So far we have seen how to create security realms in Geronimo that can authenticate users based on credentials stored in a variety of data stores. We will now see how these security realms can be used to secure web, EJB, and EAR applications running in Geronimo.
A web application's security is configured by creating security roles and security constraints in its Java EE specific deployment descriptor web.xml
file. These security roles are mapped to principals in a server-specific deployment plan, geronimo-web.xml
in the case of Geronimo, at application deployment time. The sample application used in this section consists of three JSPs &mdash one with unrestricted access, one accessible by the admin role, and another accessible by the user role. The deployment descriptor web.xml
for this application is shown below:
<?xml version="1.0" encoding="UTF-8"?> <web-app id="MyWebApp" version="2.5" ... > <display-name>MyWebApp...