Thanks a lot.. I am still thinking about the best way to implement my
"generic login", an ejb-module with the CRUD of users/pasword that
also creates the authentication tables.. it should be sha<red by
diverse applications (web & ria)..
The ejb-module works, it creates the usertable/gropuptable.. but: I
couldn't find a way to run a session bean during the ejb-module
deployment, so I am running an external application to creates the
test users... I was thinking in using the realm used by the
administrative console of Glassfish as the entry login/password.. but
I am not sure if it make sense.. and if I can use two distinct realm
in a same application.......
On Sat, Dec 27, 2008 at 6:40 PM, Nithya Subramanian
<Nithya.Subramanian_at_sun.com> wrote:
> The default admin user/pwd is admin/adminadmin while the default admin group
> is asadmin
> (as defined in admin-realm)
>
> So to configure this admin user, you could configure any arbitrary role in
> auth-constraint in web.xml as follows:
>
>
> <auth-constraint>
> <description/>
> <role-name>tester</role-name>
> </auth-constraint>
>
> and map this role to the group - asadmin in sun-web.xml:
>
> <security-role-mapping>
> <role-name>tester</role-name>
> <group-name>asadmin</group-name>
> </security-role-mapping>
>
> Alternatively the role-name could be specified as asadmin, and default
> principal-role mapping option enabled in GF . This would obviate the need to
> have a security-role mapping in sun-web.xml
>
> <auth-constraint>
> <description/>
> <role-name>asadmin</role-name>
> </auth-constraint>
>
> Additionally in both cases, the realm should be specified as admin-realm in
> web.xml
>
> <login-config>
> <auth-method>BASIC</auth-method>
> <realm-name>admin-realm</realm-name>
> </login-config>
>
> HTH,
> Nithya
>
> Felipe Gaúcho wrote:
>>
>> what are the default roles of the administrative console of Glassfish ?
>>
>> may I use it in my own applications ? let's say: I declare a resource
>> as secure, using the container itself to authenticate the access:
>>
>> <security-constraint>
>> <display-name>Only Glassfish admin can
>> access</display-name>
>> <web-resource-collection>
>> <web-resource-name>ALL</web-resource-name>
>> <description />
>> <url-pattern>/*</url-pattern>
>> <http-method>GET</http-method>
>> <http-method>POST</http-method>
>> <http-method>HEAD</http-method>
>> <http-method>PUT</http-method>
>> <http-method>OPTIONS</http-method>
>> <http-method>TRACE</http-method>
>> <http-method>DELETE</http-method>
>> </web-resource-collection>
>> <auth-constraint>
>> <description>Glassfish default admin
>> role</description>
>> <role-name>admin</role-name> <-- what can I use
>> here ??
>> </auth-constraint>
>> </security-constraint>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
>> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>
>