Kumar,
Thank you for the information.
I am currently using JDBCRealm, and I find it is a satisfactory solution
to my needs.
However, what I was looking for was a way to include my own realm in the
EAR, but then I started understanding the JAAS philosophy and this is
something you do not want to do, as JavaEE consider the authentication
as something "external" to the application.
I am still fighting with JAAS (for example, if you don't have sufficient
privileges to call a bean what you get is a NASTY nested exception), but
I am quickly progressing.
Piero
V B Kumar Jayanti wrote:
> Piero Filippin wrote:
>
>> Hi,
>> I have an enterprise application managing "its own security", I have
>> a "user" entity containing usernames, passwords and access level, and
>> I have a bean that let you login.
>>
>> I have understood that this is not really the best way to go, (as
>> implementing the security myself is cumbersome and inflexible, and
>> forces me to use stateful beans), so I started learning JAAS.
>>
>> Now, with JAAS, it seems that I can use any *external* source as a
>> users repository (provided I implement my realm and loginmodule of
>> course).
>>
>> My application is already able to manage users: the "users" table is
>> part of the application itself, and provided you logged in my
>> application with sufficient privileges you will be able to add new
>> users: what is the right way to do it in JAAS?
>>
>> I mean, can an enterprise application provide its own realm or must
>> this realm be completely separated (ie on a different jar to be put
>> in /lib and loaded only on GF startup)?
>>
> The classes have to be put in domain-dir/lib/classes. The following
> article might help you :
>
> http://developers.sun.com/appserver/reference/techart/as8_authentication/index.html
>
>
>> If it cannot be done, what is the right way for an external realm to
>> rely on the same "user" entity used by my Enterprise application?
>>
> By "user" entity, do you mean a table in some external datastore ?.
> See if any of the following will help :
>
> 1. use JDBC Realm :
> http://blogs.sun.com/swchan/entry/jdbcrealm_in_glassfish
>
> Else you can also write a Custom Realm that can acess the "user" entity.
>
> Thanks.
>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
>> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>
>