...
Para usar un artefacto en una aplicación, agrega un elemento de dependencia en su plan de activación (deployment plan). Por ejemplo, para usar Castor XML, agrega el siguiente código XML al plan:
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
<dependency>
<uri>castor/jars/castor-0.9.5.3.jar</uri>
</dependency>
|
...
El siguiente ejemplo ilustra el plan de activación (deployment plan) generado por este portlet.
| Code Block | ||||||||
|---|---|---|---|---|---|---|---|---|
| ||||||||
<configuration configId="SecurityRealm-geronimo-properties-realm" xmlns="http://geronimo.apache.org/xml/ns/deployment-1.0">
<gbean name="geronimo-properties-realm" class="org.apache.geronimo.security.realm.GenericSecurityRealm">
<attribute name="realmName">geronimo-properties-realm</attribute>
<reference name="ServerInfo">
<gbean-name>geronimo.server:J2EEApplication=null,J2EEModule=geronimo/j2ee-system/1.0/car,J2EEServer=geronimo,j2eeType=GBean,name=ServerInfo</gbean-name>
</reference>
<reference name="LoginService">
<gbean-name>geronimo.server:J2EEApplication=null,J2EEModule=geronimo/j2ee-security/1.0/car,J2EEServer=geronimo,j2eeType=JaasLoginService,name=JaasLoginService</gbean-name>
</reference>
<xml-reference name="LoginModuleConfiguration">
<log:login-config xmlns:log="http://geronimo.apache.org/xml/ns/loginconfig-1.0">
<log:login-module control-flag="REQUIRED" server-side="true" wrap-principals="false">
<log:login-domain-name>geronimo-properties-realm</log:login-domain-name>
<log:login-module-class>org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule</log:login-module-class>
<log:option name="usersURI">var/security/users.properties</log:option>
<log:option name="groupsURI">var/security/groups.properties</log:option>
</log:login-module>
</log:login-config>
</xml-reference>
</gbean>
</configuration> |
...
<geronimo_home>\bin\deploy --user system --password manager deploy <realm_path>\reino_de_seguridad_derby.xml
| Code Block | ||||||||
|---|---|---|---|---|---|---|---|---|
| ||||||||
<configuration configId="SecurityRealm-reino_de_seguridad_derby" xmlns="http://geronimo.apache.org/xml/ns/deployment-1.0">
<import>
<uri>user/database-pool-BaseDeDatosDeSeguridad/1/car</uri>
</import>
<gbean name="reino_de_seguridad_derby" class="org.apache.geronimo.security.realm.GenericSecurityRealm">
<attribute name="realmName">reino_de_seguridad_derby</attribute>
<reference name="ServerInfo">
<gbean-name>geronimo.server:J2EEApplication=null,J2EEModule=geronimo/j2ee-system/1.0/car,J2EEServer=geronimo,j2eeType=GBean,name=ServerInfo</gbean-name>
</reference>
<reference name="LoginService">
<gbean-name>geronimo.server:J2EEApplication=null,J2EEModule=geronimo/j2ee-security/1.0/car,J2EEServer=geronimo,j2eeType=JaasLoginService,name=JaasLoginService</gbean-name>
</reference>
<xml-reference name="LoginModuleConfiguration">
<log:login-config xmlns:log="http://geronimo.apache.org/xml/ns/loginconfig-1.0">
<log:login-module control-flag="REQUIRED" server-side="true" wrap-principals="false">
<log:login-domain-name>reino_de_seguridad_derby</log:login-domain-name>
<log:login-module-class>org.apache.geronimo.security.realm.providers.SQLLoginModule</log:login-module-class>
<log:option name="userSelect">select nombreusuario, password from APP.usuarios where nombreusuario=?</log:option>
<log:option name="dataSourceApplication">null</log:option>
<log:option name="groupSelect">select nombreusuario, nombregrupo from APP.grupos where nombreusuario=?</log:option>
<log:option name="dataSourceName">BaseDeDatosDeSeguridad</log:option>
</log:login-module>
<log:login-module control-flag="OPTIONAL" server-side="true" wrap-principals="false">
<log:login-domain-name>reino_de_seguridad_derby-Audit</log:login-domain-name>
<log:login-module-class>org.apache.geronimo.security.realm.providers.FileAuditLoginModule</log:login-module-class>
<log:option name="file">var/log/reinoSeguridadDerby.log</log:option>
</log:login-module>
<log:login-module control-flag="REQUISITE" server-side="true" wrap-principals="false">
<log:login-domain-name>reino_de_seguridad_derby-Lockout</log:login-domain-name>
<log:login-module-class>org.apache.geronimo.security.realm.providers.RepeatedFailureLockoutLoginModule</log:login-module-class>
<log:option name="lockoutDurationSecs">60</log:option>
<log:option name="failurePeriodSecs">10</log:option>
<log:option name="failureCount">3</log:option>
</log:login-module>
</log:login-config>
</xml-reference>
</gbean>
</configuration> |
...
Nota que sólo cambiamos del plan original, el nombre del reino, de ldap-realm a reino_de_seguridad_derby.
| Code Block | ||||||||
|---|---|---|---|---|---|---|---|---|
| ||||||||
<?xml version="1.0" encoding="UTF-8"?>
<web-app
xmlns="http://geronimo.apache.org/xml/ns/web"
xmlns:sec="http://geronimo.apache.org/xml/ns/security"
configId="org/apache/geronimo/ldap-secure-demo">
<context-root>/ldap-demo</context-root>
<context-priority-classloader>false</context-priority-classloader>
<!-- <security-realm-name>ldap-realm</security-realm-name> -->
<security-realm-name>reino_de_seguridad_derby</security-realm-name>
<security>
<default-principal realm-name="derby_security_realm">
<principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="system"/>
</default-principal>
<role-mappings>
<role role-name="content-administrator">
<realm realm-name="derby_security_realm">
<principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="admin" designated-run-as="true"/>
<principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="system"/>
</realm>
</role>
<role role-name="guest">
<realm realm-name="derby_security_realm">
<principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="guest" designated-run-as="true"/>
<principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="user1"/>
<principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="user2"/>
</realm>
</role>
</role-mappings>
</security>
</web-app> |
...