[Registry-dev] Authentication and Authorization implementation
Jonathan Marsh
jonathan at wso2.com
Fri Sep 28 12:55:52 PDT 2007
These instructions are too sketchy for me to get working. After a lot of
fiddling and help from Prasad I still only got halfway, as described below.
Where have I gone wrong?
Jonathan Marsh - http://www.wso2.com - http://auburnmarshes.spaces.live.com
> -----Original Message-----
> From: registry-dev-bounces at wso2.org [mailto:registry-dev-
> bounces at wso2.org] On Behalf Of Chathura C. Ekanayake
> Sent: Friday, September 28, 2007 1:02 AM
> To: registry-dev at wso2.org
> Subject: [Registry-dev] Authentication and Authorization implementation
>
>
> Hi,
>
> I have done the first stage of the authentication and authorization
> implementation based on the User Manager.
> As a result now you won't be able to even browse the registry without
> signing in :) as anonymous user doesn't have GET permissions for any
> collection by default.
>
> This is how to configure and start to work with the registry.
>
> 1) Configure the following parameters in the web.xml file of the
> wso2registry webapp:
>
> <init-param>
> <param-name>sqlFilePath</param-name>
>
> <param-value>/home/user/usermanager/resources/user.default.sql</param-
> value>
Presumably this value gets set to the location of the user.default.sql.
E.g. on Windows "C:\user.default.sql".
> </init-param>
> <init-param>
> <param-name>dbURL</param-name>
>
> <param-value>jdbc:derby:/home/user/usermanager/umdb</param-value>
> </init-param>
Presumably the value "jdbc:derby:umdb" would be fine too.
> <init-param>
> <param-name>driver</param-name>
> <param-value>org.apache.derby.jdbc.EmbeddedDriver</param-
> value>
> </init-param>
>
> user.default.sql file is shipped with the User Manager. I have attached
> it to this mail. You have to create a database using the attached
> create_db.sql file, which is also bundled with the User Manager. We can
> omit this configuration once the User Manager starts to support Data
> Sources.
This is by
1) downloading and unzipping Derby (10.3) from
http://db.apache.org/derby/derby_downloads.html
2) add DERBY_HOME environment variable with the path of the unzipped derby
directory
3) add %DERBY_HOME%/bin (Windows) to the PATH variable
4) execute /bin/ij
5) type "CONNECT 'jdbc:derby:umdb;create=true';
6) copy create_db.sql to the derby/bin directory
7) type "run 'create_db.sql'"
8) type "show tables;" to verify tables were correctly created.
Do we need to execute "startNetworkService" as well? Tried it with no
effect.
> 2) Configure a datasource named jdbc/WSO2RegistryDB in the servlet
> container. If this is not done, Registry will use the HSQL in-memory
> database.
Not sure what you mean, but I added this to the Tomcat/conf/server.xml
without avail:
<Resource name="jdbc/WSO2RegistryDB"
type="javax.sql.DataSource" auth="Container"
description="Derby database for UserManager"
maxActive="100" maxIdle="30" maxWait="10000"
username="" password=""
driverClassName="org.apache.derby.jdbc.EmbeddedDriver"
url="jdbc:derby:umdb" />
> 3) Go to the edit UI. Sign in with the user name: admin and
> password:admin. Now you have all the permissions and can perform any
> action.
Did a mvn clean install of the registry and moved the war to Tomcat. The
trivial first page works, but in the edit view the Registry gives an
exception "Could not connect to the database."
> 4) Add some users and give them required permissions. Then sign in as
> the newly created users and try to perform authorized and unauthorized
> operations.
> You will be given an authorization failure message when you try to
> perform unauthorized operations.
>
> Comments...
Help!
> Thanks,
> Chathura
More information about the Registry-dev
mailing list