...
Code Block | ||||||||
---|---|---|---|---|---|---|---|---|
| ||||||||
<module xmlns="http://geronimo.apache.org/xml/ns/deployment-1.2"> <environment> <moduleId> <groupId>console.realm</groupId> <artifactId>cert-prop-file-realm</artifactId> <version>1.0</version> <type>car</type> </moduleId> <dependencies> <dependency> <groupId>org.apache.geronimo.framework</groupId> <artifactId>j2ee-security</artifactId> <type>car</type> </dependency> </dependencies> </environment> <gbean name="cert-prop-file-realm" class="org.apache.geronimo.security.realm.GenericSecurityRealm" xsi:type="dep:gbeanType" xmlns:dep= "http://geronimo.apache.org/xml/ns/deployment-1.2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <attribute name="realmName">CertificatePropsRealm</attribute> <reference name="ServerInfo"> <name>ServerInfo</name> </reference> <xml-reference name="LoginModuleConfiguration"> <log:login-config xmlns:log="http://geronimo.apache.org/xml/ns/loginconfig-2.0"> <log:login-module control-flag="REQUIRED" wrap-principals="false"> <log:login-domain-name>CertificatePropsRealm</log:login-domain-name> <log:login-module-class>org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule</log:login-module-class> <log:option name="usersURI">var/security/user_sample.properties</log:option> <log:option name="groupsURI">var/security/group_sample.properties</log:option> </log:login-module> </log:login-config> </xml-reference> </gbean> </module> |
where
<moduleId> .. </moduleId>
: is the tag that defines the module ID of the security realm. This attribute is included as a dependency in the deployment plan of any application that uses this security realm to authenticate clients.<attribute name="realmName">CertificatePropsRealm</attribute>
:CertificatePropsRealm
is the name of the security realm.
Configure the deployment descriptor and deployment plan of your web application to use the Certificate Properties File Realm for client authentication. For example, applications which use the CertificatePropsRealm
security realm must configure their deployment descriptor as follows:
...
<security-realm-name>CertificatePropsRealm</security-realm-name>
:CertificatePropsRealm
is the Certificate Properties File Realm used for client authentication.<sys:dependency> .. </sys:dependency>
:elements in this tag identify the module ID of the Certificate Properties File Realm used for authentication.
You can install a client certificate into the web browser to authenticate against web servers. For the sample application described above which use the CertificatePropsRealm
security realm, install the My_Private_key
certificate into your web browser to verify your identity, in this case client1, during authentication. The installation process is provided in the Install certificate on client section below.