[Registry-dev] Re: [mashup-dev] Refactoring of registry
constructors
Chathura C. Ekanayake
chathura at wso2.com
Mon Dec 17 03:05:03 PST 2007
Hi Keith,
I understand that it is not a good practice to limit the use of Realm
interface. So I replaces the constructor parameters to use Realm
interface instead.
Idea of introducing a RegistryRealm is to limit some actions to maintain
registry user store in desired state.
If you are using a different realm, you have take care of limiting such
actions on the user store.
Thanks for pointing this out.
Chathura
Keith Chapman wrote:
> Hi Chathura,
>
> This restricts the user to use the DefaultRealm. We are planning on
> using a custom Realm (WSASRealm) which will be using the user databases
> in WSAS. Now how are we suppose to reap these benifits if the registry
> limits us to using the Default realm?
>
> Thanks,
> Keith.
>
> Chathura C. Ekanayake wrote:
>
>> Hi,
>>
>> I refactored the registry constructors, so now the instantiation is much
>> simpler. I also added a RegistryRealm class, which extends the user
>> manager's DefaultRealm. It restricts some actions based on the
>> parameters, so that the registry user store doesn't get inconsistent.
>> For example, it blocks the deletion of predefined users like system,
>> admin, anonymous and performs default actions like adding each user to
>> the "EVERYONE" role upon creation. It also simplifies the initiation of
>> realms.
>>
>> Below are the steps for creating registry instances for various scenarios.
>>
>> 1) In memory registry without security
>>
>> Registry registry = new InMemoryJDBCRegistry();
>>
>> 2) In memory registry with security
>>
>> RegistryRealm registryRealm = new InMemoryRegistryRealm();
>> Registry registry = new InMemoryJDBCRegistry(registryRealm);
>> SecureRegistry secureRegistry = new SecureRegistry("user",
>> "password", registry, registryRealm);
>>
>> 3) Secure registry using a data source
>>
>> RegistryRealm registryRealm = new RegistryRealm(datasource);
>> Registry registry = new JDBCRegistry(datasource, registryRealm);
>> SecureRegistry secureRegistry = new SecureRegistry("user",
>> "password", registry, registryRealm);
>>
>> 4) Secure registry using a database connection URL (In this case, the
>> RegistryDataSource creates a Apache DBCP data source and handles
>> connection pooling)
>>
>> RegistryDataSource datasource = new RegistryDataSource(dbURL,
>> driverName, userName, password);
>> RegistryRealm registryRealm = new RegistryRealm(datasource);
>> Registry registry = new JDBCRegistry(datasource, registryRealm);
>> SecureRegistry secureRegistry = new SecureRegistry("user",
>> "password", registry, registryRealm);
>>
>> Note that we have to give the realm to the JDBC registry as well, as
>> media type handlers may use it to set authorizations on automatically
>> imported resources.
>>
>> Thanks,
>> Chathura
>>
>>
>> _______________________________________________
>> Mashup-dev mailing list
>> Mashup-dev at wso2.org
>> http://www.wso2.org/cgi-bin/mailman/listinfo/mashup-dev
>>
>>
>
>
> _______________________________________________
> Registry-dev mailing list
> Registry-dev at wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/registry-dev
>
>
More information about the Registry-dev
mailing list