cle_clock
Home > wikikonf >  tom/actions/by kikonf > realm







Realm

print

Action : tom.realm   (Category : tom, Name : realm, By : kikonf)
Complete Name : tom.realm.by.kikonf
Version : 4.0        License : Modified BSD License

Purpose of the tom category :
Easy to customize. This category use in background the Kikonf Repoz tools to create and configure Apache Tomcat ® root installs and Catalina bases at any level (server.xml, hosts or defaults).
You can use it to manage the whole Tomcat ® Architecture.

Purpose of this realm plugin : This Action configures a Tomcat Realm.

The following shows the Descriptor File for the Action : tom.realm

Toggle lines
<!-- Copyright (c) 2008, Patrick Germain Placidoux                          -->
<!-- All rights reserved.                                                   -->
<!--                                                                        -->
<!-- This file is part of Kikonf Public Software.                           -->
<!--                                                                        -->
<!-- Kikonf Public Software is released under the modified BSD License,     -->
<!-- which should accompany it or any part of it in the file "COPYING".     -->
<!-- If you do not have this file you can access the license                -->
<!-- through the WWW at http://www.kikonf.org/license/bsd/license.txt.      -->
<!--                                                                        -->
<!-- Home page: http://www.kikonf.org                                       -->
<!-- Contact: kikonf@gmx.com                                                -->
<!-- ====================================================================== -->
<!--                                                                        -->
<!--                                                                        -->
<!--                                                                        -->
<!-- ====================================================================== -->
<!-- UPDATE     |     DATE     |   CODE   |  REASON                         -->
<!-- ====================================================================== -->
<!--            |              |          |                                 -->
<!--                                                                        -->
<!--                                                                        -->
<!-- ====================================================================== -->


<realm

    type = '{\
        *eq:action,\
        *required:True,\
        *display:False\
    }'
    bal = '{*display:False}'
    sub_type = '{\
        *value:configuration,\
        *eq:configuration,\
        *required:True,\
        *deny:True,\
        *display:False\
    }'
    softwares = "{
        '*type':'dict',
        '*dtype':
            {
                'tom':
                {
                    '*ge':'5.5',
                    '*le':'7',
                    '*required':True
                }
            },
        '*deny':True, 
        '*display':False
    }"

    digest='{\
        *checkIn:(SHA,MD2,MD5),\
        *help:%lang/action.tom.en/realm.help,\
        *lhelp:%lang/action.tom.en/realm.lhelp\
    }'
        
    __wk__='{\
        *help:%lang/action.tom.en/realm.help,\
        *lhelp:%lang/action.tom.en/realm.lhelp\
    }'
    
>

    <scope 
        cbase = "{'*value':'$[software_tom_catalina_base]'}"
        service = ''
        engine = ''
        host = ''
        context.global = '{*checkIn:(true,false),*value:false}'
        context = ''
        context.default.global = '{*checkIn:(true,false),*value:false}'
        context.default = '{*checkIn:(true,false),*value:false}'

        __wk__ = '{\
            *eq:1,\
            *help:%lang/action.tom.en/scope.help,\
            *lhelp:%lang/action.tom.en/scope.lhelp,\
        }'
    />

    <!-- udb creates a UserDatabase Realm entry. 
         Sample:
        <udb resourceName='UserDatabase'/>
        Note:The resource named UserDatabase must exist (use the Action udbrsc to create it).
    -->
    <udb
        resourceName = '{\
            *help:%lang/action.tom.en/realm.udb.resourceName.help,\
            *lhelp:%lang/action.tom.en/realm.udb.resourceName.lhelp,\
        }'

        __wk__ = '{\
            *le:1,\
            *help:%lang/action.tom.en/realm.udb.help,\
            *lhelp:%lang/action.tom.en/realm.udb.lhelp\
        }'
    />

    <!-- mem creates a Memory Realm entry. 
         based on store: from $CATALINA_HOME/conf/tomcat-users.xml.
         Sample:
        <mem/>
    -->
    <mem
        __wk__ = '{\
            *le:1,\
            *help:%lang/action.tom.en/realm.mem.help,\
            *lhelp:%lang/action.tom.en/realm.mem.lhelp\
        }'
    />

    <!-- jaas creates a JAAS Realm entry. 
         Sample:
         <jaas
            appName="MyFooRealm"
            userClassNames="org.foobar.realm.FooUser"
            roleClassNames="org.foobar.realm.FooRole"
         />
    -->
    <jaas
        appName = '{\
            *help:%lang/action.tom.en/realm.jaas.appName.help,\
            *lhelp:%lang/action.tom.en/realm.jaas.appName.lhelp,\
        }'
        userClassNames = '{\
            *help:%lang/action.tom.en/realm.jaas.userClassNames.help,\
            *lhelp:%lang/action.tom.en/realm.jaas.userClassNames.lhelp,\
        }'
        roleClassNames = '{\
            *help:%lang/action.tom.en/realm.jaas.roleClassNames.help,\
            *lhelp:%lang/action.tom.en/realm.jaas.roleClassNames.lhelp,\
        }'
        __wk__ = '{\
            *le:1,\
            *help:%lang/action.tom.en/realm.jaas.help,\
            *lhelp:%lang/action.tom.en/realm.jaas.lhelp\
        }'
    />


