapped to 'jdbc/EmployeeDatasource' in the geronimo-web.xml. The 'jdbc/EmployeeDatasource' is the name of the Datasource (database connection pool) deployed on the server for connecting to back end DB2 database.
The deployment plan starts with <sys:moduleId> to provide a unique module id configuration for the web application. In dependencies section, using <sys:dependency>, a dependency on "samples/EmployeeDatasource/2.1/rar" is configured. This is the module id of Datasource that connects to DB2. The web context root is configured by <context-root>. Since there is no namespace prefix for this tag, it is going to be the default namespace http://geronimo.apache.org/xml/ns/j2ee/web-2.0.1.
All the XML schema files are located at <GERONIMO<geronimo_HOME>home>/schema directory. <GERONIMO_HOME> is the location where Geronimo is installed. Please go through the XSD xsd files to have a feel of XML tags that can be used in geronimo-web.xml for configuring web applications.
...