Hello everyone,
The question in short first:
Please point me in the right direction to programmatically create/edit/delete file users and groups.
In more detail:
I have been struggling with implementing security on our GlassFish server and the deployed EJB3 applications.
The server side is easy: I do like the security annotations.
I also have created a module which uses ProgrammaticLogin to login and get the initial context, works fine.
Great so far, but now on to creating users and assign groups to them.
We do not want the user administrator to be a full GlassFish administrator, because that gives the user administrator way too much control over the server.
Basically, I would like the end user to have an option to change their own password from within our application. (As a reusable module, so it can be used in all client projects)
For the user administrator, I would like to programmatically create, change and delete users, reset passwords, and edit the assigned groups.
I am perfectly happy to create the GUI myself.
I tried using asadmin from within a Java program, using Runtime.exec.
That works, but everytime I want to assign a group to a user, I have to specify the current admin and user password in a password file for this to work.
I found another post stating that JMX could be used to work with users and groups, but could not find this in the documentation.
So, what did I miss?
And, is this actually the right way? Or are you all using LDAP or Kerberos?
Many thanks in advance for your assistance.
[Message sent by forum member 'marcelgroeneweg' (marcelgroeneweg)]
http://forums.java.net/jive/thread.jspa?messageID=281596