[Registry-dev] Authentication and Authorization implementation

Keith Chapman keith at wso2.com
Fri Sep 28 20:48:53 PDT 2007 

Sanjiva Weerawarana wrote:
> Chathura/others: We need to get Jonathan's machine off the ground ASAP 
> so that he and Prasad can effectively collaborate on getting a decent 
> UI in place by next week.
>
> I think its best if someone were to remote desktop over to his box and 
> help get all the Java stuff sorted out. Can someone please help urgently?
>
> Please send mail to Jonathan privately and figure out the details. If 
> <whoever> and Jonathan can sync up over the weekend that's best but if 
> not please do it as early as possible on Monday so that at least by 
> end of the US day on Monday Prasad and Jonathan are fully in sync and 
> have a plan for what will be completed by Wed.
>
> Thanks very much .. I know I'm being quite unreasonable but the 
> potential customer we are meeting on Thu is a significant opportunity 
> and we're about to make our first impression to them on the registry - 
> first impressions, as you know, are critical and we definitely want 
> love at first sight! ;-)
If its that critical I'm sure the mashup guys (Including me) can offer 
some help with regard to this. I'll try and get it going on my local 
machine too so that I can offer some help.

Thanks,
Keith.
>
> Bye,
>
> Sanjiva.
>
> Jonathan Marsh wrote:
>> These instructions are too sketchy for me to get working.  After a 
>> lot of
>> fiddling and help from Prasad I still only got halfway, as described 
>> below.
>> Where have I gone wrong?
>>
>> Jonathan Marsh - http://www.wso2.com - 
>> http://auburnmarshes.spaces.live.com
>>  
>>
>>> -----Original Message-----
>>> From: registry-dev-bounces at wso2.org [mailto:registry-dev-
>>> bounces at wso2.org] On Behalf Of Chathura C. Ekanayake
>>> Sent: Friday, September 28, 2007 1:02 AM
>>> To: registry-dev at wso2.org
>>> Subject: [Registry-dev] Authentication and Authorization implementation
>>>
>>>
>>> Hi,
>>>
>>> I have done the first stage of the authentication and authorization
>>> implementation based on the User Manager.
>>> As a result now you won't be able to even browse the registry without
>>> signing in :) as anonymous user doesn't have GET permissions for any
>>> collection by default.
>>>
>>> This is how to configure and start to work with the registry.
>>>
>>> 1) Configure the following parameters in the web.xml file of the
>>> wso2registry webapp:
>>>
>>>         <init-param>
>>>             <param-name>sqlFilePath</param-name>
>>>
>>> <param-value>/home/user/usermanager/resources/user.default.sql</param-
>>> value>
>>
>> Presumably this value gets set to the location of the user.default.sql.
>> E.g. on Windows "C:\user.default.sql".
>>
>>>         </init-param>
>>>         <init-param>
>>>             <param-name>dbURL</param-name>
>>>
>>> <param-value>jdbc:derby:/home/user/usermanager/umdb</param-value>
>>>         </init-param>
>>
>> Presumably the value "jdbc:derby:umdb" would be fine too.
>>
>>>         <init-param>
>>>             <param-name>driver</param-name>
>>>             <param-value>org.apache.derby.jdbc.EmbeddedDriver</param-
>>> value>
>>>         </init-param>
>>>
>>> user.default.sql file is shipped with the User Manager. I have attached
>>> it to this mail. You have to create a database using the attached
>>> create_db.sql file, which is also bundled with the User Manager. We can
>>> omit this configuration once the User Manager starts to support Data
>>> Sources.
>>
>> This is by 1) downloading and unzipping Derby (10.3) from
>> http://db.apache.org/derby/derby_downloads.html
>> 2) add DERBY_HOME environment variable with the path of the unzipped 
>> derby
>> directory
>> 3) add %DERBY_HOME%/bin (Windows) to the PATH variable
>> 4) execute /bin/ij
>> 5) type "CONNECT 'jdbc:derby:umdb;create=true';
>> 6) copy create_db.sql to the derby/bin directory
>> 7) type "run 'create_db.sql'"
>> 8) type "show tables;" to verify tables were correctly created.
>>
>> Do we need to execute "startNetworkService" as well?  Tried it with no
>> effect.
>>
>>> 2) Configure a datasource named jdbc/WSO2RegistryDB in the servlet
>>> container. If this is not done, Registry will use the HSQL in-memory
>>> database.
>>
>> Not sure what you mean, but I added this to the Tomcat/conf/server.xml
>> without avail:
>>
>> <Resource name="jdbc/WSO2RegistryDB"               
>> type="javax.sql.DataSource"  auth="Container"
>>               description="Derby database for UserManager"
>>               maxActive="100" maxIdle="30" maxWait="10000"
>>               username="" password=""               
>> driverClassName="org.apache.derby.jdbc.EmbeddedDriver"
>>               url="jdbc:derby:umdb" />
>>
>>> 3) Go to the edit UI. Sign in with the user name: admin and
>>> password:admin. Now you have all the permissions and can perform any
>>> action.
>>
>> Did a mvn clean install of the registry and moved the war to Tomcat.  
>> The
>> trivial first page works, but in the edit view the Registry gives an
>> exception "Could not connect to the database."
>>
>>> 4) Add some users and give them required permissions. Then sign in as
>>> the newly created users and try to perform authorized and unauthorized
>>> operations.
>>> You will be given an authorization failure message when you try to
>>> perform unauthorized operations.
>>>
>>> Comments...
>>
>> Help!
>>
>>> Thanks,
>>> Chathura
>>
>>
>> _______________________________________________
>> Registry-dev mailing list
>> Registry-dev at wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/registry-dev
>>
>

More information about the Registry-dev mailing list