    <!-- jdbc creates a JDBC Realm entry. 
         Sample:
         <jdbc
            driverName="org.gjt.mm.mysql.Driver"
            connectionURL="jdbc:mysql://localhost/authority?user=dbuser&password=dbpass"
            userTable="users" 
            userNameCol="user_name" 
            userCredCol="user_pass"
            userRoleTable="user_roles" 
            roleNameCol="role_name"
         />
    -->
    <jdbc
        driverName = '{\
            *required:True,\
            *help:%lang/action.tom.en/realm.jdbc.driverName.help,\
            *lhelp:%lang/action.tom.en/realm.jdbc.driverName.lhelp,\
        }'
        connectionURL = '{\
            *required:True,\
            *help:%lang/action.tom.en/realm.jdbc.connectionURL.help,\
            *lhelp:%lang/action.tom.en/realm.jdbc.connectionURL.lhelp,\
        }'
        userTable = '{\
            *value:users,\
            *required:True,\
            *help:%lang/action.tom.en/realm.jdbc.userTable.help,\
            *lhelp:%lang/action.tom.en/realm.jdbc.userTable.lhelp,\
        }'
        userNameCol = '{\
            *value:user_name,\
            *required:True,\
            *help:%lang/action.tom.en/realm.jdbc.userNameCol.help,\
            *lhelp:%lang/action.tom.en/realm.jdbc.userNameCol.lhelp,\
        }'
        userCredCol = '{\
            *value:user_pass,\
            *help:%lang/action.tom.en/realm.jdbc.userCredCol.help,\
            *lhelp:%lang/action.tom.en/realm.jdbc.userCredCol.lhelp,\
        }'
        userRoleTable = '{\
            *value:user_roles,\
            *help:%lang/action.tom.en/realm.jdbc.userRoleTable.help,\
            *lhelp:%lang/action.tom.en/realm.jdbc.userRoleTable.lhelp,\
        }'
        roleNameCol = '{\
            *value:role_name,\
            *help:%lang/action.tom.en/realm.jdbc.roleNameCol.help,\
            *lhelp:%lang/action.tom.en/realm.jdbc.roleNameCol.lhelp,\
        }'
        __wk__ = '{\
            *le:1,\
            *help:%lang/action.tom.en/realm.jdbc.help,\
            *lhelp:%lang/action.tom.en/realm.jdbc.lhelp\
        }'
    />

    <!-- realm creates a DataSource Realm entry. 
         Sample:
         <datasrc
            dataSourceName="jdbc/authority"
            userTable="users" 
            userNameCol="user_name" 
            userCredCol="user_pass"
            userRoleTable="user_roles" 
            roleNameCol="role_name"
         />
    -->
    <datasrc
        dataSourceName = '{\
            *required:True,\
            *help:%lang/action.tom.en/realm.datasrc.dataSourceName.help,\
            *lhelp:%lang/action.tom.en/realm.datasrc.dataSourceName.lhelp,\
        }'
        userTable = '{\
            *value:users,\
            *required:True,\
            *help:%lang/action.tom.en/realm.datasrc.userTable.help,\
            *lhelp:%lang/action.tom.en/realm.datasrc.userTable.lhelp,\
        }'
        userNameCol = '{\
            *value:user_name,\
            *required:True,\
            *help:%lang/action.tom.en/realm.datasrc.userNameCol.help,\
            *lhelp:%lang/action.tom.en/realm.datasrc.userNameCol.lhelp,\
        }'
        userCredCol = '{\
            *value:user_pass,\
            *required:True,\
            *help:%lang/action.tom.en/realm.datasrc.userCredCol.help,\
            *lhelp:%lang/action.tom.en/realm.datasrc.userCredCol.lhelp,\
        }'
        userRoleTable = '{\
            *value:user_roles,\
            *help:%lang/action.tom.en/realm.datasrc.userRoleTable.help,\
            *lhelp:%lang/action.tom.en/realm.datasrc.userRoleTable.lhelp,\
        }'
        roleNameCol = '{\
            *value:role_name,\
            *help:%lang/action.tom.en/realm.datasrc.roleNameCol.help,\
            *lhelp:%lang/action.tom.en/realm.datasrc.roleNameCol.lhelp,\
        }'
        __wk__ = '{\
            *le:1,\
            *help:%lang/action.tom.en/realm.datasrc.help,\
            *lhelp:%lang/action.tom.en/realm.datasrc.lhelp\
        }'
    />

