Nope, I just removed all of the custom J2 security valve stuff and stuck mine in palce of it. Here is an example of my current pipeline config.
-Scott > -----Original Message----- > From: Frank Villarreal [mailto:[EMAIL PROTECTED] > Sent: Thursday, April 21, 2005 4:37 PM > To: Jetspeed Users List > Subject: RE: J2 Security Customization > > Scott, > > ... man this is excellent. I've been struggling with swapping out J2's > security for days upon days. Being that the docs on security are somewhat > sparse didn't help. I didn't want to even attempt to implement JAAS. > Taking a look at you attached code cleared a few things up. If I reverse > engineer your example for my custom needs and reconfigure the files in > "WEB-INF/assembly" to use this class as the default security valve ... > other > than breaking PAM application ... is there anything else that has to be > "reimplemented" to get a custom authentication & authorization valve > functional in J2? > > - Frank > > > > > -----Original Message----- > > From: Scott T Weaver [mailto:[EMAIL PROTECTED] > > Sent: Thursday, April 21, 2005 03:13 PM > > To: 'Jetspeed Users List' > > Subject: RE: J2 Security Customization > > > > > > Yes, writing a security valve is very simple since J2 uses standard > > javax.security.Subject for authorization. I have attached the code I > use > > that builds a Subject from our home grown SSO application. > > > > Hth, > > Scott > > > > > -----Original Message----- > > > From: Randy Watler [mailto:[EMAIL PROTECTED] > > > Sent: Thursday, April 21, 2005 4:00 PM > > > To: Jetspeed Users List > > > Subject: Re: J2 Security Customization > > > > > > Santiago, > > > > > > There are multiple solutions to this common requirement. The easiest > is > > > probably to implement your own SecurityValve. Just make sure you use > the > > > existing o/a/j/security.impl.SecurityValveImpl.java as a template. > Then > > > there is JAAS... > > > > > > Scott can probably comment in more detail. > > > > > > Randy > > > > > > Santiago Urrizola wrote: > > > > > > >Hi, i wan t to change a part of the security model of J2, to adapt > they > > > on mi organization model. > > > >Basically i need to change the part where J2, > > > >1 - retrive users from de DataBase. (my own tables, not the default > > > tables of the j2), and obiously where save new/modified users > > > >2 - autenticate the passwords of login users > > > >3 - retrive all groups and roles, and users in a group role. > > > > > > > >I see the sources for a while, and see a lot of places where i > > can change > > > this, but i dont know where is the correct place (class or classes) to > > > change it. I see UserManager, and think its posible to create a new > > > UserManager, but this class dont have full control of the users, i > know > > > tht i need to change the implementor of some interfaces in the *.xml > in > > > the assembly director. > > > >But can some one tell me how classes i must modify (or create new > > > implementor for this interaces) ??? > > > >Thank you very very very very much > > > > > > > >Santiago > > > > > > > > > > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED]
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd";> <!-- Copyright 2004 The Apache Software Foundation Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. --> <beans> <bean id="webkeyValve" class="com.ugs.it.jetspeed.valves.WebKeySecurityValve" init-method="initialize" > <constructor-arg> <ref bean="portal_configuration" /> </constructor-arg> </bean> <bean id="ugs-webkey-pipeline" class="org.apache.jetspeed.pipeline.JetspeedPipeline" init-method="initialize" > <constructor-arg> <value>UGSWebkeyPipeline</value> </constructor-arg> <constructor-arg> <list> <ref bean="webkeyValve"/> <ref bean="localizationValve"/> <ref bean="capabilityValve"/> <ref bean="portalURLValve"/> <ref bean="profilerValve"/> <ref bean="containerValve"/> <ref bean="actionValve"/> <ref bean="aggregatorValve"/> <ref bean="cleanUpValve"/> </list> </constructor-arg> </bean> </beans>
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