    <!-- ldap creates a JNDI Realm entry. 
         Sample:
         <ldap
            connectionName="cn=Manager,dc=mycompany,dc=com"
            connectionPassword="secret"
            connectionURL="ldap://localhost:389"
            userPassword="userPassword"
            userPattern="uid={0},ou=people,dc=mycompany,dc=com"
            roleBase="ou=groups,dc=mycompany,dc=com"
            roleName="cn"
            roleSearch="(uniqueMember={0})"
         />
    -->
    <ldap
        connectionName = '{\
            *required:True,\
            *help:%lang/action.tom.en/realm.ldap.connectionName.help,\
            *lhelp:%lang/action.tom.en/realm.ldap.connectionName.lhelp,\
        }'
        connectionPassword = '{\
            *required:True,\
            *help:%lang/action.tom.en/realm.ldap.connectionPassword.help,\
            *lhelp:%lang/action.tom.en/realm.ldap.connectionPassword.lhelp,\
        }'
        connectionURL = '{\
            *required:True,\
            *help:%lang/action.tom.en/realm.ldap.connectionURL.help,\
            *lhelp:%lang/action.tom.en/realm.ldap.connectionURL.lhelp,\
        }'
        userPassword = '{\
            *required:True,\
        }'
        userPattern = '{\
            *required:True,\
            *help:%lang/action.tom.en/realm.ldap.userPattern.help,\
            *lhelp:%lang/action.tom.en/realm.ldap.userPattern.lhelp,\
        }'
        roleBase = '{\
            *help:%lang/action.tom.en/realm.ldap.roleBase.help,\
            *lhelp:%lang/action.tom.en/realm.ldap.roleBase.lhelp,\
        '
        roleName = '{\
            *help:%lang/action.tom.en/realm.ldap.roleName.help,\
            *lhelp:%lang/action.tom.en/realm.ldap.roleName.lhelp,\
        }'
        roleSearch = '{\
            *help:%lang/action.tom.en/realm.ldap.roleSearch.help,\
            *lhelp:%lang/action.tom.en/realm.ldap.roleSearch.lhelp,\
        }'
        __wk__ = '{\
            *le:1,\
            *help:%lang/action.tom.en/realm.ldap.help,\
            *lhelp:%lang/action.tom.en/realm.ldap.lhelp\
        }'
    />

</realm>
							
(Source: <KIKONF_INSTALLATION_DIR>/plugins/actions/tom/realm/by/kikonf/ACT_INF/action.xml)


A descriptor file is a WYSISWYG xsd like schema, wich describes what are the supported Tags, Attributes and Attributes values for one Action.
The special Attributes : type, sub_type, bal, softwares, __wk__ are reserved by Kikonf.

The table below summarizes the informations provided by the tom.realm Descriptor File :

/realm>   This Action configures a Tomcat Realm.
Name Default Type Required Denied Help
digest   (SHA, MD2, MD5)     This Action configures a Tomcat Realm.

/realm/scope>   A scope refers to configuration Level within the Tomcat scheme.
Required:True
Name Default Type Required Denied Help
cbase $[software_tom_catalina_base]        
service   str      
engine   str      
host   str      
context.global false (true, false)      
context   str      
context.default.global false (true, false)      
context.default false (true, false)      

/realm/udb>   Configure a UserDatabase Realm
Name Default Type Required Denied Help
resourceName         The tomcat Resource Name

/realm/mem>   Configure a Memory Realm

/realm/jaas>   Configure a JAAS Realm
Name Default Type Required Denied Help
appName         The Realm expected by the Application. e.g.: MyFooRealm
userClassNames         The Applicative class to manage user Authentification. e.g.: org.foobar.realm.FooUser
roleClassNames         The Applicative class to manage role association. e.g.: org.foobar.realm.FooRole

/realm/jdbc>   Configure a JDBC Realm
Name Default Type Required Denied Help
driverName     True   The JDBC driver class.
connectionURL     True   The Database connection Url.
userTable users   True   The table that store the users and passwords.
userNameCol user_name   True   The column defined into the table for user name.
userCredCol user_pass       The column defined into the table for user passwords.
userRoleTable user_roles       The table that store the roles.
roleNameCol role_name       The column defined into the table for role names.

/realm/datasrc>   Configure a DataSource Realm
Name Default Type Required Denied Help
dataSourceName     True   The Kikonf datasrc Name
userTable users   True   The table that store the users and passwords.
userNameCol user_name   True   The column defined into the table for user name.
userCredCol user_pass   True   The column defined into the table for user passwords.
userRoleTable user_roles       The table that store the roles.
roleNameCol role_name       The column defined into the table for role names.

/realm/ldap>   Configure an LDAP Realm
Name Default Type Required Denied Help
connectionName     True   The connection user.
connectionPassword     True   The connection password.
connectionURL     True   The connectionUrl to the LDAP server.
userPassword     True    
userPattern     True   From which part of the DN to retreive the user name.
roleBase {*help:%lang/action.tom.en/realm.ldap.roleBase.help,*lhelp:%lang/action.tom.en/realm.ldap.roleBase.lhelp, str      
roleName         The attribute in a Role entry containing the role name.
roleSearch         The LDAP search filter for Role entries selection.



Trademarks :
  • "Apache", "Apache Tomcat" and "Tomcat" are trademarks of the Apache Software Foundation.
  • "Java" and "JVM" are a registred trademarks of Oracle and/or its affiliates.
  • Other names may be trademarks of their respective owners.

Copyright © 2011 - Patrick Placidoux, Hélène Malamoud